SimpleMachines / SMF2.1

Sources/QueryString.php

Braces +187 added lines, -132 removed lines

@@ -14,8 +14,9 @@ 
  * @version 2.1 Beta 4
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  * Clean the request variables - add html entities to GET and slashes if magic_quotes_gpc is Off.
@@ -44,22 +45,26 @@ 
 	unset($GLOBALS['HTTP_POST_FILES'], $GLOBALS['HTTP_POST_FILES']);
 
 	// These keys shouldn't be set...ever.
-	if (isset($_REQUEST['GLOBALS']) || isset($_COOKIE['GLOBALS']))
-		die('Invalid request variable.');
+	if (isset($_REQUEST['GLOBALS']) || isset($_COOKIE['GLOBALS'])) {
+			die('Invalid request variable.');
+	}
 
 	// Same goes for numeric keys.
-	foreach (array_merge(array_keys($_POST), array_keys($_GET), array_keys($_FILES)) as $key)
-		if (is_numeric($key))
+	foreach (array_merge(array_keys($_POST), array_keys($_GET), array_keys($_FILES)) as $key) {
+			if (is_numeric($key))
 			die('Numeric request keys are invalid.');
+	}
 
 	// Numeric keys in cookies are less of a problem. Just unset those.
-	foreach ($_COOKIE as $key => $value)
-		if (is_numeric($key))
+	foreach ($_COOKIE as $key => $value) {
+			if (is_numeric($key))
 			unset($_COOKIE[$key]);
+	}
 
 	// Get the correct query string.  It may be in an environment variable...
-	if (!isset($_SERVER['QUERY_STRING']))
-		$_SERVER['QUERY_STRING'] = getenv('QUERY_STRING');
+	if (!isset($_SERVER['QUERY_STRING'])) {
+			$_SERVER['QUERY_STRING'] = getenv('QUERY_STRING');
+	}
 
 	// It seems that sticking a URL after the query string is mighty common, well, it's evil - don't.
 	if (strpos($_SERVER['QUERY_STRING'], 'http') === 0)
@@ -83,13 +88,14 @@ 
 		parse_str(preg_replace('/&(\w+)(?=&|$)/', '&$1=', strtr($_SERVER['QUERY_STRING'], array(';?' => '&', ';' => '&', '%00' => '', "\0" => ''))), $_GET);
 
 		// Magic quotes still applies with parse_str - so clean it up.
-		if (function_exists('get_magic_quotes_gpc') && @get_magic_quotes_gpc() != 0 && empty($modSettings['integrate_magic_quotes']))
-			$_GET = $removeMagicQuoteFunction($_GET);
-	}
-	elseif (strpos(ini_get('arg_separator.input'), ';') !== false)
+		if (function_exists('get_magic_quotes_gpc') && @get_magic_quotes_gpc() != 0 && empty($modSettings['integrate_magic_quotes'])) {
+					$_GET = $removeMagicQuoteFunction($_GET);
+		}
+	} elseif (strpos(ini_get('arg_separator.input'), ';') !== false)
 	{
-		if (function_exists('get_magic_quotes_gpc') && @get_magic_quotes_gpc() != 0 && empty($modSettings['integrate_magic_quotes']))
-			$_GET = $removeMagicQuoteFunction($_GET);
+		if (function_exists('get_magic_quotes_gpc') && @get_magic_quotes_gpc() != 0 && empty($modSettings['integrate_magic_quotes'])) {
+					$_GET = $removeMagicQuoteFunction($_GET);
+		}
 
 		// Search engines will send action=profile%3Bu=1, which confuses PHP.
 		foreach ($_GET as $k => $v)
@@ -102,8 +108,9 @@ 
 				for ($i = 1, $n = count($temp); $i < $n; $i++)
 				{
 					@list ($key, $val) = @explode('=', $temp[$i], 2);
-					if (!isset($_GET[$key]))
-						$_GET[$key] = $val;
+					if (!isset($_GET[$key])) {
+											$_GET[$key] = $val;
+					}
 				}
 			}
 
@@ -120,18 +127,20 @@ 
 	if (!empty($_SERVER['REQUEST_URI']))
 	{
 		// Remove the .html, assuming there is one.
-		if (substr($_SERVER['REQUEST_URI'], strrpos($_SERVER['REQUEST_URI'], '.'), 4) == '.htm')
-			$request = substr($_SERVER['REQUEST_URI'], 0, strrpos($_SERVER['REQUEST_URI'], '.'));
-		else
-			$request = $_SERVER['REQUEST_URI'];
+		if (substr($_SERVER['REQUEST_URI'], strrpos($_SERVER['REQUEST_URI'], '.'), 4) == '.htm') {
+					$request = substr($_SERVER['REQUEST_URI'], 0, strrpos($_SERVER['REQUEST_URI'], '.'));
+		} else {
+					$request = $_SERVER['REQUEST_URI'];
+		}
 
 		// @todo smflib.
 		// Replace 'index.php/a,b,c/d/e,f' with 'a=b,c&d=&e=f' and parse it into $_GET.
 		if (strpos($request, basename($scripturl) . '/') !== false)
 		{
 			parse_str(substr(preg_replace('/&(\w+)(?=&|$)/', '&$1=', strtr(preg_replace('~/([^,/]+),~', '/$1=', substr($request, strpos($request, basename($scripturl)) + strlen(basename($scripturl)))), '/', '&')), 1), $temp);
-			if (function_exists('get_magic_quotes_gpc') && @get_magic_quotes_gpc() != 0 && empty($modSettings['integrate_magic_quotes']))
-				$temp = $removeMagicQuoteFunction($temp);
+			if (function_exists('get_magic_quotes_gpc') && @get_magic_quotes_gpc() != 0 && empty($modSettings['integrate_magic_quotes'])) {
+							$temp = $removeMagicQuoteFunction($temp);
+			}
 			$_GET += $temp;
 		}
 	}
@@ -142,9 +151,10 @@ 
 		$_ENV = $removeMagicQuoteFunction($_ENV);
 		$_POST = $removeMagicQuoteFunction($_POST);
 		$_COOKIE = $removeMagicQuoteFunction($_COOKIE);
-		foreach ($_FILES as $k => $dummy)
-			if (isset($_FILES[$k]['name']))
+		foreach ($_FILES as $k => $dummy) {
+					if (isset($_FILES[$k]['name']))
 				$_FILES[$k]['name'] = $removeMagicQuoteFunction($_FILES[$k]['name']);
+		}
 	}
 
 	// Add entities to GET.  This is kinda like the slashes on everything else.
@@ -160,11 +170,13 @@ 
 		$_REQUEST['board'] = (string) $_REQUEST['board'];
 
 		// If there's a slash in it, we've got a start value! (old, compatible links.)
-		if (strpos($_REQUEST['board'], '/') !== false)
-			list ($_REQUEST['board'], $_REQUEST['start']) = explode('/', $_REQUEST['board']);
+		if (strpos($_REQUEST['board'], '/') !== false) {
+					list ($_REQUEST['board'], $_REQUEST['start']) = explode('/', $_REQUEST['board']);
+		}
 		// Same idea, but dots.  This is the currently used format - ?board=1.0...
-		elseif (strpos($_REQUEST['board'], '.') !== false)
-			list ($_REQUEST['board'], $_REQUEST['start']) = explode('.', $_REQUEST['board']);
+		elseif (strpos($_REQUEST['board'], '.') !== false) {
+					list ($_REQUEST['board'], $_REQUEST['start']) = explode('.', $_REQUEST['board']);
+		}
 		// Now make absolutely sure it's a number.
 		$board = (int) $_REQUEST['board'];
 		$_REQUEST['start'] = isset($_REQUEST['start']) ? (int) $_REQUEST['start'] : 0;
@@ -173,12 +185,14 @@ 
 		$_GET['board'] = $board;
 	}
 	// Well, $board is going to be a number no matter what.
-	else
-		$board = 0;
+	else {
+			$board = 0;
+	}
 
 	// If there's a threadid, it's probably an old YaBB SE link.  Flow with it.
-	if (isset($_REQUEST['threadid']) && !isset($_REQUEST['topic']))
-		$_REQUEST['topic'] = $_REQUEST['threadid'];
+	if (isset($_REQUEST['threadid']) && !isset($_REQUEST['topic'])) {
+			$_REQUEST['topic'] = $_REQUEST['threadid'];
+	}
 
 	// We've got topic!
 	if (isset($_REQUEST['topic']))
@@ -187,11 +201,13 @@ 
 		$_REQUEST['topic'] = (string) $_REQUEST['topic'];
 
 		// Slash means old, beta style, formatting.  That's okay though, the link should still work.
-		if (strpos($_REQUEST['topic'], '/') !== false)
-			list ($_REQUEST['topic'], $_REQUEST['start']) = explode('/', $_REQUEST['topic']);
+		if (strpos($_REQUEST['topic'], '/') !== false) {
+					list ($_REQUEST['topic'], $_REQUEST['start']) = explode('/', $_REQUEST['topic']);
+		}
 		// Dots are useful and fun ;).  This is ?topic=1.15.
-		elseif (strpos($_REQUEST['topic'], '.') !== false)
-			list ($_REQUEST['topic'], $_REQUEST['start']) = explode('.', $_REQUEST['topic']);
+		elseif (strpos($_REQUEST['topic'], '.') !== false) {
+					list ($_REQUEST['topic'], $_REQUEST['start']) = explode('.', $_REQUEST['topic']);
+		}
 
 		// Topic should always be an integer
 		$topic = $_GET['topic'] = $_REQUEST['topic'] = (int) $_REQUEST['topic'];
@@ -220,21 +236,25 @@ 
 			$_REQUEST['start'] = $timestamp === 0 ? 0 : 'from' . $timestamp;
 		}
 		// ... or something invalid, in which case we reset it to 0.
-		else
-			$_REQUEST['start'] = 0;
+		else {
+					$_REQUEST['start'] = 0;
+		}
+	} else {
+			$topic = 0;
 	}
-	else
-		$topic = 0;
 
 	// There should be a $_REQUEST['start'], some at least.  If you need to default to other than 0, use $_GET['start'].
-	if (empty($_REQUEST['start']) || $_REQUEST['start'] < 0 || (int) $_REQUEST['start'] > 2147473647)
-		$_REQUEST['start'] = 0;
+	if (empty($_REQUEST['start']) || $_REQUEST['start'] < 0 || (int) $_REQUEST['start'] > 2147473647) {
+			$_REQUEST['start'] = 0;
+	}
 
 	// The action needs to be a string and not an array or anything else
-	if (isset($_REQUEST['action']))
-		$_REQUEST['action'] = (string) $_REQUEST['action'];
-	if (isset($_GET['action']))
-		$_GET['action'] = (string) $_GET['action'];
+	if (isset($_REQUEST['action'])) {
+			$_REQUEST['action'] = (string) $_REQUEST['action'];
+	}
+	if (isset($_GET['action'])) {
+			$_GET['action'] = (string) $_GET['action'];
+	}
 
 	// Some mail providers like to encode semicolons in activation URLs...
 	if (!empty($_REQUEST['action']) && substr($_SERVER['QUERY_STRING'], 0, 18) == 'action=activate%3b')
@@ -260,29 +280,33 @@ 
 	$_SERVER['BAN_CHECK_IP'] = $_SERVER['REMOTE_ADDR'];
 
 	// If we haven't specified how to handle Reverse Proxy IP headers, lets do what we always used to do.
-	if (!isset($modSettings['proxy_ip_header']))
-		$modSettings['proxy_ip_header'] = 'autodetect';
+	if (!isset($modSettings['proxy_ip_header'])) {
+			$modSettings['proxy_ip_header'] = 'autodetect';
+	}
 
 	// Which headers are we going to check for Reverse Proxy IP headers?
-	if ($modSettings['proxy_ip_header'] == 'disabled')
-		$reverseIPheaders = array();
-	elseif ($modSettings['proxy_ip_header'] == 'autodetect')
-		$reverseIPheaders = array('HTTP_X_FORWARDED_FOR', 'HTTP_CLIENT_IP');
-	else
-		$reverseIPheaders = array($modSettings['proxy_ip_header']);
+	if ($modSettings['proxy_ip_header'] == 'disabled') {
+			$reverseIPheaders = array();
+	} elseif ($modSettings['proxy_ip_header'] == 'autodetect') {
+			$reverseIPheaders = array('HTTP_X_FORWARDED_FOR', 'HTTP_CLIENT_IP');
+	} else {
+			$reverseIPheaders = array($modSettings['proxy_ip_header']);
+	}
 
 	// Find the user's IP address. (but don't let it give you 'unknown'!)
 	foreach ($reverseIPheaders as $proxyIPheader)
 	{
 		// Ignore if this is not set.
-		if (!isset($_SERVER[$proxyIPheader]))
-			continue;
+		if (!isset($_SERVER[$proxyIPheader])) {
+					continue;
+		}
 
 		if (!empty($modSettings['proxy_ip_servers']))
 		{
-			foreach (explode(',', $modSettings['proxy_ip_servers']) as $proxy)
-				if ($proxy == $_SERVER['REMOTE_ADDR'] || matchIPtoCIDR($_SERVER['REMOTE_ADDR'], $proxy))
+			foreach (explode(',', $modSettings['proxy_ip_servers']) as $proxy) {
+							if ($proxy == $_SERVER['REMOTE_ADDR'] || matchIPtoCIDR($_SERVER['REMOTE_ADDR'], $proxy))
 					continue;
+			}
 		}
 
 		// If there are commas, get the last one.. probably.
@@ -302,8 +326,9 @@ 
 
 						// Just incase we have a legacy IPv4 address.
 						// @ TODO: Convert to IPv6.
-						if (preg_match('~^((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5])$~', $_SERVER[$proxyIPheader]) === 0)
-							continue;
+						if (preg_match('~^((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5])$~', $_SERVER[$proxyIPheader]) === 0) {
+													continue;
+						}
 					}
 
 					continue;
@@ -315,36 +340,40 @@ 
 			}
 		}
 		// Otherwise just use the only one.
-		elseif (preg_match('~^((0|10|172\.(1[6-9]|2[0-9]|3[01])|192\.168|255|127)\.|unknown|::1|fe80::|fc00::)~', $_SERVER[$proxyIPheader]) == 0 || preg_match('~^((0|10|172\.(1[6-9]|2[0-9]|3[01])|192\.168|255|127)\.|unknown|::1|fe80::|fc00::)~', $_SERVER['REMOTE_ADDR']) != 0)
-			$_SERVER['BAN_CHECK_IP'] = $_SERVER[$proxyIPheader];
-		elseif (!isValidIPv6($_SERVER[$proxyIPheader]) || preg_match('~::ffff:\d+\.\d+\.\d+\.\d+~', $_SERVER[$proxyIPheader]) !== 0)
+		elseif (preg_match('~^((0|10|172\.(1[6-9]|2[0-9]|3[01])|192\.168|255|127)\.|unknown|::1|fe80::|fc00::)~', $_SERVER[$proxyIPheader]) == 0 || preg_match('~^((0|10|172\.(1[6-9]|2[0-9]|3[01])|192\.168|255|127)\.|unknown|::1|fe80::|fc00::)~', $_SERVER['REMOTE_ADDR']) != 0) {
+					$_SERVER['BAN_CHECK_IP'] = $_SERVER[$proxyIPheader];
+		} elseif (!isValidIPv6($_SERVER[$proxyIPheader]) || preg_match('~::ffff:\d+\.\d+\.\d+\.\d+~', $_SERVER[$proxyIPheader]) !== 0)
 		{
 			$_SERVER[$proxyIPheader] = preg_replace('~^::ffff:(\d+\.\d+\.\d+\.\d+)~', '\1', $_SERVER[$proxyIPheader]);
 
 			// Just incase we have a legacy IPv4 address.
 			// @ TODO: Convert to IPv6.
-			if (preg_match('~^((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5])$~', $_SERVER[$proxyIPheader]) === 0)
-				continue;
+			if (preg_match('~^((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5])$~', $_SERVER[$proxyIPheader]) === 0) {
+							continue;
+			}
 		}
 	}
 
 	// Make sure we know the URL of the current request.
-	if (empty($_SERVER['REQUEST_URI']))
-		$_SERVER['REQUEST_URL'] = $scripturl . (!empty($_SERVER['QUERY_STRING']) ? '?' . $_SERVER['QUERY_STRING'] : '');
-	elseif (preg_match('~^([^/]+//[^/]+)~', $scripturl, $match) == 1)
-		$_SERVER['REQUEST_URL'] = $match[1] . $_SERVER['REQUEST_URI'];
-	else
-		$_SERVER['REQUEST_URL'] = $_SERVER['REQUEST_URI'];
+	if (empty($_SERVER['REQUEST_URI'])) {
+			$_SERVER['REQUEST_URL'] = $scripturl . (!empty($_SERVER['QUERY_STRING']) ? '?' . $_SERVER['QUERY_STRING'] : '');
+	} elseif (preg_match('~^([^/]+//[^/]+)~', $scripturl, $match) == 1) {
+			$_SERVER['REQUEST_URL'] = $match[1] . $_SERVER['REQUEST_URI'];
+	} else {
+			$_SERVER['REQUEST_URL'] = $_SERVER['REQUEST_URI'];
+	}
 
 	// And make sure HTTP_USER_AGENT is set.
 	$_SERVER['HTTP_USER_AGENT'] = isset($_SERVER['HTTP_USER_AGENT']) ? (isset($smcFunc['htmlspecialchars']) ? $smcFunc['htmlspecialchars']($smcFunc['db_unescape_string']($_SERVER['HTTP_USER_AGENT']), ENT_QUOTES) : htmlspecialchars($smcFunc['db_unescape_string']($_SERVER['HTTP_USER_AGENT']), ENT_QUOTES)) : '';
 
 	// Some final checking.
-	if (!isValidIP($_SERVER['BAN_CHECK_IP']))
-		$_SERVER['BAN_CHECK_IP'] = '';
-	if ($_SERVER['REMOTE_ADDR'] == 'unknown')
-		$_SERVER['REMOTE_ADDR'] = '';
-}
+	if (!isValidIP($_SERVER['BAN_CHECK_IP'])) {
+			$_SERVER['BAN_CHECK_IP'] = '';
+	}
+	if ($_SERVER['REMOTE_ADDR'] == 'unknown') {
+			$_SERVER['REMOTE_ADDR'] = '';
+	}
+	}
 
 /**
  * Validates a IPv6 address. returns true if it is ipv6.
@@ -355,8 +384,9 @@ 
 function isValidIPv6($ip)
 {
 	//looking for :
-	if (strpos($ip, ':') === false)
-		return false;
+	if (strpos($ip, ':') === false) {
+			return false;
+	}
 
 	//check valid address
 	return inet_pton($ip);
@@ -373,15 +403,17 @@ 
 	static $expanded = array();
 
 	// Check if we have done this already.
-	if (isset($expanded[$ip]))
-		return $expanded[$ip];
+	if (isset($expanded[$ip])) {
+			return $expanded[$ip];
+	}
 
 	// Expand the IP out.
 	$expanded_ip = explode(':', expandIPv6($ip));
 
 	$new_ip = array();
-	foreach ($expanded_ip as $int)
-		$new_ip[] = hexdec($int);
+	foreach ($expanded_ip as $int) {
+			$new_ip[] = hexdec($int);
+	}
 
 	// Save this incase of repeated use.
 	$expanded[$ip] = $new_ip;
@@ -401,8 +433,9 @@ 
 	static $converted = array();
 
 	// Check if we have done this already.
-	if (isset($converted[$addr]))
-		return $converted[$addr];
+	if (isset($converted[$addr])) {
+			return $converted[$addr];
+	}
 
 	// Check if there are segments missing, insert if necessary.
 	if (strpos($addr, '::') !== false)
@@ -412,18 +445,20 @@ 
 		$part[1] = explode(':', $part[1]);
 		$missing = array();
 
-		for ($i = 0; $i < (8 - (count($part[0]) + count($part[1]))); $i++)
-			array_push($missing, '0000');
+		for ($i = 0; $i < (8 - (count($part[0]) + count($part[1]))); $i++) {
+					array_push($missing, '0000');
+		}
 
 		$part = array_merge($part[0], $missing, $part[1]);
+	} else {
+			$part = explode(':', $addr);
 	}
-	else
-		$part = explode(':', $addr);
 
 	// Pad each segment until it has 4 digits.
-	foreach ($part as &$p)
-		while (strlen($p) < 4)
+	foreach ($part as &$p) {
+			while (strlen($p) < 4)
 			$p = '0' . $p;
+	}
 
 	unset($p);
 
@@ -434,11 +469,12 @@ 
 	$converted[$addr] = $result;
 
 	// Quick check to make sure the length is as expected.
-	if (!$strict_check || strlen($result) == 39)
-		return $result;
-	else
-		return false;
-}
+	if (!$strict_check || strlen($result) == 39) {
+			return $result;
+	} else {
+			return false;
+	}
+	}
 
 
 /**
@@ -469,15 +505,17 @@ 
 {
 	global $smcFunc;
 
-	if (!is_array($var))
-		return $smcFunc['db_escape_string']($var);
+	if (!is_array($var)) {
+			return $smcFunc['db_escape_string']($var);
+	}
 
 	// Reindex the array with slashes.
 	$new_var = array();
 
 	// Add slashes to every element, even the indexes!
-	foreach ($var as $k => $v)
-		$new_var[$smcFunc['db_escape_string']($k)] = escapestring__recursive($v);
+	foreach ($var as $k => $v) {
+			$new_var[$smcFunc['db_escape_string']($k)] = escapestring__recursive($v);
+	}
 
 	return $new_var;
 }
@@ -497,12 +535,14 @@ 
 {
 	global $smcFunc;
 
-	if (!is_array($var))
-		return isset($smcFunc['htmlspecialchars']) ? $smcFunc['htmlspecialchars']($var, ENT_QUOTES) : htmlspecialchars($var, ENT_QUOTES);
+	if (!is_array($var)) {
+			return isset($smcFunc['htmlspecialchars']) ? $smcFunc['htmlspecialchars']($var, ENT_QUOTES) : htmlspecialchars($var, ENT_QUOTES);
+	}
 
 	// Add the htmlspecialchars to every element.
-	foreach ($var as $k => $v)
-		$var[$k] = $level > 25 ? null : htmlspecialchars__recursive($v, $level + 1);
+	foreach ($var as $k => $v) {
+			$var[$k] = $level > 25 ? null : htmlspecialchars__recursive($v, $level + 1);
+	}
 
 	return $var;
 }
@@ -520,15 +560,17 @@ 
  */
 function urldecode__recursive($var, $level = 0)
 {
-	if (!is_array($var))
-		return urldecode($var);
+	if (!is_array($var)) {
+			return urldecode($var);
+	}
 
 	// Reindex the array...
 	$new_var = array();
 
 	// Add the htmlspecialchars to every element.
-	foreach ($var as $k => $v)
-		$new_var[urldecode($k)] = $level > 25 ? null : urldecode__recursive($v, $level + 1);
+	foreach ($var as $k => $v) {
+			$new_var[urldecode($k)] = $level > 25 ? null : urldecode__recursive($v, $level + 1);
+	}
 
 	return $new_var;
 }
@@ -546,15 +588,17 @@ 
 {
 	global $smcFunc;
 
-	if (!is_array($var))
-		return $smcFunc['db_unescape_string']($var);
+	if (!is_array($var)) {
+			return $smcFunc['db_unescape_string']($var);
+	}
 
 	// Reindex the array without slashes, this time.
 	$new_var = array();
 
 	// Strip the slashes from every element.
-	foreach ($var as $k => $v)
-		$new_var[$smcFunc['db_unescape_string']($k)] = unescapestring__recursive($v);
+	foreach ($var as $k => $v) {
+			$new_var[$smcFunc['db_unescape_string']($k)] = unescapestring__recursive($v);
+	}
 
 	return $new_var;
 }
@@ -572,15 +616,17 @@ 
  */
 function stripslashes__recursive($var, $level = 0)
 {
-	if (!is_array($var))
-		return stripslashes($var);
+	if (!is_array($var)) {
+			return stripslashes($var);
+	}
 
 	// Reindex the array without slashes, this time.
 	$new_var = array();
 
 	// Strip the slashes from every element.
-	foreach ($var as $k => $v)
-		$new_var[stripslashes($k)] = $level > 25 ? null : stripslashes__recursive($v, $level + 1);
+	foreach ($var as $k => $v) {
+			$new_var[stripslashes($k)] = $level > 25 ? null : stripslashes__recursive($v, $level + 1);
+	}
 
 	return $new_var;
 }
@@ -601,12 +647,14 @@ 
 	global $smcFunc;
 
 	// Remove spaces (32), tabs (9), returns (13, 10, and 11), nulls (0), and hard spaces. (160)
-	if (!is_array($var))
-		return isset($smcFunc) ? $smcFunc['htmltrim']($var) : trim($var, ' ' . "\t\n\r\x0B" . '\0' . "\xA0");
+	if (!is_array($var)) {
+			return isset($smcFunc) ? $smcFunc['htmltrim']($var) : trim($var, ' ' . "\t\n\r\x0B" . '\0' . "\xA0");
+	}
 
 	// Go through all the elements and remove the whitespace.
-	foreach ($var as $k => $v)
-		$var[$k] = $level > 25 ? null : htmltrim__recursive($v, $level + 1);
+	foreach ($var as $k => $v) {
+			$var[$k] = $level > 25 ? null : htmltrim__recursive($v, $level + 1);
+	}
 
 	return $var;
 }
@@ -671,30 +719,37 @@ 
 	global $scripturl, $modSettings, $context;
 
 	// If $scripturl is set to nothing, or the SID is not defined (SSI?) just quit.
-	if ($scripturl == '' || !defined('SID'))
-		return $buffer;
+	if ($scripturl == '' || !defined('SID')) {
+			return $buffer;
+	}
 
 	// Do nothing if the session is cookied, or they are a crawler - guests are caught by redirectexit().  This doesn't work below PHP 4.3.0, because it makes the output buffer bigger.
 	// @todo smflib
-	if (empty($_COOKIE) && SID != '' && !isBrowser('possibly_robot'))
-		$buffer = preg_replace('/(?<!<link rel="canonical" href=)"' . preg_quote($scripturl, '/') . '(?!\?' . preg_quote(SID, '/') . ')\\??/', '"' . $scripturl . '?' . SID . '&amp;', $buffer);
+	if (empty($_COOKIE) && SID != '' && !isBrowser('possibly_robot')) {
+			$buffer = preg_replace('/(?<!<link rel="canonical" href=)"' . preg_quote($scripturl, '/') . '(?!\?' . preg_quote(SID, '/') . ')\\??/', '"' . $scripturl . '?' . SID . '&amp;', $buffer);
+	}
 	// Debugging templates, are we?
-	elseif (isset($_GET['debug']))
-		$buffer = preg_replace('/(?<!<link rel="canonical" href=)"' . preg_quote($scripturl, '/') . '\\??/', '"' . $scripturl . '?debug;', $buffer);
+	elseif (isset($_GET['debug'])) {
+			$buffer = preg_replace('/(?<!<link rel="canonical" href=)"' . preg_quote($scripturl, '/') . '\\??/', '"' . $scripturl . '?debug;', $buffer);
+	}
 
 	// This should work even in 4.2.x, just not CGI without cgi.fix_pathinfo.
 	if (!empty($modSettings['queryless_urls']) && (!$context['server']['is_cgi'] || ini_get('cgi.fix_pathinfo') == 1 || @get_cfg_var('cgi.fix_pathinfo') == 1) && ($context['server']['is_apache'] || $context['server']['is_lighttpd'] || $context['server']['is_litespeed']))
 	{
 		// Let's do something special for session ids!
-		if (defined('SID') && SID != '')
-			$buffer = preg_replace_callback('~"' . preg_quote($scripturl, '/') . '\?(?:' . SID . '(?:;|&|&amp;))((?:board|topic)=[^#"]+?)(#[^"]*?)?"~', function($m)
+		if (defined('SID') && SID != '') {
+					$buffer = preg_replace_callback('~"' . preg_quote($scripturl, '/') . '\?(?:' . SID . '(?:;|&|&amp;))((?:board|topic)=[^#"]+?)(#[^"]*?)?"~', function($m)
 			{
-				global $scripturl; return '"' . $scripturl . "/" . strtr("$m[1]", '&;=', '//,') . ".html?" . SID . (isset($m[2]) ? $m[2] : "") . '"';
+				global $scripturl;
+		}
+		return '"' . $scripturl . "/" . strtr("$m[1]", '&;=', '//,') . ".html?" . SID . (isset($m[2]) ? $m[2] : "") . '"';
 			}, $buffer);
-		else
-			$buffer = preg_replace_callback('~"' . preg_quote($scripturl, '/') . '\?((?:board|topic)=[^#"]+?)(#[^"]*?)?"~', function($m)
+		else {
+					$buffer = preg_replace_callback('~"' . preg_quote($scripturl, '/') . '\?((?:board|topic)=[^#"]+?)(#[^"]*?)?"~', function($m)
 			{
-				global $scripturl; return '"' . $scripturl . '/' . strtr("$m[1]", '&;=', '//,') . '.html' . (isset($m[2]) ? $m[2] : "") . '"';
+				global $scripturl;
+		}
+		return '"' . $scripturl . '/' . strtr("$m[1]", '&;=', '//,') . '.html' . (isset($m[2]) ? $m[2] : "") . '"';
 			}, $buffer);
 	}
 

Sources/ManageSettings.php

Braces +273 added lines, -199 removed lines

@@ -14,8 +14,9 @@ 
  * @version 2.1 Beta 4
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  * This function makes sure the requested subaction does exists, if it doesn't, it sets a default action or.
@@ -206,16 +207,18 @@ 
 	{
 		$all_zones = timezone_identifiers_list();
 		// Make sure we set the value to the same as the printed value.
-		foreach ($all_zones as $zone)
-			$config_vars['default_timezone'][2][$zone] = $zone;
+		foreach ($all_zones as $zone) {
+					$config_vars['default_timezone'][2][$zone] = $zone;
+		}
+	} else {
+			unset($config_vars['default_timezone']);
 	}
-	else
-		unset($config_vars['default_timezone']);
 
 	call_integration_hook('integrate_modify_basic_settings', array(&$config_vars));
 
-	if ($return_config)
-		return $config_vars;
+	if ($return_config) {
+			return $config_vars;
+	}
 
 	// Saving?
 	if (isset($_GET['save']))
@@ -223,8 +226,9 @@ 
 		checkSession();
 
 		// Prevent absurd boundaries here - make it a day tops.
-		if (isset($_POST['lastActive']))
-			$_POST['lastActive'] = min((int) $_POST['lastActive'], 1440);
+		if (isset($_POST['lastActive'])) {
+					$_POST['lastActive'] = min((int) $_POST['lastActive'], 1440);
+		}
 
 		call_integration_hook('integrate_save_basic_settings');
 
@@ -269,8 +273,9 @@ 
 
 	call_integration_hook('integrate_modify_bbc_settings', array(&$config_vars));
 
-	if ($return_config)
-		return $config_vars;
+	if ($return_config) {
+			return $config_vars;
+	}
 
 	// Setup the template.
 	require_once($sourcedir . '/ManageServer.php');
@@ -287,13 +292,15 @@ 
 
 		// Clean up the tags.
 		$bbcTags = array();
-		foreach (parse_bbc(false) as $tag)
-			$bbcTags[] = $tag['tag'];
+		foreach (parse_bbc(false) as $tag) {
+					$bbcTags[] = $tag['tag'];
+		}
 
-		if (!isset($_POST['disabledBBC_enabledTags']))
-			$_POST['disabledBBC_enabledTags'] = array();
-		elseif (!is_array($_POST['disabledBBC_enabledTags']))
-			$_POST['disabledBBC_enabledTags'] = array($_POST['disabledBBC_enabledTags']);
+		if (!isset($_POST['disabledBBC_enabledTags'])) {
+					$_POST['disabledBBC_enabledTags'] = array();
+		} elseif (!is_array($_POST['disabledBBC_enabledTags'])) {
+					$_POST['disabledBBC_enabledTags'] = array($_POST['disabledBBC_enabledTags']);
+		}
 		// Work out what is actually disabled!
 		$_POST['disabledBBC'] = implode(',', array_diff($bbcTags, $_POST['disabledBBC_enabledTags']));
 
@@ -337,8 +344,9 @@ 
 
 	call_integration_hook('integrate_layout_settings', array(&$config_vars));
 
-	if ($return_config)
-		return $config_vars;
+	if ($return_config) {
+			return $config_vars;
+	}
 
 	// Saving?
 	if (isset($_GET['save']))
@@ -379,8 +387,9 @@ 
 
 	call_integration_hook('integrate_likes_settings', array(&$config_vars));
 
-	if ($return_config)
-		return $config_vars;
+	if ($return_config) {
+			return $config_vars;
+	}
 
 	// Saving?
 	if (isset($_GET['save']))
@@ -418,8 +427,9 @@ 
 
 	call_integration_hook('integrate_mentions_settings', array(&$config_vars));
 
-	if ($return_config)
-		return $config_vars;
+	if ($return_config) {
+			return $config_vars;
+	}
 
 	// Saving?
 	if (isset($_GET['save']))
@@ -463,8 +473,8 @@ 
 			'enable' => array('check', 'warning_enable'),
 	);
 
-	if (!empty($modSettings['warning_settings']) && $currently_enabled)
-		$config_vars += array(
+	if (!empty($modSettings['warning_settings']) && $currently_enabled) {
+			$config_vars += array(
 			'',
 				array('int', 'warning_watch', 'subtext' => $txt['setting_warning_watch_note'] . ' ' . $txt['zero_to_disable']),
 				'moderate' => array('int', 'warning_moderate', 'subtext' => $txt['setting_warning_moderate_note'] . ' ' . $txt['zero_to_disable']),
@@ -473,15 +483,18 @@ 
 				'rem2' => array('int', 'warning_decrement', 'subtext' => $txt['setting_warning_decrement_note'] . ' ' . $txt['zero_to_disable']),
 				array('permissions', 'view_warning'),
 		);
+	}
 
 	call_integration_hook('integrate_warning_settings', array(&$config_vars));
 
-	if ($return_config)
-		return $config_vars;
+	if ($return_config) {
+			return $config_vars;
+	}
 
 	// Cannot use moderation if post moderation is not enabled.
-	if (!$modSettings['postmod_active'])
-		unset($config_vars['moderate']);
+	if (!$modSettings['postmod_active']) {
+			unset($config_vars['moderate']);
+	}
 
 	// Will need the utility functions from here.
 	require_once($sourcedir . '/ManageServer.php');
@@ -506,16 +519,16 @@ 
 				'warning_watch' => 10,
 				'warning_mute' => 60,
 			);
-			if ($modSettings['postmod_active'])
-				$vars['warning_moderate'] = 35;
+			if ($modSettings['postmod_active']) {
+							$vars['warning_moderate'] = 35;
+			}
 
 			foreach ($vars as $var => $value)
 			{
 				$config_vars[] = array('int', $var);
 				$_POST[$var] = $value;
 			}
-		}
-		else
+		} else
 		{
 			$_POST['warning_watch'] = min($_POST['warning_watch'], 100);
 			$_POST['warning_moderate'] = $modSettings['postmod_active'] ? min($_POST['warning_moderate'], 100) : 0;
@@ -603,8 +616,9 @@ 
 
 	call_integration_hook('integrate_spam_settings', array(&$config_vars));
 
-	if ($return_config)
-		return $config_vars;
+	if ($return_config) {
+			return $config_vars;
+	}
 
 	// You need to be an admin to edit settings!
 	isAllowedTo('admin_forum');
@@ -638,8 +652,9 @@ 
 
 	if (empty($context['qa_by_lang'][strtr($language, array('-utf8' => ''))]) && !empty($context['question_answers']))
 	{
-		if (empty($context['settings_insert_above']))
-			$context['settings_insert_above'] = '';
+		if (empty($context['settings_insert_above'])) {
+					$context['settings_insert_above'] = '';
+		}
 
 		$context['settings_insert_above'] .= '<div class="noticebox">' . sprintf($txt['question_not_defined'], $context['languages'][$language]['name']) . '</div>';
 	}
@@ -682,8 +697,9 @@ 
 		$_POST['pm_spam_settings'] = (int) $_POST['max_pm_recipients'] . ',' . (int) $_POST['pm_posts_verification'] . ',' . (int) $_POST['pm_posts_per_hour'];
 
 		// Hack in guest requiring verification!
-		if (empty($_POST['posts_require_captcha']) && !empty($_POST['guests_require_captcha']))
-			$_POST['posts_require_captcha'] = -1;
+		if (empty($_POST['posts_require_captcha']) && !empty($_POST['guests_require_captcha'])) {
+					$_POST['posts_require_captcha'] = -1;
+		}
 
 		$save_vars = $config_vars;
 		unset($save_vars['pm1'], $save_vars['pm2'], $save_vars['pm3'], $save_vars['guest_verify']);
@@ -700,14 +716,16 @@ 
 		foreach ($context['qa_languages'] as $lang_id => $dummy)
 		{
 			// If we had some questions for this language before, but don't now, delete everything from that language.
-			if ((!isset($_POST['question'][$lang_id]) || !is_array($_POST['question'][$lang_id])) && !empty($context['qa_by_lang'][$lang_id]))
-				$changes['delete'] = array_merge($questions['delete'], $context['qa_by_lang'][$lang_id]);
+			if ((!isset($_POST['question'][$lang_id]) || !is_array($_POST['question'][$lang_id])) && !empty($context['qa_by_lang'][$lang_id])) {
+							$changes['delete'] = array_merge($questions['delete'], $context['qa_by_lang'][$lang_id]);
+			}
 
 			// Now step through and see if any existing questions no longer exist.
-			if (!empty($context['qa_by_lang'][$lang_id]))
-				foreach ($context['qa_by_lang'][$lang_id] as $q_id)
+			if (!empty($context['qa_by_lang'][$lang_id])) {
+							foreach ($context['qa_by_lang'][$lang_id] as $q_id)
 					if (empty($_POST['question'][$lang_id][$q_id]))
 						$changes['delete'][] = $q_id;
+			}
 
 			// Now let's see if there are new questions or ones that need updating.
 			if (isset($_POST['question'][$lang_id]))
@@ -716,14 +734,16 @@ 
 				{
 					// Ignore junky ids.
 					$q_id = (int) $q_id;
-					if ($q_id <= 0)
-						continue;
+					if ($q_id <= 0) {
+											continue;
+					}
 
 					// Check the question isn't empty (because they want to delete it?)
 					if (empty($question) || trim($question) == '')
 					{
-						if (isset($context['question_answers'][$q_id]))
-							$changes['delete'][] = $q_id;
+						if (isset($context['question_answers'][$q_id])) {
+													$changes['delete'][] = $q_id;
+						}
 						continue;
 					}
 					$question = $smcFunc['htmlspecialchars'](trim($question));
@@ -731,19 +751,22 @@ 
 					// Get the answers. Firstly check there actually might be some.
 					if (!isset($_POST['answer'][$lang_id][$q_id]) || !is_array($_POST['answer'][$lang_id][$q_id]))
 					{
-						if (isset($context['question_answers'][$q_id]))
-							$changes['delete'][] = $q_id;
+						if (isset($context['question_answers'][$q_id])) {
+													$changes['delete'][] = $q_id;
+						}
 						continue;
 					}
 					// Now get them and check that they might be viable.
 					$answers = array();
-					foreach ($_POST['answer'][$lang_id][$q_id] as $answer)
-						if (!empty($answer) && trim($answer) !== '')
+					foreach ($_POST['answer'][$lang_id][$q_id] as $answer) {
+											if (!empty($answer) && trim($answer) !== '')
 							$answers[] = $smcFunc['htmlspecialchars'](trim($answer));
+					}
 					if (empty($answers))
 					{
-						if (isset($context['question_answers'][$q_id]))
-							$changes['delete'][] = $q_id;
+						if (isset($context['question_answers'][$q_id])) {
+													$changes['delete'][] = $q_id;
+						}
 						continue;
 					}
 					$answers = $smcFunc['json_encode']($answers);
@@ -753,16 +776,17 @@ 
 					{
 						// New question. Now, we don't want to randomly consume ids, so we'll set those, rather than trusting the browser's supplied ids.
 						$changes['insert'][] = array($lang_id, $question, $answers);
-					}
-					else
+					} else
 					{
 						// It's an existing question. Let's see what's changed, if anything.
-						if ($lang_id != $context['question_answers'][$q_id]['lngfile'] || $question != $context['question_answers'][$q_id]['question'] || $answers != $context['question_answers'][$q_id]['answers'])
-							$changes['replace'][$q_id] = array('lngfile' => $lang_id, 'question' => $question, 'answers' => $answers);
+						if ($lang_id != $context['question_answers'][$q_id]['lngfile'] || $question != $context['question_answers'][$q_id]['question'] || $answers != $context['question_answers'][$q_id]['answers']) {
+													$changes['replace'][$q_id] = array('lngfile' => $lang_id, 'question' => $question, 'answers' => $answers);
+						}
 					}
 
-					if (!isset($qs_per_lang[$lang_id]))
-						$qs_per_lang[$lang_id] = 0;
+					if (!isset($qs_per_lang[$lang_id])) {
+											$qs_per_lang[$lang_id] = 0;
+					}
 					$qs_per_lang[$lang_id]++;
 				}
 			}
@@ -812,8 +836,9 @@ 
 
 		// Lastly, the count of messages needs to be no more than the lowest number of questions for any one language.
 		$count_questions = empty($qs_per_lang) ? 0 : min($qs_per_lang);
-		if (empty($count_questions) || $_POST['qa_verification_number'] > $count_questions)
-			$_POST['qa_verification_number'] = $count_questions;
+		if (empty($count_questions) || $_POST['qa_verification_number'] > $count_questions) {
+					$_POST['qa_verification_number'] = $count_questions;
+		}
 
 		call_integration_hook('integrate_save_spam_settings', array(&$save_vars));
 
@@ -828,24 +853,27 @@ 
 
 	$character_range = array_merge(range('A', 'H'), array('K', 'M', 'N', 'P', 'R'), range('T', 'Y'));
 	$_SESSION['visual_verification_code'] = '';
-	for ($i = 0; $i < 6; $i++)
-		$_SESSION['visual_verification_code'] .= $character_range[array_rand($character_range)];
+	for ($i = 0; $i < 6; $i++) {
+			$_SESSION['visual_verification_code'] .= $character_range[array_rand($character_range)];
+	}
 
 	// Some javascript for CAPTCHA.
 	$context['settings_post_javascript'] = '';
-	if ($context['use_graphic_library'])
-		$context['settings_post_javascript'] .= '
+	if ($context['use_graphic_library']) {
+			$context['settings_post_javascript'] .= '
 		function refreshImages()
 		{
 			var imageType = document.getElementById(\'visual_verification_type\').value;
 			document.getElementById(\'verification_image\').src = \'' . $context['verification_image_href'] . ';type=\' + imageType;
 		}';
+	}
 
 	// Show the image itself, or text saying we can't.
-	if ($context['use_graphic_library'])
-		$config_vars['vv']['postinput'] = '<br><img src="' . $context['verification_image_href'] . ';type=' . (empty($modSettings['visual_verification_type']) ? 0 : $modSettings['visual_verification_type']) . '" alt="' . $txt['setting_image_verification_sample'] . '" id="verification_image"><br>';
-	else
-		$config_vars['vv']['postinput'] = '<br><span class="smalltext">' . $txt['setting_image_verification_nogd'] . '</span>';
+	if ($context['use_graphic_library']) {
+			$config_vars['vv']['postinput'] = '<br><img src="' . $context['verification_image_href'] . ';type=' . (empty($modSettings['visual_verification_type']) ? 0 : $modSettings['visual_verification_type']) . '" alt="' . $txt['setting_image_verification_sample'] . '" id="verification_image"><br>';
+	} else {
+			$config_vars['vv']['postinput'] = '<br><span class="smalltext">' . $txt['setting_image_verification_nogd'] . '</span>';
+	}
 
 	// Hack for PM spam settings.
 	list ($modSettings['max_pm_recipients'], $modSettings['pm_posts_verification'], $modSettings['pm_posts_per_hour']) = explode(',', $modSettings['pm_spam_settings']);
@@ -855,9 +883,10 @@ 
 	$modSettings['posts_require_captcha'] = !isset($modSettings['posts_require_captcha']) || $modSettings['posts_require_captcha'] == -1 ? 0 : $modSettings['posts_require_captcha'];
 
 	// Some minor javascript for the guest post setting.
-	if ($modSettings['posts_require_captcha'])
-		$context['settings_post_javascript'] .= '
+	if ($modSettings['posts_require_captcha']) {
+			$context['settings_post_javascript'] .= '
 		document.getElementById(\'guests_require_captcha\').disabled = true;';
+	}
 
 	// And everything else.
 	$context['post_url'] = $scripturl . '?action=admin;area=antispam;save';
@@ -904,8 +933,9 @@ 
 
 	call_integration_hook('integrate_signature_settings', array(&$config_vars));
 
-	if ($return_config)
-		return $config_vars;
+	if ($return_config) {
+			return $config_vars;
+	}
 
 	// Setup the template.
 	$context['page_title'] = $txt['signature_settings'];
@@ -960,8 +990,9 @@ 
 				$sig = strtr($row['signature'], array('<br>' => "\n"));
 
 				// Max characters...
-				if (!empty($sig_limits[1]))
-					$sig = $smcFunc['substr']($sig, 0, $sig_limits[1]);
+				if (!empty($sig_limits[1])) {
+									$sig = $smcFunc['substr']($sig, 0, $sig_limits[1]);
+				}
 				// Max lines...
 				if (!empty($sig_limits[2]))
 				{
@@ -971,8 +1002,9 @@ 
 						if ($sig[$i] == "\n")
 						{
 							$count++;
-							if ($count >= $sig_limits[2])
-								$sig = substr($sig, 0, $i) . strtr(substr($sig, $i), array("\n" => ' '));
+							if ($count >= $sig_limits[2]) {
+															$sig = substr($sig, 0, $i) . strtr(substr($sig, $i), array("\n" => ' '));
+							}
 						}
 					}
 				}
@@ -983,17 +1015,19 @@ 
 					{
 						$limit_broke = 0;
 						// Attempt to allow all sizes of abuse, so to speak.
-						if ($matches[2][$ind] == 'px' && $size > $sig_limits[7])
-							$limit_broke = $sig_limits[7] . 'px';
-						elseif ($matches[2][$ind] == 'pt' && $size > ($sig_limits[7] * 0.75))
-							$limit_broke = ((int) $sig_limits[7] * 0.75) . 'pt';
-						elseif ($matches[2][$ind] == 'em' && $size > ((float) $sig_limits[7] / 16))
-							$limit_broke = ((float) $sig_limits[7] / 16) . 'em';
-						elseif ($matches[2][$ind] != 'px' && $matches[2][$ind] != 'pt' && $matches[2][$ind] != 'em' && $sig_limits[7] < 18)
-							$limit_broke = 'large';
-
-						if ($limit_broke)
-							$sig = str_replace($matches[0][$ind], '[size=' . $sig_limits[7] . 'px', $sig);
+						if ($matches[2][$ind] == 'px' && $size > $sig_limits[7]) {
+													$limit_broke = $sig_limits[7] . 'px';
+						} elseif ($matches[2][$ind] == 'pt' && $size > ($sig_limits[7] * 0.75)) {
+													$limit_broke = ((int) $sig_limits[7] * 0.75) . 'pt';
+						} elseif ($matches[2][$ind] == 'em' && $size > ((float) $sig_limits[7] / 16)) {
+													$limit_broke = ((float) $sig_limits[7] / 16) . 'em';
+						} elseif ($matches[2][$ind] != 'px' && $matches[2][$ind] != 'pt' && $matches[2][$ind] != 'em' && $sig_limits[7] < 18) {
+													$limit_broke = 'large';
+						}
+
+						if ($limit_broke) {
+													$sig = str_replace($matches[0][$ind], '[size=' . $sig_limits[7] . 'px', $sig);
+						}
 					}
 				}
 
@@ -1049,32 +1083,34 @@ 
 											$img_offset = false;
 										}
 									}
+								} else {
+																	$replaces[$image] = '';
 								}
-								else
-									$replaces[$image] = '';
 
 								continue;
 							}
 
 							// Does it have predefined restraints? Width first.
-							if ($matches[6][$key])
-								$matches[2][$key] = $matches[6][$key];
+							if ($matches[6][$key]) {
+															$matches[2][$key] = $matches[6][$key];
+							}
 							if ($matches[2][$key] && $sig_limits[5] && $matches[2][$key] > $sig_limits[5])
 							{
 								$width = $sig_limits[5];
 								$matches[4][$key] = $matches[4][$key] * ($width / $matches[2][$key]);
+							} elseif ($matches[2][$key]) {
+															$width = $matches[2][$key];
 							}
-							elseif ($matches[2][$key])
-								$width = $matches[2][$key];
 							// ... and height.
 							if ($matches[4][$key] && $sig_limits[6] && $matches[4][$key] > $sig_limits[6])
 							{
 								$height = $sig_limits[6];
-								if ($width != -1)
-									$width = $width * ($height / $matches[4][$key]);
+								if ($width != -1) {
+																	$width = $width * ($height / $matches[4][$key]);
+								}
+							} elseif ($matches[4][$key]) {
+															$height = $matches[4][$key];
 							}
-							elseif ($matches[4][$key])
-								$height = $matches[4][$key];
 
 							// If the dimensions are still not fixed - we need to check the actual image.
 							if (($width == -1 && $sig_limits[5]) || ($height == -1 && $sig_limits[6]))
@@ -1092,12 +1128,13 @@ 
 									if ($sizes[1] > $sig_limits[6] && $sig_limits[6])
 									{
 										$height = $sig_limits[6];
-										if ($width == -1)
-											$width = $sizes[0];
+										if ($width == -1) {
+																					$width = $sizes[0];
+										}
 										$width = $width * ($height / $sizes[1]);
+									} elseif ($width != -1) {
+																			$height = $sizes[1];
 									}
-									elseif ($width != -1)
-										$height = $sizes[1];
 								}
 							}
 
@@ -1110,8 +1147,9 @@ 
 							// Record that we got one.
 							$image_count_holder[$image] = isset($image_count_holder[$image]) ? $image_count_holder[$image] + 1 : 1;
 						}
-						if (!empty($replaces))
-							$sig = str_replace(array_keys($replaces), array_values($replaces), $sig);
+						if (!empty($replaces)) {
+													$sig = str_replace(array_keys($replaces), array_values($replaces), $sig);
+						}
 					}
 				}
 				// Try to fix disabled tags.
@@ -1123,18 +1161,20 @@ 
 
 				$sig = strtr($sig, array("\n" => '<br>'));
 				call_integration_hook('integrate_apply_signature_settings', array(&$sig, $sig_limits, $disabledTags));
-				if ($sig != $row['signature'])
-					$changes[$row['id_member']] = $sig;
+				if ($sig != $row['signature']) {
+									$changes[$row['id_member']] = $sig;
+				}
+			}
+			if ($smcFunc['db_num_rows']($request) == 0) {
+							$done = true;
 			}
-			if ($smcFunc['db_num_rows']($request) == 0)
-				$done = true;
 			$smcFunc['db_free_result']($request);
 
 			// Do we need to delete what we have?
 			if (!empty($changes))
 			{
-				foreach ($changes as $id => $sig)
-					$smcFunc['db_query']('', '
+				foreach ($changes as $id => $sig) {
+									$smcFunc['db_query']('', '
 						UPDATE {db_prefix}members
 						SET signature = {string:signature}
 						WHERE id_member = {int:id_member}',
@@ -1143,11 +1183,13 @@ 
 							'signature' => $sig,
 						)
 					);
+				}
 			}
 
 			$_GET['step'] += 50;
-			if (!$done)
-				pauseSignatureApplySettings();
+			if (!$done) {
+							pauseSignatureApplySettings();
+			}
 		}
 		$settings_applied = true;
 	}
@@ -1165,8 +1207,9 @@ 
 	);
 
 	// Temporarily make each setting a modSetting!
-	foreach ($context['signature_settings'] as $key => $value)
-		$modSettings['signature_' . $key] = $value;
+	foreach ($context['signature_settings'] as $key => $value) {
+			$modSettings['signature_' . $key] = $value;
+	}
 
 	// Make sure we check the right tags!
 	$modSettings['bbc_disabled_signature_bbc'] = $disabledTags;
@@ -1178,23 +1221,26 @@ 
 
 		// Clean up the tag stuff!
 		$bbcTags = array();
-		foreach (parse_bbc(false) as $tag)
-			$bbcTags[] = $tag['tag'];
+		foreach (parse_bbc(false) as $tag) {
+					$bbcTags[] = $tag['tag'];
+		}
 
-		if (!isset($_POST['signature_bbc_enabledTags']))
-			$_POST['signature_bbc_enabledTags'] = array();
-		elseif (!is_array($_POST['signature_bbc_enabledTags']))
-			$_POST['signature_bbc_enabledTags'] = array($_POST['signature_bbc_enabledTags']);
+		if (!isset($_POST['signature_bbc_enabledTags'])) {
+					$_POST['signature_bbc_enabledTags'] = array();
+		} elseif (!is_array($_POST['signature_bbc_enabledTags'])) {
+					$_POST['signature_bbc_enabledTags'] = array($_POST['signature_bbc_enabledTags']);
+		}
 
 		$sig_limits = array();
 		foreach ($context['signature_settings'] as $key => $value)
 		{
-			if ($key == 'allow_smileys')
-				continue;
-			elseif ($key == 'max_smileys' && empty($_POST['signature_allow_smileys']))
-				$sig_limits[] = -1;
-			else
-				$sig_limits[] = !empty($_POST['signature_' . $key]) ? max(1, (int) $_POST['signature_' . $key]) : 0;
+			if ($key == 'allow_smileys') {
+							continue;
+			} elseif ($key == 'max_smileys' && empty($_POST['signature_allow_smileys'])) {
+							$sig_limits[] = -1;
+			} else {
+							$sig_limits[] = !empty($_POST['signature_' . $key]) ? max(1, (int) $_POST['signature_' . $key]) : 0;
+			}
 		}
 
 		call_integration_hook('integrate_save_signature_settings', array(&$sig_limits, &$bbcTags));
@@ -1227,12 +1273,14 @@ 
 
 	// Try get more time...
 	@set_time_limit(600);
-	if (function_exists('apache_reset_timeout'))
-		@apache_reset_timeout();
+	if (function_exists('apache_reset_timeout')) {
+			@apache_reset_timeout();
+	}
 
 	// Have we exhausted all the time we allowed?
-	if (time() - array_sum(explode(' ', $sig_start)) < 3)
-		return;
+	if (time() - array_sum(explode(' ', $sig_start)) < 3) {
+			return;
+	}
 
 	$context['continue_get_data'] = '?action=admin;area=featuresettings;sa=sig;apply;step=' . $_GET['step'] . ';' . $context['session_var'] . '=' . $context['session_id'];
 	$context['page_title'] = $txt['not_done_title'];
@@ -1278,9 +1326,10 @@ 
 		$disable_fields = array_flip($standard_fields);
 		if (!empty($_POST['active']))
 		{
-			foreach ($_POST['active'] as $value)
-				if (isset($disable_fields[$value]))
+			foreach ($_POST['active'] as $value) {
+							if (isset($disable_fields[$value]))
 					unset($disable_fields[$value]);
+			}
 		}
 		// What we have left!
 		$changes['disabled_profile_fields'] = empty($disable_fields) ? '' : implode(',', array_keys($disable_fields));
@@ -1289,16 +1338,18 @@ 
 		$reg_fields = array();
 		if (!empty($_POST['reg']))
 		{
-			foreach ($_POST['reg'] as $value)
-				if (in_array($value, $standard_fields) && !isset($disable_fields[$value]))
+			foreach ($_POST['reg'] as $value) {
+							if (in_array($value, $standard_fields) && !isset($disable_fields[$value]))
 					$reg_fields[] = $value;
+			}
 		}
 		// What we have left!
 		$changes['registration_fields'] = empty($reg_fields) ? '' : implode(',', $reg_fields);
 
 		$_SESSION['adm-save'] = true;
-		if (!empty($changes))
-			updateSettings($changes);
+		if (!empty($changes)) {
+					updateSettings($changes);
+		}
 	}
 
 	createToken('admin-scp');
@@ -1401,11 +1452,13 @@ 
 					{
 						$return = '<p class="centertext bold_text">'. $rowData['field_order'] .'<br>';
 
-						if ($rowData['field_order'] > 1)
-							$return .= '<a href="' . $scripturl . '?action=admin;area=featuresettings;sa=profileedit;fid=' . $rowData['id_field'] . ';move=up"><span class="toggle_up" title="'. $txt['custom_edit_order_move'] .' '. $txt['custom_edit_order_up'] .'"></span></a>';
+						if ($rowData['field_order'] > 1) {
+													$return .= '<a href="' . $scripturl . '?action=admin;area=featuresettings;sa=profileedit;fid=' . $rowData['id_field'] . ';move=up"><span class="toggle_up" title="'. $txt['custom_edit_order_move'] .' '. $txt['custom_edit_order_up'] .'"></span></a>';
+						}
 
-						if ($rowData['field_order'] < $context['custFieldsMaxOrder'])
-							$return .= '<a href="' . $scripturl . '?action=admin;area=featuresettings;sa=profileedit;fid=' . $rowData['id_field'] . ';move=down"><span class="toggle_down" title="'. $txt['custom_edit_order_move'] .' '. $txt['custom_edit_order_down'] .'"></span></a>';
+						if ($rowData['field_order'] < $context['custFieldsMaxOrder']) {
+													$return .= '<a href="' . $scripturl . '?action=admin;area=featuresettings;sa=profileedit;fid=' . $rowData['id_field'] . ';move=down"><span class="toggle_down" title="'. $txt['custom_edit_order_move'] .' '. $txt['custom_edit_order_down'] .'"></span></a>';
+						}
 
 						$return .= '</p>';
 
@@ -1543,16 +1596,16 @@ 
 		$disabled_fields = isset($modSettings['disabled_profile_fields']) ? explode(',', $modSettings['disabled_profile_fields']) : array();
 		$registration_fields = isset($modSettings['registration_fields']) ? explode(',', $modSettings['registration_fields']) : array();
 
-		foreach ($standard_fields as $field)
-			$list[] = array(
+		foreach ($standard_fields as $field) {
+					$list[] = array(
 				'id' => $field,
 				'label' => isset($txt['standard_profile_field_' . $field]) ? $txt['standard_profile_field_' . $field] : (isset($txt[$field]) ? $txt[$field] : $field),
 				'disabled' => in_array($field, $disabled_fields),
 				'on_register' => in_array($field, $registration_fields) && !in_array($field, $fields_no_registration),
 				'can_show_register' => !in_array($field, $fields_no_registration),
 			);
-	}
-	else
+		}
+	} else
 	{
 		// Load all the fields.
 		$request = $smcFunc['db_query']('', '
@@ -1566,8 +1619,9 @@ 
 				'items_per_page' => $items_per_page,
 			)
 		);
-		while ($row = $smcFunc['db_fetch_assoc']($request))
-			$list[] = $row;
+		while ($row = $smcFunc['db_fetch_assoc']($request)) {
+					$list[] = $row;
+		}
 		$smcFunc['db_free_result']($request);
 	}
 
@@ -1633,9 +1687,9 @@ 
 		$context['field'] = array();
 		while ($row = $smcFunc['db_fetch_assoc']($request))
 		{
-			if ($row['field_type'] == 'textarea')
-				@list ($rows, $cols) = @explode(',', $row['default_value']);
-			else
+			if ($row['field_type'] == 'textarea') {
+							@list ($rows, $cols) = @explode(',', $row['default_value']);
+			} else
 			{
 				$rows = 3;
 				$cols = 30;
@@ -1671,8 +1725,8 @@ 
 	}
 
 	// Setup the default values as needed.
-	if (empty($context['field']))
-		$context['field'] = array(
+	if (empty($context['field'])) {
+			$context['field'] = array(
 			'name' => '',
 			'col_name' => '???',
 			'desc' => '',
@@ -1697,6 +1751,7 @@ 
 			'enclose' => '',
 			'placement' => 0,
 		);
+	}
 
 	// Are we moving it?
 	if (isset($_GET['move']) && in_array($smcFunc['htmlspecialchars']($_GET['move']), $move_to))
@@ -1705,8 +1760,10 @@ 
 		$new_order = ($_GET['move'] == 'up' ? ($context['field']['order'] - 1) : ($context['field']['order'] + 1));
 
 		// Is this a valid position?
-		if ($new_order <= 0 || $new_order > $order_count)
-			redirectexit('action=admin;area=featuresettings;sa=profile'); // @todo implement an error handler
+		if ($new_order <= 0 || $new_order > $order_count) {
+					redirectexit('action=admin;area=featuresettings;sa=profile');
+		}
+		// @todo implement an error handler
 
 		// All good, proceed.
 		$smcFunc['db_query']('','
@@ -1737,12 +1794,14 @@ 
 		validateToken('admin-ecp');
 
 		// Everyone needs a name - even the (bracket) unknown...
-		if (trim($_POST['field_name']) == '')
-			redirectexit($scripturl . '?action=admin;area=featuresettings;sa=profileedit;fid=' . $_GET['fid'] . ';msg=need_name');
+		if (trim($_POST['field_name']) == '') {
+					redirectexit($scripturl . '?action=admin;area=featuresettings;sa=profileedit;fid=' . $_GET['fid'] . ';msg=need_name');
+		}
 
 		// Regex you say?  Do a very basic test to see if the pattern is valid
-		if (!empty($_POST['regex']) && @preg_match($_POST['regex'], 'dummy') === false)
-			redirectexit($scripturl . '?action=admin;area=featuresettings;sa=profileedit;fid=' . $_GET['fid'] . ';msg=regex_error');
+		if (!empty($_POST['regex']) && @preg_match($_POST['regex'], 'dummy') === false) {
+					redirectexit($scripturl . '?action=admin;area=featuresettings;sa=profileedit;fid=' . $_GET['fid'] . ';msg=regex_error');
+		}
 
 		$_POST['field_name'] = $smcFunc['htmlspecialchars']($_POST['field_name']);
 		$_POST['field_desc'] = $smcFunc['htmlspecialchars']($_POST['field_desc']);
@@ -1759,8 +1818,9 @@ 
 
 		// Some masking stuff...
 		$mask = isset($_POST['mask']) ? $_POST['mask'] : '';
-		if ($mask == 'regex' && isset($_POST['regex']))
-			$mask .= $_POST['regex'];
+		if ($mask == 'regex' && isset($_POST['regex'])) {
+					$mask .= $_POST['regex'];
+		}
 
 		$field_length = isset($_POST['max_length']) ? (int) $_POST['max_length'] : 255;
 		$enclose = isset($_POST['enclose']) ? $_POST['enclose'] : '';
@@ -1779,8 +1839,9 @@ 
 				$v = strtr($v, array(',' => ''));
 
 				// Nada, zip, etc...
-				if (trim($v) == '')
-					continue;
+				if (trim($v) == '') {
+									continue;
+				}
 
 				// Otherwise, save it boy.
 				$field_options .= $v . ',';
@@ -1788,15 +1849,17 @@ 
 				$newOptions[$k] = $v;
 
 				// Is it default?
-				if (isset($_POST['default_select']) && $_POST['default_select'] == $k)
-					$default = $v;
+				if (isset($_POST['default_select']) && $_POST['default_select'] == $k) {
+									$default = $v;
+				}
 			}
 			$field_options = substr($field_options, 0, -1);
 		}
 
 		// Text area has default has dimensions
-		if ($_POST['field_type'] == 'textarea')
-			$default = (int) $_POST['rows'] . ',' . (int) $_POST['cols'];
+		if ($_POST['field_type'] == 'textarea') {
+					$default = (int) $_POST['rows'] . ',' . (int) $_POST['cols'];
+		}
 
 		// Come up with the unique name?
 		if (empty($context['fid']))
@@ -1805,32 +1868,36 @@ 
 			preg_match('~([\w\d_-]+)~', $col_name, $matches);
 
 			// If there is nothing to the name, then let's start out own - for foreign languages etc.
-			if (isset($matches[1]))
-				$col_name = $initial_col_name = 'cust_' . strtolower($matches[1]);
-			else
-				$col_name = $initial_col_name = 'cust_' . mt_rand(1, 9999);
+			if (isset($matches[1])) {
+							$col_name = $initial_col_name = 'cust_' . strtolower($matches[1]);
+			} else {
+							$col_name = $initial_col_name = 'cust_' . mt_rand(1, 9999);
+			}
 
 			// Make sure this is unique.
 			$current_fields = array();
 			$request = $smcFunc['db_query']('', '
 				SELECT id_field, col_name
 				FROM {db_prefix}custom_fields');
-			while ($row = $smcFunc['db_fetch_assoc']($request))
-				$current_fields[$row['id_field']] = $row['col_name'];
+			while ($row = $smcFunc['db_fetch_assoc']($request)) {
+							$current_fields[$row['id_field']] = $row['col_name'];
+			}
 			$smcFunc['db_free_result']($request);
 
 			$unique = false;
 			for ($i = 0; !$unique && $i < 9; $i ++)
 			{
-				if (!in_array($col_name, $current_fields))
-					$unique = true;
-				else
-					$col_name = $initial_col_name . $i;
+				if (!in_array($col_name, $current_fields)) {
+									$unique = true;
+				} else {
+									$col_name = $initial_col_name . $i;
+				}
 			}
 
 			// Still not a unique column name? Leave it up to the user, then.
-			if (!$unique)
-				fatal_lang_error('custom_option_not_unique');
+			if (!$unique) {
+							fatal_lang_error('custom_option_not_unique');
+			}
 		}
 		// Work out what to do with the user data otherwise...
 		else
@@ -1858,8 +1925,9 @@ 
 				// Work out what's changed!
 				foreach ($context['field']['options'] as $k => $option)
 				{
-					if (trim($option) == '')
-						continue;
+					if (trim($option) == '') {
+											continue;
+					}
 
 					// Still exists?
 					if (in_array($option, $newOptions))
@@ -1873,8 +1941,8 @@ 
 				foreach ($optionChanges as $k => $option)
 				{
 					// Just been renamed?
-					if (!in_array($k, $takenKeys) && !empty($newOptions[$k]))
-						$smcFunc['db_query']('', '
+					if (!in_array($k, $takenKeys) && !empty($newOptions[$k])) {
+											$smcFunc['db_query']('', '
 							UPDATE {db_prefix}themes
 							SET value = {string:new_value}
 							WHERE variable = {string:current_column}
@@ -1887,6 +1955,7 @@ 
 								'old_value' => $option,
 							)
 						);
+					}
 				}
 			}
 			// @todo Maybe we should adjust based on new text length limits?
@@ -1929,8 +1998,8 @@ 
 			);
 
 			// Just clean up any old selects - these are a pain!
-			if (($_POST['field_type'] == 'select' || $_POST['field_type'] == 'radio') && !empty($newOptions))
-				$smcFunc['db_query']('', '
+			if (($_POST['field_type'] == 'select' || $_POST['field_type'] == 'radio') && !empty($newOptions)) {
+							$smcFunc['db_query']('', '
 					DELETE FROM {db_prefix}themes
 					WHERE variable = {string:current_column}
 						AND value NOT IN ({array_string:new_option_values})
@@ -1941,8 +2010,8 @@ 
 						'current_column' => $context['field']['col_name'],
 					)
 				);
-		}
-		else
+			}
+		} else
 		{
 			// Gotta figure it out the order.
 			$new_order = $order_count > 1 ? ($order_count + 1) : 1;
@@ -2116,11 +2185,13 @@ 
 	call_integration_hook('integrate_prune_settings', array(&$config_vars, &$prune_toggle, false));
 
 	$prune_toggle_dt = array();
-	foreach ($prune_toggle as $item)
-		$prune_toggle_dt[] = 'setting_' . $item;
+	foreach ($prune_toggle as $item) {
+			$prune_toggle_dt[] = 'setting_' . $item;
+	}
 
-	if ($return_config)
-		return $config_vars;
+	if ($return_config) {
+			return $config_vars;
+	}
 
 	addInlineJavaScript('
 	function togglePruned()
@@ -2158,15 +2229,16 @@ 
 			$vals = array();
 			foreach ($config_vars as $index => $dummy)
 			{
-				if (!is_array($dummy) || $index == 'pruningOptions' || !in_array($dummy[1], $prune_toggle))
-					continue;
+				if (!is_array($dummy) || $index == 'pruningOptions' || !in_array($dummy[1], $prune_toggle)) {
+									continue;
+				}
 
 				$vals[] = empty($_POST[$dummy[1]]) || $_POST[$dummy[1]] < 0 ? 0 : (int) $_POST[$dummy[1]];
 			}
 			$_POST['pruningOptions'] = implode(',', $vals);
+		} else {
+					$_POST['pruningOptions'] = '';
 		}
-		else
-			$_POST['pruningOptions'] = '';
 
 		saveDBSettings($savevar);
 		$_SESSION['adm-save'] = true;
@@ -2178,10 +2250,11 @@ 
 	$context['sub_template'] = 'show_settings';
 
 	// Get the actual values
-	if (!empty($modSettings['pruningOptions']))
-		@list ($modSettings['pruneErrorLog'], $modSettings['pruneModLog'], $modSettings['pruneBanLog'], $modSettings['pruneReportLog'], $modSettings['pruneScheduledTaskLog'], $modSettings['pruneSpiderHitLog']) = explode(',', $modSettings['pruningOptions']);
-	else
-		$modSettings['pruneErrorLog'] = $modSettings['pruneModLog'] = $modSettings['pruneBanLog'] = $modSettings['pruneReportLog'] = $modSettings['pruneScheduledTaskLog'] = $modSettings['pruneSpiderHitLog'] = 0;
+	if (!empty($modSettings['pruningOptions'])) {
+			@list ($modSettings['pruneErrorLog'], $modSettings['pruneModLog'], $modSettings['pruneBanLog'], $modSettings['pruneReportLog'], $modSettings['pruneScheduledTaskLog'], $modSettings['pruneSpiderHitLog']) = explode(',', $modSettings['pruningOptions']);
+	} else {
+			$modSettings['pruneErrorLog'] = $modSettings['pruneModLog'] = $modSettings['pruneBanLog'] = $modSettings['pruneReportLog'] = $modSettings['pruneScheduledTaskLog'] = $modSettings['pruneSpiderHitLog'] = 0;
+	}
 
 	prepareDBSettingContext($config_vars);
 }
@@ -2203,8 +2276,9 @@ 
 	// Make it even easier to add new settings.
 	call_integration_hook('integrate_general_mod_settings', array(&$config_vars));
 
-	if ($return_config)
-		return $config_vars;
+	if ($return_config) {
+			return $config_vars;
+	}
 
 	$context['post_url'] = $scripturl . '?action=admin;area=modsettings;save;sa=general';
 	$context['settings_title'] = $txt['mods_cat_modifications_misc'];

Sources/CacheAPI-memcached.php

Braces +17 added lines, -12 removed lines

@@ -11,8 +11,9 @@ 
  * @version 2.1 Beta 4
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('Hacking attempt...');
+}
 
 /**
  * Our Cache API class
@@ -34,8 +35,9 @@ 
 
 		$supported = class_exists('memcached');
 
-		if ($test)
-			return $supported;
+		if ($test) {
+					return $supported;
+		}
 		return parent::isSupported() && $supported && !empty($cache_memcached);
 	}
 
@@ -53,9 +55,9 @@ 
 		$currentServers = $this->memcached->getServerList();
 		foreach ($servers as $server)
 		{
-			if (strpos($server,'/') !== false)
-				$tempServer = array($server, 0);
-			else
+			if (strpos($server,'/') !== false) {
+							$tempServer = array($server, 0);
+			} else
 			{
 				$server = explode(':', $server);
 				$tempServer = array($server[0], isset($server[1]) ? $server[1] : 11211);
@@ -73,8 +75,9 @@ 
 			}
 
 			// Found it?
-			if (empty($foundServer))
-				$this->memcached->addServer($tempServer[0], $tempServer[1]);
+			if (empty($foundServer)) {
+							$this->memcached->addServer($tempServer[0], $tempServer[1]);
+			}
 		}
 
 		// Best guess is this worked.
@@ -91,8 +94,9 @@ 
 		$value = $this->memcached->get($key);
 
 		// $value should return either data or false (from failure, key not found or empty array).
-		if ($value === false)
-			return null;
+		if ($value === false) {
+					return null;
+		}
 		return $value;
 	}
 
@@ -135,8 +139,9 @@ 
 		$config_vars[] = $txt['cache_memcache_settings'];
 		$config_vars[] = array('cache_memcached', $txt['cache_memcache_servers'], 'file', 'text', 0, 'cache_memcached', 'postinput' => '<br><div class="smalltext"><em>' . $txt['cache_memcache_servers_subtext'] . '</em></div>');
 
-		if (!isset($context['settings_post_javascript']))
-			$context['settings_post_javascript'] = '';
+		if (!isset($context['settings_post_javascript'])) {
+					$context['settings_post_javascript'] = '';
+		}
 
 		$context['settings_post_javascript'] .= '
 			$("#cache_accelerator").change(function (e) {

Sources/CacheAPI-memcache.php

Braces +19 added lines, -14 removed lines

@@ -11,8 +11,9 @@ 
  * @version 2.1 Beta 4
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('Hacking attempt...');
+}
 
 /**
  * Our Cache API class
@@ -34,8 +35,9 @@ 
 
 		$supported = class_exists('memcache');
 
-		if ($test)
-			return $supported;
+		if ($test) {
+					return $supported;
+		}
 		return parent::isSupported() && $supported && !empty($cache_memcached);
 	}
 
@@ -61,9 +63,9 @@ 
 			$server = trim($servers[array_rand($servers)]);
 
 			// Normal host names do not contain slashes, while e.g. unix sockets do. Assume alternative transport pipe with port 0.
-			if (strpos($server,'/') !== false)
-				$host = $server;
-			else
+			if (strpos($server,'/') !== false) {
+							$host = $server;
+			} else
 			{
 				$server = explode(':', $server);
 				$host = $server[0];
@@ -71,10 +73,11 @@ 
 			}
 
 			// Don't wait too long: yes, we want the server, but we might be able to run the query faster!
-			if (empty($db_persist))
-				$connected = $this->memcache->connect($host, $port);
-			else
-				$connected = $this->memcache->pconnect($host, $port);
+			if (empty($db_persist)) {
+							$connected = $this->memcache->connect($host, $port);
+			} else {
+							$connected = $this->memcache->pconnect($host, $port);
+			}
 		}
 
 		return $connected;
@@ -90,8 +93,9 @@ 
 		$value = $this->memcache->get($key);
 
 		// $value should return either data or false (from failure, key not found or empty array).
-		if ($value === false)
-			return null;
+		if ($value === false) {
+					return null;
+		}
 		return $value;
 	}
 
@@ -132,8 +136,9 @@ 
 		$config_vars[] = $txt['cache_memcache_settings'];
 		$config_vars[] = array('cache_memcached', $txt['cache_memcache_servers'], 'file', 'text', 0, 'cache_memcached', 'postinput' => '<br><div class="smalltext"><em>' . $txt['cache_memcache_servers_subtext'] . '</em></div>');
 
-		if (!isset($context['settings_post_javascript']))
-			$context['settings_post_javascript'] = '';
+		if (!isset($context['settings_post_javascript'])) {
+					$context['settings_post_javascript'] = '';
+		}
 
 		$context['settings_post_javascript'] .= '
 			$("#cache_accelerator").change(function (e) {

index.php

Braces +38 added lines, -26 removed lines

@@ -32,16 +32,18 @@ 
 ob_start();
 
 // Do some cleaning, just in case.
-foreach (array('db_character_set', 'cachedir') as $variable)
+foreach (array('db_character_set', 'cachedir') as $variable) {
 	if (isset($GLOBALS[$variable]))
 		unset($GLOBALS[$variable], $GLOBALS[$variable]);
+}
 
 // Load the settings...
 require_once(dirname(__FILE__) . '/Settings.php');
 
 // Make absolutely sure the cache directory is defined.
-if ((empty($cachedir) || !file_exists($cachedir)) && file_exists($boarddir . '/cache'))
+if ((empty($cachedir) || !file_exists($cachedir)) && file_exists($boarddir . '/cache')) {
 	$cachedir = $boarddir . '/cache';
+}
 
 // Without those we can't go anywhere
 require_once($sourcedir . '/QueryString.php');
@@ -51,8 +53,9 @@ 
 require_once($sourcedir . '/Load.php');
 
 // If $maintenance is set specifically to 2, then we're upgrading or something.
-if (!empty($maintenance) && $maintenance == 2)
+if (!empty($maintenance) && $maintenance == 2) {
 	display_maintenance_message();
+}
 
 // Create a variable to store some SMF specific functions in.
 $smcFunc = array();
@@ -67,8 +70,9 @@ 
 cleanRequest();
 
 // Seed the random generator.
-if (empty($modSettings['rand_seed']) || mt_rand(1, 250) == 69)
+if (empty($modSettings['rand_seed']) || mt_rand(1, 250) == 69) {
 	smf_seed_generator();
+}
 
 // Before we get carried away, are we doing a scheduled task? If so save CPU cycles by jumping out!
 if (isset($_GET['scheduled']))
@@ -88,9 +92,9 @@ 
 if (!empty($modSettings['enableCompressedOutput']) && !headers_sent())
 {
 	// If zlib is being used, turn off output compression.
-	if (ini_get('zlib.output_compression') >= 1 || ini_get('output_handler') == 'ob_gzhandler')
-		$modSettings['enableCompressedOutput'] = '0';
-	else
+	if (ini_get('zlib.output_compression') >= 1 || ini_get('output_handler') == 'ob_gzhandler') {
+			$modSettings['enableCompressedOutput'] = '0';
+	} else
 	{
 		ob_end_clean();
 		ob_start('ob_gzhandler');
@@ -182,18 +186,21 @@ 
 	loadPermissions();
 
 	// Attachments don't require the entire theme to be loaded.
-	if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'dlattach')
-		detectBrowser();
+	if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'dlattach') {
+			detectBrowser();
+	}
 	// Load the current theme.  (note that ?theme=1 will also work, may be used for guest theming.)
-	else
-		loadTheme();
+	else {
+			loadTheme();
+	}
 
 	// Check if the user should be disallowed access.
 	is_not_banned();
 
 	// If we are in a topic and don't have permission to approve it then duck out now.
-	if (!empty($topic) && empty($board_info['cur_topic_approved']) && !allowedTo('approve_posts') && ($user_info['id'] != $board_info['cur_topic_starter'] || $user_info['is_guest']))
-		fatal_lang_error('not_a_topic', false);
+	if (!empty($topic) && empty($board_info['cur_topic_approved']) && !allowedTo('approve_posts') && ($user_info['id'] != $board_info['cur_topic_starter'] || $user_info['is_guest'])) {
+			fatal_lang_error('not_a_topic', false);
+	}
 
 	$no_stat_actions = array('clock', 'dlattach', 'findmember', 'jsoption', 'likes', 'loadeditorlocale', 'modifycat', 'requestmembers', 'smstats', 'suggest', 'about:unknown', '.xml', 'xmlhttp', 'verificationcode', 'viewquery', 'viewsmfile');
 	call_integration_hook('integrate_pre_log_stats', array(&$no_stat_actions));
@@ -204,8 +211,9 @@ 
 		writeLog();
 
 		// Track forum statistics and hits...?
-		if (!empty($modSettings['hitStats']))
-			trackStats(array('hits' => '+'));
+		if (!empty($modSettings['hitStats'])) {
+					trackStats(array('hits' => '+'));
+		}
 	}
 	unset($no_stat_actions);
 
@@ -219,13 +227,14 @@ 
 			return ($_REQUEST['action'] == 'login2' ? 'Login2' : ($_REQUEST['action'] == 'logintfa' ? 'LoginTFA' : 'Logout'));
 		}
 		// Don't even try it, sonny.
-		else
-			return 'InMaintenance';
+		else {
+					return 'InMaintenance';
+		}
 	}
 	// If guest access is off, a guest can only do one of the very few following actions.
-	elseif (empty($modSettings['allow_guestAccess']) && $user_info['is_guest'] && (!isset($_REQUEST['action']) || !in_array($_REQUEST['action'], array('coppa', 'login', 'login2', 'logintfa', 'reminder', 'activate', 'help', 'helpadmin', 'smstats', 'verificationcode', 'signup', 'signup2'))))
-		return 'KickGuest';
-	elseif (empty($_REQUEST['action']))
+	elseif (empty($modSettings['allow_guestAccess']) && $user_info['is_guest'] && (!isset($_REQUEST['action']) || !in_array($_REQUEST['action'], array('coppa', 'login', 'login2', 'logintfa', 'reminder', 'activate', 'help', 'helpadmin', 'smstats', 'verificationcode', 'signup', 'signup2')))) {
+			return 'KickGuest';
+	} elseif (empty($_REQUEST['action']))
 	{
 		// Action and board are both empty... BoardIndex! Unless someone else wants to do something different.
 		if (empty($board) && empty($topic))
@@ -239,8 +248,9 @@ 
 
 				$call = call_helper($defaultAction, true);
 
-				if (!empty($call))
-					return $call;
+				if (!empty($call)) {
+									return $call;
+				}
 			}
 
 			// No default action huh? then go to our good old BoardIndex.
@@ -370,8 +380,9 @@ 
 
 			$call = call_helper($fallbackAction, true);
 
-			if (!empty($call))
-				return $call;
+			if (!empty($call)) {
+							return $call;
+			}
 		}
 
 		// No fallback action, huh?
@@ -382,8 +393,9 @@ 
 	}
 
 	// Otherwise, it was set - so let's go to that action.
-	if (!empty($actionArray[$_REQUEST['action']][0]))
-		require_once($sourcedir . '/' . $actionArray[$_REQUEST['action']][0]);
+	if (!empty($actionArray[$_REQUEST['action']][0])) {
+			require_once($sourcedir . '/' . $actionArray[$_REQUEST['action']][0]);
+	}
 
 	// Do the right thing.
 	return call_helper($actionArray[$_REQUEST['action']][1], true);

Sources/Subscriptions-PayPal.php

Braces +83 added lines, -61 removed lines

@@ -14,8 +14,9 @@ 
 // This won't be dedicated without this - this must exist in each gateway!
 // SMF Payment Gateway: paypal
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  * Class for returning available form data for this gateway
@@ -118,8 +119,7 @@ 
 		{
 			$return_data['hidden']['p3'] = 1;
 			$return_data['hidden']['t3'] = strtoupper(substr($period, 0, 1));
-		}
-		else
+		} else
 		{
 			preg_match('~(\d*)(\w)~', $sub_data['real_length'], $match);
 			$unit = $match[1];
@@ -130,14 +130,15 @@ 
 		}
 
 		// If it's repeatable do some javascript to respect this idea.
-		if (!empty($sub_data['repeatable']))
-			$return_data['javascript'] = '
+		if (!empty($sub_data['repeatable'])) {
+					$return_data['javascript'] = '
 				document.write(\'<label for="do_paypal_recur"><input type="checkbox" name="do_paypal_recur" id="do_paypal_recur" checked onclick="switchPaypalRecur();">' . $txt['paid_make_recurring'] . '</label><br>\');
 
 				function switchPaypalRecur()
 				{
 					document.getElementById("paypal_cmd").value = document.getElementById("do_paypal_recur").checked ? "_xclick-subscriptions" : "_xclick";
 				}';
+		}
 
 		return $return_data;
 	}
@@ -160,20 +161,24 @@ 
 		global $modSettings;
 
 		// Has the user set up an email address?
-		if ((empty($modSettings['paidsubs_test']) && empty($modSettings['paypal_email'])) || (!empty($modSettings['paidsubs_test']) && empty($modSettings['paypal_sandbox_email'])))
-			return false;
+		if ((empty($modSettings['paidsubs_test']) && empty($modSettings['paypal_email'])) || (!empty($modSettings['paidsubs_test']) && empty($modSettings['paypal_sandbox_email']))) {
+					return false;
+		}
 		// Check the correct transaction types are even here.
-		if ((!isset($_POST['txn_type']) && !isset($_POST['payment_status'])) || (!isset($_POST['business']) && !isset($_POST['receiver_email'])))
-			return false;
+		if ((!isset($_POST['txn_type']) && !isset($_POST['payment_status'])) || (!isset($_POST['business']) && !isset($_POST['receiver_email']))) {
+					return false;
+		}
 		// Correct email address?
-		if (!isset($_POST['business']))
-			$_POST['business'] = $_POST['receiver_email'];
+		if (!isset($_POST['business'])) {
+					$_POST['business'] = $_POST['receiver_email'];
+		}
 
 		// Are we testing?
-		if (empty($modSettings['paidsubs_test']) && strtolower($modSettings['paypal_sandbox_email']) != strtolower($_POST['business']) && (empty($modSettings['paypal_additional_emails']) || !in_array(strtolower($_POST['business']), explode(',', strtolower($modSettings['paypal_additional_emails'])))))
-			return false;
-		elseif (strtolower($modSettings['paypal_email']) != strtolower($_POST['business']) && (empty($modSettings['paypal_additional_emails']) || !in_array(strtolower($_POST['business']), explode(',', $modSettings['paypal_additional_emails']))))
-			return false;
+		if (empty($modSettings['paidsubs_test']) && strtolower($modSettings['paypal_sandbox_email']) != strtolower($_POST['business']) && (empty($modSettings['paypal_additional_emails']) || !in_array(strtolower($_POST['business']), explode(',', strtolower($modSettings['paypal_additional_emails']))))) {
+					return false;
+		} elseif (strtolower($modSettings['paypal_email']) != strtolower($_POST['business']) && (empty($modSettings['paypal_additional_emails']) || !in_array(strtolower($_POST['business']), explode(',', $modSettings['paypal_additional_emails'])))) {
+					return false;
+		}
 		return true;
 	}
 
@@ -192,15 +197,17 @@ 
 		global $modSettings, $txt;
 
 		// Put this to some default value.
-		if (!isset($_POST['txn_type']))
-			$_POST['txn_type'] = '';
+		if (!isset($_POST['txn_type'])) {
+					$_POST['txn_type'] = '';
+		}
 
 		// Build the request string - starting with the minimum requirement.
 		$requestString = 'cmd=_notify-validate';
 
 		// Now my dear, add all the posted bits in the order we got them
-		foreach ($_POST as $k => $v)
-			$requestString .= '&' . $k . '=' . urlencode($v);
+		foreach ($_POST as $k => $v) {
+					$requestString .= '&' . $k . '=' . urlencode($v);
+		}
 
 		// Can we use curl?
 		if (function_exists('curl_init') && $curl = curl_init((!empty($modSettings['paidsubs_test']) ? 'https://www.sandbox.' : 'https://www.') . 'paypal.com/cgi-bin/webscr'))
@@ -240,14 +247,16 @@ 
 			$header .= 'Connection: close' . "\r\n\r\n";
 
 			// Open the connection.
-			if (!empty($modSettings['paidsubs_test']))
-				$fp = fsockopen('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30);
-			else
-				$fp = fsockopen('www.paypal.com', 80, $errno, $errstr, 30);
+			if (!empty($modSettings['paidsubs_test'])) {
+							$fp = fsockopen('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30);
+			} else {
+							$fp = fsockopen('www.paypal.com', 80, $errno, $errstr, 30);
+			}
 
 			// Did it work?
-			if (!$fp)
-				generateSubscriptionError($txt['paypal_could_not_connect']);
+			if (!$fp) {
+							generateSubscriptionError($txt['paypal_could_not_connect']);
+			}
 
 			// Put the data to the port.
 			fputs($fp, $header . $requestString);
@@ -256,8 +265,9 @@ 
 			while (!feof($fp))
 			{
 				$this->return_data = fgets($fp, 1024);
-				if (strcmp(trim($this->return_data), 'VERIFIED') === 0)
-					break;
+				if (strcmp(trim($this->return_data), 'VERIFIED') === 0) {
+									break;
+				}
 			}
 
 			// Clean up.
@@ -265,28 +275,34 @@ 
 		}
 
 		// If this isn't verified then give up...
-		if (strcmp(trim($this->return_data), 'VERIFIED') !== 0)
-			exit;
+		if (strcmp(trim($this->return_data), 'VERIFIED') !== 0) {
+					exit;
+		}
 
 		// Check that this is intended for us.
-		if (strtolower($modSettings['paypal_email']) != strtolower($_POST['business']) && (empty($modSettings['paypal_additional_emails']) || !in_array(strtolower($_POST['business']), explode(',', strtolower($modSettings['paypal_additional_emails'])))))
-			exit;
+		if (strtolower($modSettings['paypal_email']) != strtolower($_POST['business']) && (empty($modSettings['paypal_additional_emails']) || !in_array(strtolower($_POST['business']), explode(',', strtolower($modSettings['paypal_additional_emails']))))) {
+					exit;
+		}
 
 		// Is this a subscription - and if so is it a secondary payment that we need to process?
 		// If so, make sure we get it in the expected format. Seems PayPal sometimes sends it without urlencoding.
-		if (!empty($_POST['item_number']) && strpos($_POST['item_number'], ' ') !== false)
-			$_POST['item_number'] = str_replace(' ', '+', $_POST['item_number']);
-		if ($this->isSubscription() && (empty($_POST['item_number']) || strpos($_POST['item_number'], '+') === false))
-			// Calculate the subscription it relates to!
+		if (!empty($_POST['item_number']) && strpos($_POST['item_number'], ' ') !== false) {
+					$_POST['item_number'] = str_replace(' ', '+', $_POST['item_number']);
+		}
+		if ($this->isSubscription() && (empty($_POST['item_number']) || strpos($_POST['item_number'], '+') === false)) {
+					// Calculate the subscription it relates to!
 			$this->_findSubscription();
+		}
 
 		// Verify the currency!
-		if (strtolower($_POST['mc_currency']) !== strtolower($modSettings['paid_currency_code']))
-			exit;
+		if (strtolower($_POST['mc_currency']) !== strtolower($modSettings['paid_currency_code'])) {
+					exit;
+		}
 
 		// Can't exist if it doesn't contain anything.
-		if (empty($_POST['item_number']))
-			exit;
+		if (empty($_POST['item_number'])) {
+					exit;
+		}
 
 		// Return the id_sub and id_member
 		return explode('+', $_POST['item_number']);
@@ -299,10 +315,11 @@ 
 	 */
 	public function isRefund()
 	{
-		if ($_POST['payment_status'] === 'Refunded' || $_POST['payment_status'] === 'Reversed' || $_POST['txn_type'] === 'Refunded' || ($_POST['txn_type'] === 'reversal' && $_POST['payment_status'] === 'Completed'))
-			return true;
-		else
-			return false;
+		if ($_POST['payment_status'] === 'Refunded' || $_POST['payment_status'] === 'Reversed' || $_POST['txn_type'] === 'Refunded' || ($_POST['txn_type'] === 'reversal' && $_POST['payment_status'] === 'Completed')) {
+					return true;
+		} else {
+					return false;
+		}
 	}
 
 	/**
@@ -312,10 +329,11 @@ 
 	 */
 	public function isSubscription()
 	{
-		if (substr($_POST['txn_type'], 0, 14) === 'subscr_payment' && $_POST['payment_status'] === 'Completed')
-			return true;
-		else
-			return false;
+		if (substr($_POST['txn_type'], 0, 14) === 'subscr_payment' && $_POST['payment_status'] === 'Completed') {
+					return true;
+		} else {
+					return false;
+		}
 	}
 
 	/**
@@ -325,10 +343,11 @@ 
 	 */
 	public function isPayment()
 	{
-		if ($_POST['payment_status'] === 'Completed' && $_POST['txn_type'] === 'web_accept')
-			return true;
-		else
-			return false;
+		if ($_POST['payment_status'] === 'Completed' && $_POST['txn_type'] === 'web_accept') {
+					return true;
+		} else {
+					return false;
+		}
 	}
 
 	/**
@@ -341,10 +360,11 @@ 
 		// subscr_cancel is sent when the user cancels, subscr_eot is sent when the subscription reaches final payment
 		// Neither require us to *do* anything as per performCancel().
 		// subscr_eot, if sent, indicates an end of payments term.
-		if (substr($_POST['txn_type'], 0, 13) === 'subscr_cancel' || substr($_POST['txn_type'], 0, 10) === 'subscr_eot')
-			return true;
-		else
-			return false;
+		if (substr($_POST['txn_type'], 0, 13) === 'subscr_cancel' || substr($_POST['txn_type'], 0, 10) === 'subscr_eot') {
+					return true;
+		} else {
+					return false;
+		}
 	}
 
 	/**
@@ -408,8 +428,9 @@ 
 		global $smcFunc;
 
 		// Assume we have this?
-		if (empty($_POST['subscr_id']))
-			return false;
+		if (empty($_POST['subscr_id'])) {
+					return false;
+		}
 
 		// Do we have this in the database?
 		$request = $smcFunc['db_query']('', '
@@ -438,11 +459,12 @@ 
 						'payer_email' => $_POST['payer_email'],
 					)
 				);
-				if ($smcFunc['db_num_rows']($request) === 0)
-					return false;
+				if ($smcFunc['db_num_rows']($request) === 0) {
+									return false;
+				}
+			} else {
+							return false;
 			}
-			else
-				return false;
 		}
 		list ($member_id, $subscription_id) = $smcFunc['db_fetch_row']($request);
 		$_POST['item_number'] = $member_id . '+' . $subscription_id;

Sources/Subs-Charset.php

Braces +2 added lines, -1 removed lines

@@ -11,8 +11,9 @@
  * @version 2.1 Beta 4
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  * Converts the given UTF-8 string into lowercase.

Sources/Subs-Menu.php

Braces +75 added lines, -57 removed lines

@@ -13,8 +13,9 @@ 
  * @version 2.1 Beta 4
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  * Create a menu.
@@ -64,22 +65,26 @@ 
 	$menu_context['current_action'] = isset($menuOptions['action']) ? $menuOptions['action'] : $context['current_action'];
 
 	// Allow extend *any* menu with a single hook
-	if (!empty($menu_context['current_action']))
-		call_integration_hook('integrate_' . $menu_context['current_action'] . '_areas', array(&$menuData));
+	if (!empty($menu_context['current_action'])) {
+			call_integration_hook('integrate_' . $menu_context['current_action'] . '_areas', array(&$menuData));
+	}
 
 	// What is the current area selected?
-	if (isset($menuOptions['current_area']) || isset($_GET['area']))
-		$menu_context['current_area'] = isset($menuOptions['current_area']) ? $menuOptions['current_area'] : $_GET['area'];
+	if (isset($menuOptions['current_area']) || isset($_GET['area'])) {
+			$menu_context['current_area'] = isset($menuOptions['current_area']) ? $menuOptions['current_area'] : $_GET['area'];
+	}
 
 	// Build a list of additional parameters that should go in the URL.
 	$menu_context['extra_parameters'] = '';
-	if (!empty($menuOptions['extra_url_parameters']))
-		foreach ($menuOptions['extra_url_parameters'] as $key => $value)
+	if (!empty($menuOptions['extra_url_parameters'])) {
+			foreach ($menuOptions['extra_url_parameters'] as $key => $value)
 			$menu_context['extra_parameters'] .= ';' . $key . '=' . $value;
+	}
 
 	// Only include the session ID in the URL if it's strictly necessary.
-	if (empty($menuOptions['disable_url_session_check']))
-		$menu_context['extra_parameters'] .= ';' . $context['session_var'] . '=' . $context['session_id'];
+	if (empty($menuOptions['disable_url_session_check'])) {
+			$menu_context['extra_parameters'] .= ';' . $context['session_var'] . '=' . $context['session_id'];
+	}
 
 	$include_data = array();
 
@@ -87,8 +92,9 @@ 
 	foreach ($menuData as $section_id => $section)
 	{
 		// Is this enabled - or has as permission check - which fails?
-		if ((isset($section['enabled']) && $section['enabled'] == false) || (isset($section['permission']) && !allowedTo($section['permission'])))
-			continue;
+		if ((isset($section['enabled']) && $section['enabled'] == false) || (isset($section['permission']) && !allowedTo($section['permission']))) {
+					continue;
+		}
 
 		// Now we cycle through the sections to pick the right area.
 		foreach ($section['areas'] as $area_id => $area)
@@ -110,59 +116,57 @@ 
 					if (empty($area['hidden']))
 					{
 						// First time this section?
-						if (!isset($menu_context['sections'][$section_id]))
-							$menu_context['sections'][$section_id]['title'] = $section['title'];
+						if (!isset($menu_context['sections'][$section_id])) {
+													$menu_context['sections'][$section_id]['title'] = $section['title'];
+						}
 
 						$menu_context['sections'][$section_id]['areas'][$area_id] = array('label' => isset($area['label']) ? $area['label'] : $txt[$area_id]);
 						// We'll need the ID as well...
 						$menu_context['sections'][$section_id]['id'] = $section_id;
 						// Does it have a custom URL?
-						if (isset($area['custom_url']))
-							$menu_context['sections'][$section_id]['areas'][$area_id]['url'] = $area['custom_url'];
+						if (isset($area['custom_url'])) {
+													$menu_context['sections'][$section_id]['areas'][$area_id]['url'] = $area['custom_url'];
+						}
 
 						// Does this area have its own icon?
 						if (!isset($area['force_menu_into_arms_of_another_menu']) && $user_info['name'] == 'iamanoompaloompa')
 						{
 							$menu_context['sections'][$section_id]['areas'][$area_id] = $smcFunc['json_decode'](base64_decode('eyJsYWJlbCI6Ik9vbXBhIExvb21wYSIsInVybCI6Imh0dHBzOlwvXC9lbi53aWtpcGVkaWEub3JnXC93aWtpXC9Pb21wYV9Mb29tcGFzPyIsImljb24iOiI8aW1nIHNyYz1cImh0dHBzOlwvXC93d3cuc2ltcGxlbWFjaGluZXMub3JnXC9pbWFnZXNcL29vbXBhLmdpZlwiIGFsdD1cIkknbSBhbiBPb21wYSBMb29tcGFcIiBcLz4ifQ=='), true);
-						}
-						elseif (isset($area['icon']))
+						} elseif (isset($area['icon']))
 						{
 							if (file_exists($settings['theme_dir'] . '/images/admin/' . $area['icon']))
 							{
 								$menu_context['sections'][$section_id]['areas'][$area_id]['icon'] = '<img src="' . $settings['images_url'] . '/admin/' . $area['icon'] . '" alt="">';
-							}
-							elseif (file_exists($settings['default_theme_dir'] . '/images/admin/' . $area['icon']))
+							} elseif (file_exists($settings['default_theme_dir'] . '/images/admin/' . $area['icon']))
 							{
 								$menu_context['sections'][$section_id]['areas'][$area_id]['icon'] = '<img src="' . $settings['default_images_url'] . '/admin/' . $area['icon'] . '" alt="">';
+							} else {
+															$menu_context['sections'][$section_id]['areas'][$area_id]['icon'] = '<span class="generic_icons ' . $area['icon'] . '"></span>';
 							}
-							else
-								$menu_context['sections'][$section_id]['areas'][$area_id]['icon'] = '<span class="generic_icons ' . $area['icon'] . '"></span>';
+						} else {
+													$menu_context['sections'][$section_id]['areas'][$area_id]['icon'] = '<span class="generic_icons ' . $area_id . '"></span>';
 						}
-						else
-							$menu_context['sections'][$section_id]['areas'][$area_id]['icon'] = '<span class="generic_icons ' . $area_id . '"></span>';
 
 						if (isset($area['icon_class']) && empty($menu_context['sections'][$section_id]['areas'][$area_id]['icon']))
 						{
 							$menu_context['sections'][$section_id]['areas'][$area_id]['icon_class'] = $menu_context['current_action'] . '_menu_icon ' . $area['icon_class'];
-						}
-						elseif (isset($area['icon']))
+						} elseif (isset($area['icon']))
 						{
 							if (substr($area['icon'], -4) === '.png' || substr($area['icon'], -4) === '.gif')
 							{
 								if (file_exists($settings['theme_dir'] . '/images/admin/big/' . $area['icon']))
 								{
 									$menu_context['sections'][$section_id]['areas'][$area_id]['icon_file'] = $settings['theme_url'] . '/images/admin/big/' . $area['icon'];
-								}
-								elseif (file_exists($settings['default_theme_dir'] . '/images/admin/big/' . $area['icon']))
+								} elseif (file_exists($settings['default_theme_dir'] . '/images/admin/big/' . $area['icon']))
 								{
 									$menu_context['sections'][$section_id]['areas'][$area_id]['icon_file'] = $settings['default_theme_url'] . '/images/admin/big/' . $area['icon'];
 								}
 							}
 
 							$menu_context['sections'][$section_id]['areas'][$area_id]['icon_class'] = $menu_context['current_action'] . '_menu_icon ' . str_replace(array('.png', '.gif'), '', $area['icon']);
+						} else {
+													$menu_context['sections'][$section_id]['areas'][$area_id]['icon_class'] = $menu_context['current_action'] . '_menu_icon ' . str_replace(array('.png', '.gif'), '', $area_id);
 						}
-						else
-							$menu_context['sections'][$section_id]['areas'][$area_id]['icon_class'] = $menu_context['current_action'] . '_menu_icon ' . str_replace(array('.png', '.gif'), '', $area_id);
 
 						// This is a shortcut for Font-Icon users so they don't have to re-do whole CSS.
 						$menu_context['sections'][$section_id]['areas'][$area_id]['plain_class'] = !empty($area['icon']) ? $area['icon'] : '';
@@ -179,35 +183,41 @@ 
 							{
 								if ((empty($sub[1]) || allowedTo($sub[1])) && (!isset($sub['enabled']) || !empty($sub['enabled'])))
 								{
-									if ($first_sa == null)
-										$first_sa = $sa;
+									if ($first_sa == null) {
+																			$first_sa = $sa;
+									}
 
 									$menu_context['sections'][$section_id]['areas'][$area_id]['subsections'][$sa] = array('label' => $sub[0]);
 									// Custom URL?
-									if (isset($sub['url']))
-										$menu_context['sections'][$section_id]['areas'][$area_id]['subsections'][$sa]['url'] = $sub['url'];
+									if (isset($sub['url'])) {
+																			$menu_context['sections'][$section_id]['areas'][$area_id]['subsections'][$sa]['url'] = $sub['url'];
+									}
 
 									// A bit complicated - but is this set?
 									if ($menu_context['current_area'] == $area_id)
 									{
 										// Save which is the first...
-										if (empty($first_sa))
-											$first_sa = $sa;
+										if (empty($first_sa)) {
+																					$first_sa = $sa;
+										}
 
 										// Is this the current subsection?
-										if (isset($_REQUEST['sa']) && $_REQUEST['sa'] == $sa)
-											$menu_context['current_subsection'] = $sa;
+										if (isset($_REQUEST['sa']) && $_REQUEST['sa'] == $sa) {
+																					$menu_context['current_subsection'] = $sa;
+										}
 										// Otherwise is it the default?
-										elseif (!isset($menu_context['current_subsection']) && !empty($sub[2]))
-											$menu_context['current_subsection'] = $sa;
+										elseif (!isset($menu_context['current_subsection']) && !empty($sub[2])) {
+																					$menu_context['current_subsection'] = $sa;
+										}
 									}
 
 									// Let's assume this is the last, for now.
 									$last_sa = $sa;
 								}
 								// Mark it as disabled...
-								else
-									$menu_context['sections'][$section_id]['areas'][$area_id]['subsections'][$sa]['disabled'] = true;
+								else {
+																	$menu_context['sections'][$section_id]['areas'][$area_id]['subsections'][$sa]['disabled'] = true;
+								}
 							}
 
 							// Set which one is first, last and selected in the group.
@@ -216,8 +226,9 @@ 
 								$menu_context['sections'][$section_id]['areas'][$area_id]['subsections'][$context['right_to_left'] ? $last_sa : $first_sa]['is_first'] = true;
 								$menu_context['sections'][$section_id]['areas'][$area_id]['subsections'][$context['right_to_left'] ? $first_sa : $last_sa]['is_last'] = true;
 
-								if ($menu_context['current_area'] == $area_id && !isset($menu_context['current_subsection']))
-									$menu_context['current_subsection'] = $first_sa;
+								if ($menu_context['current_area'] == $area_id && !isset($menu_context['current_subsection'])) {
+																	$menu_context['current_subsection'] = $first_sa;
+								}
 							}
 						}
 					}
@@ -251,23 +262,26 @@ 
 	$menu_context['base_url'] = isset($menuOptions['base_url']) ? $menuOptions['base_url'] : $scripturl . '?action=' . $menu_context['current_action'];
 
 	// If we didn't find the area we were looking for go to a default one.
-	if (isset($backup_area) && empty($found_section))
-		$menu_context['current_area'] = $backup_area;
+	if (isset($backup_area) && empty($found_section)) {
+			$menu_context['current_area'] = $backup_area;
+	}
 
 	// If there are sections quickly goes through all the sections to check if the base menu has an url
 	if (!empty($menu_context['current_section']))
 	{
 		$menu_context['sections'][$menu_context['current_section']]['selected'] = true;
 		$menu_context['sections'][$menu_context['current_section']]['areas'][$menu_context['current_area']]['selected'] = true;
-		if (!empty($menu_context['sections'][$menu_context['current_section']]['areas'][$menu_context['current_area']]['subsections'][$context['current_subaction']]))
-			$menu_context['sections'][$menu_context['current_section']]['areas'][$menu_context['current_area']]['subsections'][$context['current_subaction']]['selected'] = true;
+		if (!empty($menu_context['sections'][$menu_context['current_section']]['areas'][$menu_context['current_area']]['subsections'][$context['current_subaction']])) {
+					$menu_context['sections'][$menu_context['current_section']]['areas'][$menu_context['current_area']]['subsections'][$context['current_subaction']]['selected'] = true;
+		}
 
-		foreach ($menu_context['sections'] as $section_id => $section)
-			foreach ($section['areas'] as $area_id => $area)
+		foreach ($menu_context['sections'] as $section_id => $section) {
+					foreach ($section['areas'] as $area_id => $area)
 			{
 				if (!isset($menu_context['sections'][$section_id]['url']))
 				{
 					$menu_context['sections'][$section_id]['url'] = isset($area['url']) ? $area['url'] : $menu_context['base_url'] . ';area=' . $area_id;
+		}
 					break;
 				}
 			}
@@ -278,8 +292,9 @@ 
 	{
 		// Never happened!
 		$context['max_menu_id']--;
-		if ($context['max_menu_id'] == 0)
-			unset($context['max_menu_id']);
+		if ($context['max_menu_id'] == 0) {
+					unset($context['max_menu_id']);
+		}
 
 		return false;
 	}
@@ -290,8 +305,9 @@ 
 	$context['template_layers'][] = $menu_context['layer_name'];
 
 	// Check we had something - for sanity sake.
-	if (empty($include_data))
-		return false;
+	if (empty($include_data)) {
+			return false;
+	}
 
 	// Finally - return information on the selected item.
 	$include_data += array(
@@ -314,12 +330,14 @@ 
 	global $context;
 
 	$menu_name = $menu_id == 'last' && isset($context['max_menu_id']) && isset($context['menu_data_' . $context['max_menu_id']]) ? 'menu_data_' . $context['max_menu_id'] : 'menu_data_' . $menu_id;
-	if (!isset($context[$menu_name]))
-		return false;
+	if (!isset($context[$menu_name])) {
+			return false;
+	}
 
 	$layer_index = array_search($context[$menu_name]['layer_name'], $context['template_layers']);
-	if ($layer_index !== false)
-		unset($context['template_layers'][$layer_index]);
+	if ($layer_index !== false) {
+			unset($context['template_layers'][$layer_index]);
+	}
 
 	unset($context[$menu_name]);
 }

Sources/LogInOut.php

Braces +158 added lines, -124 removed lines

@@ -14,8 +14,9 @@ 
  * @version 2.1 Beta 4
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  * Ask them for their login information. (shows a page for the user to type
@@ -29,8 +30,9 @@ 
 	global $txt, $context, $scripturl, $user_info;
 
 	// You are already logged in, go take a tour of the boards
-	if (!empty($user_info['id']))
-		redirectexit();
+	if (!empty($user_info['id'])) {
+			redirectexit();
+	}
 
 	// We need to load the Login template/language file.
 	loadLanguage('Login');
@@ -57,10 +59,11 @@ 
 	);
 
 	// Set the login URL - will be used when the login process is done (but careful not to send us to an attachment).
-	if (isset($_SESSION['old_url']) && strpos($_SESSION['old_url'], 'dlattach') === false && preg_match('~(board|topic)[=,]~', $_SESSION['old_url']) != 0)
-		$_SESSION['login_url'] = $_SESSION['old_url'];
-	elseif (isset($_SESSION['login_url']) && strpos($_SESSION['login_url'], 'dlattach') !== false)
-		unset($_SESSION['login_url']);
+	if (isset($_SESSION['old_url']) && strpos($_SESSION['old_url'], 'dlattach') === false && preg_match('~(board|topic)[=,]~', $_SESSION['old_url']) != 0) {
+			$_SESSION['login_url'] = $_SESSION['old_url'];
+	} elseif (isset($_SESSION['login_url']) && strpos($_SESSION['login_url'], 'dlattach') !== false) {
+			unset($_SESSION['login_url']);
+	}
 
 	// Create a one time token.
 	createToken('login');
@@ -83,8 +86,9 @@ 
 	global $cookiename, $modSettings, $context, $sourcedir, $maintenance;
 
 	// Check to ensure we're forcing SSL for authentication
-	if (!empty($modSettings['force_ssl']) && empty($maintenance) && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on'))
-		fatal_lang_error('login_ssl_required');
+	if (!empty($modSettings['force_ssl']) && empty($maintenance) && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on')) {
+			fatal_lang_error('login_ssl_required');
+	}
 
 	// Load cookie authentication stuff.
 	require_once($sourcedir . '/Subs-Auth.php');
@@ -102,19 +106,20 @@ 
 			list (,, $timeout) = $smcFunc['json_decode']($_COOKIE[$cookiename], true);
 
 			// That didn't work... Maybe it's using serialize?
-			if (is_null($timeout))
-				list (,, $timeout) = safe_unserialize($_COOKIE[$cookiename]);
-		}
-		elseif (isset($_SESSION['login_' . $cookiename]))
+			if (is_null($timeout)) {
+							list (,, $timeout) = safe_unserialize($_COOKIE[$cookiename]);
+			}
+		} elseif (isset($_SESSION['login_' . $cookiename]))
 		{
 			list (,, $timeout) = $smcFunc['json_decode']($_SESSION['login_' . $cookiename]);
 
 			// Try for old format
-			if (is_null($timeout))
-				list (,, $timeout) = safe_unserialize($_SESSION['login_' . $cookiename]);
+			if (is_null($timeout)) {
+							list (,, $timeout) = safe_unserialize($_SESSION['login_' . $cookiename]);
+			}
+		} else {
+					trigger_error('Login2(): Cannot be logged in without a session or cookie', E_USER_ERROR);
 		}
-		else
-			trigger_error('Login2(): Cannot be logged in without a session or cookie', E_USER_ERROR);
 
 		$user_settings['password_salt'] = substr(md5(mt_rand()), 0, 4);
 		updateMemberData($user_info['id'], array('password_salt' => $user_settings['password_salt']));
@@ -127,10 +132,11 @@ 
 			list ($tfamember, $tfasecret, $exp, $state, $preserve) = $tfadata;
 
 			// If we're preserving the cookie, reset it with updated salt
-			if (isset($tfamember, $tfasecret, $exp, $state, $preserve) && $preserve && time() < $exp)
-				setTFACookie(3153600, $user_info['password_salt'], hash_salt($user_settings['tfa_backup'], $user_settings['password_salt']), true);
-			else
-				setTFACookie(-3600, 0, '');
+			if (isset($tfamember, $tfasecret, $exp, $state, $preserve) && $preserve && time() < $exp) {
+							setTFACookie(3153600, $user_info['password_salt'], hash_salt($user_settings['tfa_backup'], $user_settings['password_salt']), true);
+			} else {
+							setTFACookie(-3600, 0, '');
+			}
 		}
 
 		setLoginCookie($timeout - time(), $user_info['id'], hash_salt($user_settings['passwd'], $user_settings['password_salt']));
@@ -141,20 +147,20 @@ 
 	elseif (isset($_GET['sa']) && $_GET['sa'] == 'check')
 	{
 		// Strike!  You're outta there!
-		if ($_GET['member'] != $user_info['id'])
-			fatal_lang_error('login_cookie_error', false);
+		if ($_GET['member'] != $user_info['id']) {
+					fatal_lang_error('login_cookie_error', false);
+		}
 
 		$user_info['can_mod'] = allowedTo('access_mod_center') || (!$user_info['is_guest'] && ($user_info['mod_cache']['gq'] != '0=1' || $user_info['mod_cache']['bq'] != '0=1' || ($modSettings['postmod_active'] && !empty($user_info['mod_cache']['ap']))));
 
 		// Some whitelisting for login_url...
-		if (empty($_SESSION['login_url']))
-			redirectexit(empty($user_settings['tfa_secret']) ? '' : 'action=logintfa');
-		elseif (!empty($_SESSION['login_url']) && (strpos($_SESSION['login_url'], 'http://') === false && strpos($_SESSION['login_url'], 'https://') === false))
+		if (empty($_SESSION['login_url'])) {
+					redirectexit(empty($user_settings['tfa_secret']) ? '' : 'action=logintfa');
+		} elseif (!empty($_SESSION['login_url']) && (strpos($_SESSION['login_url'], 'http://') === false && strpos($_SESSION['login_url'], 'https://') === false))
 		{
 			unset ($_SESSION['login_url']);
 			redirectexit(empty($user_settings['tfa_secret']) ? '' : 'action=logintfa');
-		}
-		else
+		} else
 		{
 			// Best not to clutter the session data too much...
 			$temp = $_SESSION['login_url'];
@@ -165,8 +171,9 @@ 
 	}
 
 	// Beyond this point you are assumed to be a guest trying to login.
-	if (!$user_info['is_guest'])
-		redirectexit();
+	if (!$user_info['is_guest']) {
+			redirectexit();
+	}
 
 	// Are you guessing with a script?
 	checkSession();
@@ -174,18 +181,21 @@ 
 	spamProtection('login');
 
 	// Set the login_url if it's not already set (but careful not to send us to an attachment).
-	if ((empty($_SESSION['login_url']) && isset($_SESSION['old_url']) && strpos($_SESSION['old_url'], 'dlattach') === false && preg_match('~(board|topic)[=,]~', $_SESSION['old_url']) != 0) || (isset($_GET['quicklogin']) && isset($_SESSION['old_url']) && strpos($_SESSION['old_url'], 'login') === false))
-		$_SESSION['login_url'] = $_SESSION['old_url'];
+	if ((empty($_SESSION['login_url']) && isset($_SESSION['old_url']) && strpos($_SESSION['old_url'], 'dlattach') === false && preg_match('~(board|topic)[=,]~', $_SESSION['old_url']) != 0) || (isset($_GET['quicklogin']) && isset($_SESSION['old_url']) && strpos($_SESSION['old_url'], 'login') === false)) {
+			$_SESSION['login_url'] = $_SESSION['old_url'];
+	}
 
 	// Been guessing a lot, haven't we?
-	if (isset($_SESSION['failed_login']) && $_SESSION['failed_login'] >= $modSettings['failed_login_threshold'] * 3)
-		fatal_lang_error('login_threshold_fail', 'login');
+	if (isset($_SESSION['failed_login']) && $_SESSION['failed_login'] >= $modSettings['failed_login_threshold'] * 3) {
+			fatal_lang_error('login_threshold_fail', 'login');
+	}
 
 	// Set up the cookie length.  (if it's invalid, just fall through and use the default.)
-	if (isset($_POST['cookieneverexp']) || (!empty($_POST['cookielength']) && $_POST['cookielength'] == -1))
-		$modSettings['cookieTime'] = 3153600;
-	elseif (!empty($_POST['cookielength']) && ($_POST['cookielength'] >= 1 && $_POST['cookielength'] <= 525600))
-		$modSettings['cookieTime'] = (int) $_POST['cookielength'];
+	if (isset($_POST['cookieneverexp']) || (!empty($_POST['cookielength']) && $_POST['cookielength'] == -1)) {
+			$modSettings['cookieTime'] = 3153600;
+	} elseif (!empty($_POST['cookielength']) && ($_POST['cookielength'] >= 1 && $_POST['cookielength'] <= 525600)) {
+			$modSettings['cookieTime'] = (int) $_POST['cookielength'];
+	}
 
 	loadLanguage('Login');
 	// Load the template stuff.
@@ -305,8 +315,9 @@ 
 			$other_passwords[] = crypt(md5($_POST['passwrd']), md5($_POST['passwrd']));
 
 			// Snitz style - SHA-256.  Technically, this is a downgrade, but most PHP configurations don't support sha256 anyway.
-			if (strlen($user_settings['passwd']) == 64 && function_exists('mhash') && defined('MHASH_SHA256'))
-				$other_passwords[] = bin2hex(mhash(MHASH_SHA256, $_POST['passwrd']));
+			if (strlen($user_settings['passwd']) == 64 && function_exists('mhash') && defined('MHASH_SHA256')) {
+							$other_passwords[] = bin2hex(mhash(MHASH_SHA256, $_POST['passwrd']));
+			}
 
 			// phpBB3 users new hashing.  We now support it as well ;).
 			$other_passwords[] = phpBB3_password_check($_POST['passwrd'], $user_settings['passwd']);
@@ -326,27 +337,29 @@ 
 			// Some common md5 ones.
 			$other_passwords[] = md5($user_settings['password_salt'] . $_POST['passwrd']);
 			$other_passwords[] = md5($_POST['passwrd'] . $user_settings['password_salt']);
-		}
-		elseif (strlen($user_settings['passwd']) == 40)
+		} elseif (strlen($user_settings['passwd']) == 40)
 		{
 			// Maybe they are using a hash from before the password fix.
 			// This is also valid for SMF 1.1 to 2.0 style of hashing, changed to bcrypt in SMF 2.1
 			$other_passwords[] = sha1(strtolower($user_settings['member_name']) . un_htmlspecialchars($_POST['passwrd']));
 
 			// BurningBoard3 style of hashing.
-			if (!empty($modSettings['enable_password_conversion']))
-				$other_passwords[] = sha1($user_settings['password_salt'] . sha1($user_settings['password_salt'] . sha1($_POST['passwrd'])));
+			if (!empty($modSettings['enable_password_conversion'])) {
+							$other_passwords[] = sha1($user_settings['password_salt'] . sha1($user_settings['password_salt'] . sha1($_POST['passwrd'])));
+			}
 
 			// Perhaps we converted to UTF-8 and have a valid password being hashed differently.
 			if ($context['character_set'] == 'UTF-8' && !empty($modSettings['previousCharacterSet']) && $modSettings['previousCharacterSet'] != 'utf8')
 			{
 				// Try iconv first, for no particular reason.
-				if (function_exists('iconv'))
-					$other_passwords['iconv'] = sha1(strtolower(iconv('UTF-8', $modSettings['previousCharacterSet'], $user_settings['member_name'])) . un_htmlspecialchars(iconv('UTF-8', $modSettings['previousCharacterSet'], $_POST['passwrd'])));
+				if (function_exists('iconv')) {
+									$other_passwords['iconv'] = sha1(strtolower(iconv('UTF-8', $modSettings['previousCharacterSet'], $user_settings['member_name'])) . un_htmlspecialchars(iconv('UTF-8', $modSettings['previousCharacterSet'], $_POST['passwrd'])));
+				}
 
 				// Say it aint so, iconv failed!
-				if (empty($other_passwords['iconv']) && function_exists('mb_convert_encoding'))
-					$other_passwords[] = sha1(strtolower(mb_convert_encoding($user_settings['member_name'], 'UTF-8', $modSettings['previousCharacterSet'])) . un_htmlspecialchars(mb_convert_encoding($_POST['passwrd'], 'UTF-8', $modSettings['previousCharacterSet'])));
+				if (empty($other_passwords['iconv']) && function_exists('mb_convert_encoding')) {
+									$other_passwords[] = sha1(strtolower(mb_convert_encoding($user_settings['member_name'], 'UTF-8', $modSettings['previousCharacterSet'])) . un_htmlspecialchars(mb_convert_encoding($_POST['passwrd'], 'UTF-8', $modSettings['previousCharacterSet'])));
+				}
 			}
 		}
 
@@ -376,8 +389,9 @@ 
 			$_SESSION['failed_login'] = isset($_SESSION['failed_login']) ? ($_SESSION['failed_login'] + 1) : 1;
 
 			// Hmm... don't remember it, do you?  Here, try the password reminder ;).
-			if ($_SESSION['failed_login'] >= $modSettings['failed_login_threshold'])
-				redirectexit('action=reminder');
+			if ($_SESSION['failed_login'] >= $modSettings['failed_login_threshold']) {
+							redirectexit('action=reminder');
+			}
 			// We'll give you another chance...
 			else
 			{
@@ -388,8 +402,7 @@ 
 				return;
 			}
 		}
-	}
-	elseif (!empty($user_settings['passwd_flood']))
+	} elseif (!empty($user_settings['passwd_flood']))
 	{
 		// Let's be sure they weren't a little hacker.
 		validatePasswordFlood($user_settings['id_member'], $user_settings['member_name'], $user_settings['passwd_flood'], true);
@@ -406,8 +419,9 @@ 
 	}
 
 	// Check their activation status.
-	if (!checkActivation())
-		return;
+	if (!checkActivation()) {
+			return;
+	}
 
 	DoLogin();
 }
@@ -419,8 +433,9 @@ 
 {
 	global $sourcedir, $txt, $context, $user_info, $modSettings, $scripturl;
 
-	if (!$user_info['is_guest'] || empty($context['tfa_member']) || empty($modSettings['tfa_mode']))
-		fatal_lang_error('no_access', false);
+	if (!$user_info['is_guest'] || empty($context['tfa_member']) || empty($modSettings['tfa_mode'])) {
+			fatal_lang_error('no_access', false);
+	}
 
 	loadLanguage('Profile');
 	require_once($sourcedir . '/Class-TOTP.php');
@@ -428,8 +443,9 @@ 
 	$member = $context['tfa_member'];
 
 	// Prevent replay attacks by limiting at least 2 minutes before they can log in again via 2FA
-	if (time() - $member['last_login'] < 120)
-		fatal_lang_error('tfa_wait', false);
+	if (time() - $member['last_login'] < 120) {
+			fatal_lang_error('tfa_wait', false);
+	}
 
 	$totp = new \TOTP\Auth($member['tfa_secret']);
 	$totp->setRange(1);
@@ -443,8 +459,9 @@ 
 	if (!empty($_POST['tfa_code']) && empty($_POST['tfa_backup']))
 	{
 		// Check to ensure we're forcing SSL for authentication
-		if (!empty($modSettings['force_ssl']) && empty($maintenance) && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on'))
-			fatal_lang_error('login_ssl_required');
+		if (!empty($modSettings['force_ssl']) && empty($maintenance) && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on')) {
+					fatal_lang_error('login_ssl_required');
+		}
 
 		$code = $_POST['tfa_code'];
 
@@ -454,20 +471,19 @@ 
 
 			setTFACookie(3153600, $member['id_member'], hash_salt($member['tfa_backup'], $member['password_salt']), !empty($_POST['tfa_preserve']));
 			redirectexit();
-		}
-		else
+		} else
 		{
 			validatePasswordFlood($member['id_member'], $member['member_name'], $member['passwd_flood'], false, true);
 
 			$context['tfa_error'] = true;
 			$context['tfa_value'] = $_POST['tfa_code'];
 		}
-	}
-	elseif (!empty($_POST['tfa_backup']))
+	} elseif (!empty($_POST['tfa_backup']))
 	{
 		// Check to ensure we're forcing SSL for authentication
-		if (!empty($modSettings['force_ssl']) && empty($maintenance) && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on'))
-			fatal_lang_error('login_ssl_required');
+		if (!empty($modSettings['force_ssl']) && empty($maintenance) && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on')) {
+					fatal_lang_error('login_ssl_required');
+		}
 
 		$backup = $_POST['tfa_backup'];
 
@@ -481,8 +497,7 @@ 
 			));
 			setTFACookie(3153600, $member['id_member'], hash_salt($member['tfa_backup'], $member['password_salt']));
 			redirectexit('action=profile;area=tfasetup;backup');
-		}
-		else
+		} else
 		{
 			validatePasswordFlood($member['id_member'], $member['member_name'], $member['passwd_flood'], false, true);
 
@@ -505,8 +520,9 @@ 
 {
 	global $context, $txt, $scripturl, $user_settings, $modSettings;
 
-	if (!isset($context['login_errors']))
-		$context['login_errors'] = array();
+	if (!isset($context['login_errors'])) {
+			$context['login_errors'] = array();
+	}
 
 	// What is the true activation status of this account?
 	$activation_status = $user_settings['is_activated'] > 10 ? $user_settings['is_activated'] - 10 : $user_settings['is_activated'];
@@ -518,8 +534,9 @@ 
 		return false;
 	}
 	// Awaiting approval still?
-	elseif ($activation_status == 3)
-		fatal_lang_error('still_awaiting_approval', 'user');
+	elseif ($activation_status == 3) {
+			fatal_lang_error('still_awaiting_approval', 'user');
+	}
 	// Awaiting deletion, changed their mind?
 	elseif ($activation_status == 4)
 	{
@@ -527,8 +544,7 @@ 
 		{
 			updateMemberData($user_settings['id_member'], array('is_activated' => 1));
 			updateSettings(array('unapprovedMembers' => ($modSettings['unapprovedMembers'] > 0 ? $modSettings['unapprovedMembers'] - 1 : 0)));
-		}
-		else
+		} else
 		{
 			$context['disable_login_hashing'] = true;
 			$context['login_errors'][] = $txt['awaiting_delete_account'];
@@ -568,8 +584,9 @@ 
 	setLoginCookie(60 * $modSettings['cookieTime'], $user_settings['id_member'], hash_salt($user_settings['passwd'], $user_settings['password_salt']));
 
 	// Reset the login threshold.
-	if (isset($_SESSION['failed_login']))
-		unset($_SESSION['failed_login']);
+	if (isset($_SESSION['failed_login'])) {
+			unset($_SESSION['failed_login']);
+	}
 
 	$user_info['is_guest'] = false;
 	$user_settings['additional_groups'] = explode(',', $user_settings['additional_groups']);
@@ -591,16 +608,18 @@ 
 			'id_member' => $user_info['id'],
 		)
 	);
-	if ($smcFunc['db_num_rows']($request) == 1)
-		$_SESSION['first_login'] = true;
-	else
-		unset($_SESSION['first_login']);
+	if ($smcFunc['db_num_rows']($request) == 1) {
+			$_SESSION['first_login'] = true;
+	} else {
+			unset($_SESSION['first_login']);
+	}
 	$smcFunc['db_free_result']($request);
 
 	// You've logged in, haven't you?
 	$update = array('member_ip' => $user_info['ip'], 'member_ip2' => $_SERVER['BAN_CHECK_IP']);
-	if (empty($user_settings['tfa_secret']))
-		$update['last_login'] = time();
+	if (empty($user_settings['tfa_secret'])) {
+			$update['last_login'] = time();
+	}
 	updateMemberData($user_info['id'], $update);
 
 	// Get rid of the online entry for that old guest....
@@ -614,8 +633,8 @@ 
 	$_SESSION['log_time'] = 0;
 
 	// Log this entry, only if we have it enabled.
-	if (!empty($modSettings['loginHistoryDays']))
-		$smcFunc['db_insert']('insert',
+	if (!empty($modSettings['loginHistoryDays'])) {
+			$smcFunc['db_insert']('insert',
 			'{db_prefix}member_logins',
 			array(
 				'id_member' => 'int', 'time' => 'int', 'ip' => 'inet', 'ip2' => 'inet',
@@ -627,13 +646,15 @@ 
 				'id_member', 'time'
 			)
 		);
+	}
 
 	// Just log you back out if it's in maintenance mode and you AREN'T an admin.
-	if (empty($maintenance) || allowedTo('admin_forum'))
-		redirectexit('action=login2;sa=check;member=' . $user_info['id'], $context['server']['needs_login_fix']);
-	else
-		redirectexit('action=logout;' . $context['session_var'] . '=' . $context['session_id'], $context['server']['needs_login_fix']);
-}
+	if (empty($maintenance) || allowedTo('admin_forum')) {
+			redirectexit('action=login2;sa=check;member=' . $user_info['id'], $context['server']['needs_login_fix']);
+	} else {
+			redirectexit('action=logout;' . $context['session_var'] . '=' . $context['session_id'], $context['server']['needs_login_fix']);
+	}
+	}
 
 /**
  * Logs the current user out of their account.
@@ -649,13 +670,15 @@ 
 	global $sourcedir, $user_info, $user_settings, $context, $smcFunc, $cookiename, $modSettings;
 
 	// Make sure they aren't being auto-logged out.
-	if (!$internal)
-		checkSession('get');
+	if (!$internal) {
+			checkSession('get');
+	}
 
 	require_once($sourcedir . '/Subs-Auth.php');
 
-	if (isset($_SESSION['pack_ftp']))
-		$_SESSION['pack_ftp'] = null;
+	if (isset($_SESSION['pack_ftp'])) {
+			$_SESSION['pack_ftp'] = null;
+	}
 
 	// It won't be first login anymore.
 	unset($_SESSION['first_login']);
@@ -683,8 +706,9 @@ 
 
 	// And some other housekeeping while we're at it.
 	$salt = substr(md5(mt_rand()), 0, 4);
-	if (!empty($user_info['id']))
-		updateMemberData($user_info['id'], array('password_salt' => $salt));
+	if (!empty($user_info['id'])) {
+			updateMemberData($user_info['id'], array('password_salt' => $salt));
+	}
 
 	if (!empty($modSettings['tfa_mode']) && !empty($user_info['id']) && !empty($_COOKIE[$cookiename . '_tfa']))
 	{
@@ -693,10 +717,11 @@ 
 		list ($tfamember, $tfasecret, $exp, $state, $preserve) = $tfadata;
 
 		// If we're preserving the cookie, reset it with updated salt
-		if (isset($tfamember, $tfasecret, $exp, $state, $preserve) && $preserve && time() < $exp)
-			setTFACookie(3153600, $user_info['id'], hash_salt($user_settings['tfa_backup'], $salt), true);
-		else
-			setTFACookie(-3600, 0, '');
+		if (isset($tfamember, $tfasecret, $exp, $state, $preserve) && $preserve && time() < $exp) {
+					setTFACookie(3153600, $user_info['id'], hash_salt($user_settings['tfa_backup'], $salt), true);
+		} else {
+					setTFACookie(-3600, 0, '');
+		}
 	}
 
 	session_destroy();
@@ -704,14 +729,13 @@ 
 	// Off to the merry board index we go!
 	if ($redirect)
 	{
-		if (empty($_SESSION['logout_url']))
-			redirectexit('', $context['server']['needs_login_fix']);
-		elseif (!empty($_SESSION['logout_url']) && (strpos($_SESSION['logout_url'], 'http://') === false && strpos($_SESSION['logout_url'], 'https://') === false))
+		if (empty($_SESSION['logout_url'])) {
+					redirectexit('', $context['server']['needs_login_fix']);
+		} elseif (!empty($_SESSION['logout_url']) && (strpos($_SESSION['logout_url'], 'http://') === false && strpos($_SESSION['logout_url'], 'https://') === false))
 		{
 			unset ($_SESSION['logout_url']);
 			redirectexit();
-		}
-		else
+		} else
 		{
 			$temp = $_SESSION['logout_url'];
 			unset($_SESSION['logout_url']);
@@ -744,8 +768,9 @@ 
 function phpBB3_password_check($passwd, $passwd_hash)
 {
 	// Too long or too short?
-	if (strlen($passwd_hash) != 34)
-		return;
+	if (strlen($passwd_hash) != 34) {
+			return;
+	}
 
 	// Range of characters allowed.
 	$range = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
@@ -756,8 +781,9 @@ 
 	$salt = substr($passwd_hash, 4, 8);
 
 	$hash = md5($salt . $passwd, true);
-	for (; $count != 0; --$count)
-		$hash = md5($hash . $passwd, true);
+	for (; $count != 0; --$count) {
+			$hash = md5($hash . $passwd, true);
+	}
 
 	$output = substr($passwd_hash, 0, 12);
 	$i = 0;
@@ -766,21 +792,25 @@ 
 		$value = ord($hash[$i++]);
 		$output .= $range[$value & 0x3f];
 
-		if ($i < 16)
-			$value |= ord($hash[$i]) << 8;
+		if ($i < 16) {
+					$value |= ord($hash[$i]) << 8;
+		}
 
 		$output .= $range[($value >> 6) & 0x3f];
 
-		if ($i++ >= 16)
-			break;
+		if ($i++ >= 16) {
+					break;
+		}
 
-		if ($i < 16)
-			$value |= ord($hash[$i]) << 16;
+		if ($i < 16) {
+					$value |= ord($hash[$i]) << 16;
+		}
 
 		$output .= $range[($value >> 12) & 0x3f];
 
-		if ($i++ >= 16)
-			break;
+		if ($i++ >= 16) {
+					break;
+		}
 
 		$output .= $range[($value >> 18) & 0x3f];
 	}
@@ -812,8 +842,9 @@ 
 		require_once($sourcedir . '/Subs-Auth.php');
 		setLoginCookie(-3600, 0);
 
-		if (isset($_SESSION['login_' . $cookiename]))
-			unset($_SESSION['login_' . $cookiename]);
+		if (isset($_SESSION['login_' . $cookiename])) {
+					unset($_SESSION['login_' . $cookiename]);
+		}
 	}
 
 	// We need a member!
@@ -827,8 +858,9 @@ 
 	}
 
 	// Right, have we got a flood value?
-	if ($password_flood_value !== false)
-		@list ($time_stamp, $number_tries) = explode('|', $password_flood_value);
+	if ($password_flood_value !== false) {
+			@list ($time_stamp, $number_tries) = explode('|', $password_flood_value);
+	}
 
 	// Timestamp or number of tries invalid?
 	if (empty($number_tries) || empty($time_stamp))
@@ -844,15 +876,17 @@ 
 		$number_tries = $time_stamp < time() - 20 ? 2 : $number_tries;
 
 		// They are trying too fast, make them wait longer
-		if ($time_stamp < time() - 10)
-			$time_stamp = time();
+		if ($time_stamp < time() - 10) {
+					$time_stamp = time();
+		}
 	}
 
 	$number_tries++;
 
 	// Broken the law?
-	if ($number_tries > 5)
-		fatal_lang_error('login_threshold_brute_fail', 'login', [$member_name]);
+	if ($number_tries > 5) {
+			fatal_lang_error('login_threshold_brute_fail', 'login', [$member_name]);
+	}
 
 	// Otherwise set the members data. If they correct on their first attempt then we actually clear it, otherwise we set it!
 	updateMemberData($id_member, array('passwd_flood' => $was_correct && $number_tries == 1 ? '' : $time_stamp . '|' . $number_tries));