SimpleMachines / SMF2.1

Themes/default/Memberlist.template.php

Braces +30 added lines, -20 removed lines

@@ -27,9 +27,10 @@ 
 			<h3 class="catbg">
 				<span class="floatleft">', $txt['members_list'], '</span>';
 
-	if (!isset($context['old_search']))
-		echo '
+	if (!isset($context['old_search'])) {
+			echo '
 				<span class="floatright">', $context['letter_links'], '</span>';
+	}
 	echo '
 			</h3>
 		</div>';
@@ -44,20 +45,23 @@ 
 	foreach ($context['columns'] as $key => $column)
 	{
 		// @TODO maybe find something nicer?
-		if ($key == 'email_address' && !$context['can_send_email'])
-			continue;
+		if ($key == 'email_address' && !$context['can_send_email']) {
+					continue;
+		}
 
 		// This is a selected column, so underline it or some such.
-		if ($column['selected'])
-			echo '
+		if ($column['selected']) {
+					echo '
 						<th scope="col" class="', $key, isset($column['class']) ? ' ' . $column['class'] : '', ' selected" style="width: auto;"' . (isset($column['colspan']) ? ' colspan="' . $column['colspan'] . '"' : '') . '>
 							<a href="' . $column['href'] . '" rel="nofollow">' . $column['label'] . '</a><span class="generic_icons sort_' . $context['sort_direction'] . '"></span></th>';
+		}
 
 		// This is just some column... show the link and be done with it.
-		else
-			echo '
+		else {
+					echo '
 						<th scope="col" class="', $key, isset($column['class']) ? ' ' . $column['class'] : '', '"', isset($column['width']) ? ' style="width: ' . $column['width'] . '"' : '', isset($column['colspan']) ? ' colspan="' . $column['colspan'] . '"' : '', '>
 						', $column['link'], '</th>';
+		}
 	}
 
 	echo '
@@ -77,9 +81,10 @@ 
 						</td>
 						<td class="lefttext">', $member['link'], '</td>';
 
-			if (!isset($context['disabled_fields']['website']))
-				echo '
+			if (!isset($context['disabled_fields']['website'])) {
+							echo '
 						<td class="centertext website_url">', $member['website']['url'] != '' ? '<a href="' . $member['website']['url'] . '" target="_blank" rel="noopener"><span class="generic_icons www" title="' . $member['website']['title'] . '"></span></a>' : '', '</td>';
+			}
 
 			// Group and date.
 			echo '
@@ -92,32 +97,35 @@ 
 						<td class="centertext" style="white-space: nowrap; width: 15px">', $member['posts'], '</td>
 						<td class="centertext statsbar" style="width: 120px">';
 
-				if (!empty($member['post_percent']))
-					echo '
+				if (!empty($member['post_percent'])) {
+									echo '
 							<div class="bar" style="width: ', $member['post_percent'] + 4, 'px;">
 								<div style="width: ', $member['post_percent'], 'px;"></div>
 							</div>';
+				}
 
 				echo '
 						</td>';
 			}
 
 			// Show custom fields marked to be shown here
-			if (!empty($context['custom_profile_fields']['columns']))
-				foreach ($context['custom_profile_fields']['columns'] as $key => $column)
+			if (!empty($context['custom_profile_fields']['columns'])) {
+							foreach ($context['custom_profile_fields']['columns'] as $key => $column)
 					echo '
 						<td class="righttext">', $member['options'][$key], '</td>';
+			}
 
 			echo '
 					</tr>';
 		}
 	}
 	// No members?
-	else
-		echo '
+	else {
+			echo '
 					<tr>
 						<td colspan="', $context['colspan'], '" class="windowbg">', $txt['search_no_results'], '</td>
 					</tr>';
+	}
 
 	echo '
 				</tbody>
@@ -130,11 +138,12 @@ 
 			<div class="pagelinks floatleft">', $context['page_index'], '</div>';
 
 	// If it is displaying the result of a search show a "search again" link to edit their criteria.
-	if (isset($context['old_search']))
-		echo '
+	if (isset($context['old_search'])) {
+			echo '
 			<div class="buttonlist floatright">
 				<a class="button" href="', $scripturl, '?action=mlist;sa=search;search=', $context['old_search_value'], '">', $txt['mlist_search_again'], '</a>
 			</div>';
+	}
 	echo '
 		</div>
 	</div><!-- #memberlist -->';
@@ -174,12 +183,13 @@ 
 					<dd>
 						<ul>';
 
-	foreach ($context['search_fields'] as $id => $title)
-		echo '
+	foreach ($context['search_fields'] as $id => $title) {
+			echo '
 							<li>
 								<input type="checkbox" name="fields[]" id="fields-', $id, '" value="', $id, '"', in_array($id, $context['search_defaults']) ? ' checked' : '', '>
 								<label for="fields-', $id, '">', $title, '</label>
 							</li>';
+	}
 
 	echo '
 						</ul>

Sources/LogInOut.php

Braces +163 added lines, -127 removed lines

@@ -14,8 +14,9 @@ 
  * @version 2.1 Beta 4
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  * Ask them for their login information. (shows a page for the user to type
@@ -29,8 +30,9 @@ 
 	global $txt, $context, $scripturl, $user_info;
 
 	// You are already logged in, go take a tour of the boards
-	if (!empty($user_info['id']))
-		redirectexit();
+	if (!empty($user_info['id'])) {
+			redirectexit();
+	}
 
 	// We need to load the Login template/language file.
 	loadLanguage('Login');
@@ -57,10 +59,11 @@ 
 	);
 
 	// Set the login URL - will be used when the login process is done (but careful not to send us to an attachment).
-	if (isset($_SESSION['old_url']) && strpos($_SESSION['old_url'], 'dlattach') === false && preg_match('~(board|topic)[=,]~', $_SESSION['old_url']) != 0)
-		$_SESSION['login_url'] = $_SESSION['old_url'];
-	elseif (isset($_SESSION['login_url']) && strpos($_SESSION['login_url'], 'dlattach') !== false)
-		unset($_SESSION['login_url']);
+	if (isset($_SESSION['old_url']) && strpos($_SESSION['old_url'], 'dlattach') === false && preg_match('~(board|topic)[=,]~', $_SESSION['old_url']) != 0) {
+			$_SESSION['login_url'] = $_SESSION['old_url'];
+	} elseif (isset($_SESSION['login_url']) && strpos($_SESSION['login_url'], 'dlattach') !== false) {
+			unset($_SESSION['login_url']);
+	}
 
 	// Create a one time token.
 	createToken('login');
@@ -83,8 +86,9 @@ 
 	global $cookiename, $modSettings, $context, $sourcedir, $maintenance;
 
 	// Check to ensure we're forcing SSL for authentication
-	if (!empty($modSettings['force_ssl']) && empty($maintenance) && !httpsOn())
-		fatal_lang_error('login_ssl_required');
+	if (!empty($modSettings['force_ssl']) && empty($maintenance) && !httpsOn()) {
+			fatal_lang_error('login_ssl_required');
+	}
 
 	// Load cookie authentication stuff.
 	require_once($sourcedir . '/Subs-Auth.php');
@@ -98,23 +102,26 @@ 
 	if (isset($_GET['sa']) && $_GET['sa'] == 'salt' && !$user_info['is_guest'])
 	{
 		// First check for 2.1 json-format cookie in $_COOKIE
-		if (isset($_COOKIE[$cookiename]) && preg_match('~^{"0":\d+,"1":"[0-9a-f]*","2":\d+~', $_COOKIE[$cookiename]) === 1)
-			list (,, $timeout) = $smcFunc['json_decode']($_COOKIE[$cookiename], true);
+		if (isset($_COOKIE[$cookiename]) && preg_match('~^{"0":\d+,"1":"[0-9a-f]*","2":\d+~', $_COOKIE[$cookiename]) === 1) {
+					list (,, $timeout) = $smcFunc['json_decode']($_COOKIE[$cookiename], true);
+		}
 
 		// Try checking for 2.1 json-format cookie in $_SESSION
-		elseif (isset($_SESSION['login_' . $cookiename]) && preg_match('~^{"0":\d+,"1":"[0-9a-f]*","2":\d+~', $_SESSION['login_' . $cookiename]) === 1)
-			list (,, $timeout) = $smcFunc['json_decode']($_SESSION['login_' . $cookiename]);
+		elseif (isset($_SESSION['login_' . $cookiename]) && preg_match('~^{"0":\d+,"1":"[0-9a-f]*","2":\d+~', $_SESSION['login_' . $cookiename]) === 1) {
+					list (,, $timeout) = $smcFunc['json_decode']($_SESSION['login_' . $cookiename]);
+		}
 
 		// Next, try checking for 2.0 serialized string cookie in $_COOKIE
-		elseif (isset($_COOKIE[$cookiename]) && preg_match('~^a:[34]:\{i:0;i:\d+;i:1;s:(0|128):"([a-fA-F0-9]{128})?";i:2;[id]:\d+;~', $_COOKIE[$cookiename]) === 1)
-			list (,, $timeout) = safe_unserialize($_COOKIE[$cookiename]);
+		elseif (isset($_COOKIE[$cookiename]) && preg_match('~^a:[34]:\{i:0;i:\d+;i:1;s:(0|128):"([a-fA-F0-9]{128})?";i:2;[id]:\d+;~', $_COOKIE[$cookiename]) === 1) {
+					list (,, $timeout) = safe_unserialize($_COOKIE[$cookiename]);
+		}
 
 		// Last, see if you need to fall back on checking for 2.0 serialized string cookie in $_SESSION
-		elseif (isset($_SESSION['login_' . $cookiename]) && preg_match('~^a:[34]:\{i:0;i:\d+;i:1;s:(0|128):"([a-fA-F0-9]{128})?";i:2;[id]:\d+;~', $_SESSION['login_' . $cookiename]) === 1)
-			list (,, $timeout) = safe_unserialize($_SESSION['login_' . $cookiename]);
-
-		else
-			trigger_error('Login2(): Cannot be logged in without a session or cookie', E_USER_ERROR);
+		elseif (isset($_SESSION['login_' . $cookiename]) && preg_match('~^a:[34]:\{i:0;i:\d+;i:1;s:(0|128):"([a-fA-F0-9]{128})?";i:2;[id]:\d+;~', $_SESSION['login_' . $cookiename]) === 1) {
+					list (,, $timeout) = safe_unserialize($_SESSION['login_' . $cookiename]);
+		} else {
+					trigger_error('Login2(): Cannot be logged in without a session or cookie', E_USER_ERROR);
+		}
 
 		$user_settings['password_salt'] = substr(md5(mt_rand()), 0, 4);
 		updateMemberData($user_info['id'], array('password_salt' => $user_settings['password_salt']));
@@ -127,10 +134,11 @@ 
 			list ($tfamember, $tfasecret, $exp, $domain, $path, $preserve) = $tfadata;
 
 			// If we're preserving the cookie, reset it with updated salt
-			if (isset($tfamember, $tfasecret, $exp, $domain, $path, $preserve) && $preserve && time() < $exp)
-				setTFACookie(3153600, $user_info['password_salt'], hash_salt($user_settings['tfa_backup'], $user_settings['password_salt']), true);
-			else
-				setTFACookie(-3600, 0, '');
+			if (isset($tfamember, $tfasecret, $exp, $domain, $path, $preserve) && $preserve && time() < $exp) {
+							setTFACookie(3153600, $user_info['password_salt'], hash_salt($user_settings['tfa_backup'], $user_settings['password_salt']), true);
+			} else {
+							setTFACookie(-3600, 0, '');
+			}
 		}
 
 		setLoginCookie($timeout - time(), $user_info['id'], hash_salt($user_settings['passwd'], $user_settings['password_salt']));
@@ -141,20 +149,20 @@ 
 	elseif (isset($_GET['sa']) && $_GET['sa'] == 'check')
 	{
 		// Strike!  You're outta there!
-		if ($_GET['member'] != $user_info['id'])
-			fatal_lang_error('login_cookie_error', false);
+		if ($_GET['member'] != $user_info['id']) {
+					fatal_lang_error('login_cookie_error', false);
+		}
 
 		$user_info['can_mod'] = allowedTo('access_mod_center') || (!$user_info['is_guest'] && ($user_info['mod_cache']['gq'] != '0=1' || $user_info['mod_cache']['bq'] != '0=1' || ($modSettings['postmod_active'] && !empty($user_info['mod_cache']['ap']))));
 
 		// Some whitelisting for login_url...
-		if (empty($_SESSION['login_url']))
-			redirectexit(empty($user_settings['tfa_secret']) ? '' : 'action=logintfa');
-		elseif (!empty($_SESSION['login_url']) && (strpos($_SESSION['login_url'], 'http://') === false && strpos($_SESSION['login_url'], 'https://') === false))
+		if (empty($_SESSION['login_url'])) {
+					redirectexit(empty($user_settings['tfa_secret']) ? '' : 'action=logintfa');
+		} elseif (!empty($_SESSION['login_url']) && (strpos($_SESSION['login_url'], 'http://') === false && strpos($_SESSION['login_url'], 'https://') === false))
 		{
 			unset ($_SESSION['login_url']);
 			redirectexit(empty($user_settings['tfa_secret']) ? '' : 'action=logintfa');
-		}
-		else
+		} else
 		{
 			// Best not to clutter the session data too much...
 			$temp = $_SESSION['login_url'];
@@ -165,8 +173,9 @@ 
 	}
 
 	// Beyond this point you are assumed to be a guest trying to login.
-	if (!$user_info['is_guest'])
-		redirectexit();
+	if (!$user_info['is_guest']) {
+			redirectexit();
+	}
 
 	// Are you guessing with a script?
 	checkSession();
@@ -174,18 +183,21 @@ 
 	spamProtection('login');
 
 	// Set the login_url if it's not already set (but careful not to send us to an attachment).
-	if ((empty($_SESSION['login_url']) && isset($_SESSION['old_url']) && strpos($_SESSION['old_url'], 'dlattach') === false && preg_match('~(board|topic)[=,]~', $_SESSION['old_url']) != 0) || (isset($_GET['quicklogin']) && isset($_SESSION['old_url']) && strpos($_SESSION['old_url'], 'login') === false))
-		$_SESSION['login_url'] = $_SESSION['old_url'];
+	if ((empty($_SESSION['login_url']) && isset($_SESSION['old_url']) && strpos($_SESSION['old_url'], 'dlattach') === false && preg_match('~(board|topic)[=,]~', $_SESSION['old_url']) != 0) || (isset($_GET['quicklogin']) && isset($_SESSION['old_url']) && strpos($_SESSION['old_url'], 'login') === false)) {
+			$_SESSION['login_url'] = $_SESSION['old_url'];
+	}
 
 	// Been guessing a lot, haven't we?
-	if (isset($_SESSION['failed_login']) && $_SESSION['failed_login'] >= $modSettings['failed_login_threshold'] * 3)
-		fatal_lang_error('login_threshold_fail', 'login');
+	if (isset($_SESSION['failed_login']) && $_SESSION['failed_login'] >= $modSettings['failed_login_threshold'] * 3) {
+			fatal_lang_error('login_threshold_fail', 'login');
+	}
 
 	// Set up the cookie length.  (if it's invalid, just fall through and use the default.)
-	if (isset($_POST['cookieneverexp']) || (!empty($_POST['cookielength']) && $_POST['cookielength'] == -1))
-		$modSettings['cookieTime'] = 3153600;
-	elseif (!empty($_POST['cookielength']) && ($_POST['cookielength'] >= 1 && $_POST['cookielength'] <= 525600))
-		$modSettings['cookieTime'] = (int) $_POST['cookielength'];
+	if (isset($_POST['cookieneverexp']) || (!empty($_POST['cookielength']) && $_POST['cookielength'] == -1)) {
+			$modSettings['cookieTime'] = 3153600;
+	} elseif (!empty($_POST['cookielength']) && ($_POST['cookielength'] >= 1 && $_POST['cookielength'] <= 525600)) {
+			$modSettings['cookieTime'] = (int) $_POST['cookielength'];
+	}
 
 	loadLanguage('Login');
 	// Load the template stuff.
@@ -305,8 +317,9 @@ 
 			$other_passwords[] = crypt(md5($_POST['passwrd']), md5($_POST['passwrd']));
 
 			// Snitz style - SHA-256.  Technically, this is a downgrade, but most PHP configurations don't support sha256 anyway.
-			if (strlen($user_settings['passwd']) == 64 && function_exists('mhash') && defined('MHASH_SHA256'))
-				$other_passwords[] = bin2hex(mhash(MHASH_SHA256, $_POST['passwrd']));
+			if (strlen($user_settings['passwd']) == 64 && function_exists('mhash') && defined('MHASH_SHA256')) {
+							$other_passwords[] = bin2hex(mhash(MHASH_SHA256, $_POST['passwrd']));
+			}
 
 			// phpBB3 users new hashing.  We now support it as well ;).
 			$other_passwords[] = phpBB3_password_check($_POST['passwrd'], $user_settings['passwd']);
@@ -326,27 +339,29 @@ 
 			// Some common md5 ones.
 			$other_passwords[] = md5($user_settings['password_salt'] . $_POST['passwrd']);
 			$other_passwords[] = md5($_POST['passwrd'] . $user_settings['password_salt']);
-		}
-		elseif (strlen($user_settings['passwd']) == 40)
+		} elseif (strlen($user_settings['passwd']) == 40)
 		{
 			// Maybe they are using a hash from before the password fix.
 			// This is also valid for SMF 1.1 to 2.0 style of hashing, changed to bcrypt in SMF 2.1
 			$other_passwords[] = sha1(strtolower($user_settings['member_name']) . un_htmlspecialchars($_POST['passwrd']));
 
 			// BurningBoard3 style of hashing.
-			if (!empty($modSettings['enable_password_conversion']))
-				$other_passwords[] = sha1($user_settings['password_salt'] . sha1($user_settings['password_salt'] . sha1($_POST['passwrd'])));
+			if (!empty($modSettings['enable_password_conversion'])) {
+							$other_passwords[] = sha1($user_settings['password_salt'] . sha1($user_settings['password_salt'] . sha1($_POST['passwrd'])));
+			}
 
 			// Perhaps we converted to UTF-8 and have a valid password being hashed differently.
 			if ($context['character_set'] == 'UTF-8' && !empty($modSettings['previousCharacterSet']) && $modSettings['previousCharacterSet'] != 'utf8')
 			{
 				// Try iconv first, for no particular reason.
-				if (function_exists('iconv'))
-					$other_passwords['iconv'] = sha1(strtolower(iconv('UTF-8', $modSettings['previousCharacterSet'], $user_settings['member_name'])) . un_htmlspecialchars(iconv('UTF-8', $modSettings['previousCharacterSet'], $_POST['passwrd'])));
+				if (function_exists('iconv')) {
+									$other_passwords['iconv'] = sha1(strtolower(iconv('UTF-8', $modSettings['previousCharacterSet'], $user_settings['member_name'])) . un_htmlspecialchars(iconv('UTF-8', $modSettings['previousCharacterSet'], $_POST['passwrd'])));
+				}
 
 				// Say it aint so, iconv failed!
-				if (empty($other_passwords['iconv']) && function_exists('mb_convert_encoding'))
-					$other_passwords[] = sha1(strtolower(mb_convert_encoding($user_settings['member_name'], 'UTF-8', $modSettings['previousCharacterSet'])) . un_htmlspecialchars(mb_convert_encoding($_POST['passwrd'], 'UTF-8', $modSettings['previousCharacterSet'])));
+				if (empty($other_passwords['iconv']) && function_exists('mb_convert_encoding')) {
+									$other_passwords[] = sha1(strtolower(mb_convert_encoding($user_settings['member_name'], 'UTF-8', $modSettings['previousCharacterSet'])) . un_htmlspecialchars(mb_convert_encoding($_POST['passwrd'], 'UTF-8', $modSettings['previousCharacterSet'])));
+				}
 			}
 		}
 
@@ -376,8 +391,9 @@ 
 			$_SESSION['failed_login'] = isset($_SESSION['failed_login']) ? ($_SESSION['failed_login'] + 1) : 1;
 
 			// Hmm... don't remember it, do you?  Here, try the password reminder ;).
-			if ($_SESSION['failed_login'] >= $modSettings['failed_login_threshold'])
-				redirectexit('action=reminder');
+			if ($_SESSION['failed_login'] >= $modSettings['failed_login_threshold']) {
+							redirectexit('action=reminder');
+			}
 			// We'll give you another chance...
 			else
 			{
@@ -388,8 +404,7 @@ 
 				return;
 			}
 		}
-	}
-	elseif (!empty($user_settings['passwd_flood']))
+	} elseif (!empty($user_settings['passwd_flood']))
 	{
 		// Let's be sure they weren't a little hacker.
 		validatePasswordFlood($user_settings['id_member'], $user_settings['member_name'], $user_settings['passwd_flood'], true);
@@ -406,8 +421,9 @@ 
 	}
 
 	// Check their activation status.
-	if (!checkActivation())
-		return;
+	if (!checkActivation()) {
+			return;
+	}
 
 	DoLogin();
 }
@@ -419,8 +435,9 @@ 
 {
 	global $sourcedir, $txt, $context, $user_info, $modSettings, $scripturl;
 
-	if (!$user_info['is_guest'] || empty($context['tfa_member']) || empty($modSettings['tfa_mode']))
-		fatal_lang_error('no_access', false);
+	if (!$user_info['is_guest'] || empty($context['tfa_member']) || empty($modSettings['tfa_mode'])) {
+			fatal_lang_error('no_access', false);
+	}
 
 	loadLanguage('Profile');
 	require_once($sourcedir . '/Class-TOTP.php');
@@ -428,8 +445,9 @@ 
 	$member = $context['tfa_member'];
 
 	// Prevent replay attacks by limiting at least 2 minutes before they can log in again via 2FA
-	if (time() - $member['last_login'] < 120)
-		fatal_lang_error('tfa_wait', false);
+	if (time() - $member['last_login'] < 120) {
+			fatal_lang_error('tfa_wait', false);
+	}
 
 	$totp = new \TOTP\Auth($member['tfa_secret']);
 	$totp->setRange(1);
@@ -443,8 +461,9 @@ 
 	if (!empty($_POST['tfa_code']) && empty($_POST['tfa_backup']))
 	{
 		// Check to ensure we're forcing SSL for authentication
-		if (!empty($modSettings['force_ssl']) && empty($maintenance) && !httpsOn())
-			fatal_lang_error('login_ssl_required');
+		if (!empty($modSettings['force_ssl']) && empty($maintenance) && !httpsOn()) {
+					fatal_lang_error('login_ssl_required');
+		}
 
 		$code = $_POST['tfa_code'];
 
@@ -454,20 +473,19 @@ 
 
 			setTFACookie(3153600, $member['id_member'], hash_salt($member['tfa_backup'], $member['password_salt']), !empty($_POST['tfa_preserve']));
 			redirectexit();
-		}
-		else
+		} else
 		{
 			validatePasswordFlood($member['id_member'], $member['member_name'], $member['passwd_flood'], false, true);
 
 			$context['tfa_error'] = true;
 			$context['tfa_value'] = $_POST['tfa_code'];
 		}
-	}
-	elseif (!empty($_POST['tfa_backup']))
+	} elseif (!empty($_POST['tfa_backup']))
 	{
 		// Check to ensure we're forcing SSL for authentication
-		if (!empty($modSettings['force_ssl']) && empty($maintenance) && !httpsOn())
-			fatal_lang_error('login_ssl_required');
+		if (!empty($modSettings['force_ssl']) && empty($maintenance) && !httpsOn()) {
+					fatal_lang_error('login_ssl_required');
+		}
 
 		$backup = $_POST['tfa_backup'];
 
@@ -481,8 +499,7 @@ 
 			));
 			setTFACookie(3153600, $member['id_member'], hash_salt($member['tfa_backup'], $member['password_salt']));
 			redirectexit('action=profile;area=tfasetup;backup');
-		}
-		else
+		} else
 		{
 			validatePasswordFlood($member['id_member'], $member['member_name'], $member['passwd_flood'], false, true);
 
@@ -505,8 +522,9 @@ 
 {
 	global $context, $txt, $scripturl, $user_settings, $modSettings;
 
-	if (!isset($context['login_errors']))
-		$context['login_errors'] = array();
+	if (!isset($context['login_errors'])) {
+			$context['login_errors'] = array();
+	}
 
 	// What is the true activation status of this account?
 	$activation_status = $user_settings['is_activated'] > 10 ? $user_settings['is_activated'] - 10 : $user_settings['is_activated'];
@@ -518,8 +536,9 @@ 
 		return false;
 	}
 	// Awaiting approval still?
-	elseif ($activation_status == 3)
-		fatal_lang_error('still_awaiting_approval', 'user');
+	elseif ($activation_status == 3) {
+			fatal_lang_error('still_awaiting_approval', 'user');
+	}
 	// Awaiting deletion, changed their mind?
 	elseif ($activation_status == 4)
 	{
@@ -527,8 +546,7 @@ 
 		{
 			updateMemberData($user_settings['id_member'], array('is_activated' => 1));
 			updateSettings(array('unapprovedMembers' => ($modSettings['unapprovedMembers'] > 0 ? $modSettings['unapprovedMembers'] - 1 : 0)));
-		}
-		else
+		} else
 		{
 			$context['disable_login_hashing'] = true;
 			$context['login_errors'][] = $txt['awaiting_delete_account'];
@@ -568,8 +586,9 @@ 
 	setLoginCookie(60 * $modSettings['cookieTime'], $user_settings['id_member'], hash_salt($user_settings['passwd'], $user_settings['password_salt']));
 
 	// Reset the login threshold.
-	if (isset($_SESSION['failed_login']))
-		unset($_SESSION['failed_login']);
+	if (isset($_SESSION['failed_login'])) {
+			unset($_SESSION['failed_login']);
+	}
 
 	$user_info['is_guest'] = false;
 	$user_settings['additional_groups'] = explode(',', $user_settings['additional_groups']);
@@ -591,16 +610,18 @@ 
 			'id_member' => $user_info['id'],
 		)
 	);
-	if ($smcFunc['db_num_rows']($request) == 1)
-		$_SESSION['first_login'] = true;
-	else
-		unset($_SESSION['first_login']);
+	if ($smcFunc['db_num_rows']($request) == 1) {
+			$_SESSION['first_login'] = true;
+	} else {
+			unset($_SESSION['first_login']);
+	}
 	$smcFunc['db_free_result']($request);
 
 	// You've logged in, haven't you?
 	$update = array('member_ip' => $user_info['ip'], 'member_ip2' => $_SERVER['BAN_CHECK_IP']);
-	if (empty($user_settings['tfa_secret']))
-		$update['last_login'] = time();
+	if (empty($user_settings['tfa_secret'])) {
+			$update['last_login'] = time();
+	}
 	updateMemberData($user_info['id'], $update);
 
 	// Get rid of the online entry for that old guest....
@@ -614,8 +635,8 @@ 
 	$_SESSION['log_time'] = 0;
 
 	// Log this entry, only if we have it enabled.
-	if (!empty($modSettings['loginHistoryDays']))
-		$smcFunc['db_insert']('insert',
+	if (!empty($modSettings['loginHistoryDays'])) {
+			$smcFunc['db_insert']('insert',
 			'{db_prefix}member_logins',
 			array(
 				'id_member' => 'int', 'time' => 'int', 'ip' => 'inet', 'ip2' => 'inet',
@@ -627,13 +648,15 @@ 
 				'id_member', 'time'
 			)
 		);
+	}
 
 	// Just log you back out if it's in maintenance mode and you AREN'T an admin.
-	if (empty($maintenance) || allowedTo('admin_forum'))
-		redirectexit('action=login2;sa=check;member=' . $user_info['id'], $context['server']['needs_login_fix']);
-	else
-		redirectexit('action=logout;' . $context['session_var'] . '=' . $context['session_id'], $context['server']['needs_login_fix']);
-}
+	if (empty($maintenance) || allowedTo('admin_forum')) {
+			redirectexit('action=login2;sa=check;member=' . $user_info['id'], $context['server']['needs_login_fix']);
+	} else {
+			redirectexit('action=logout;' . $context['session_var'] . '=' . $context['session_id'], $context['server']['needs_login_fix']);
+	}
+	}
 
 /**
  * Logs the current user out of their account.
@@ -649,13 +672,15 @@ 
 	global $sourcedir, $user_info, $user_settings, $context, $smcFunc, $cookiename, $modSettings;
 
 	// Make sure they aren't being auto-logged out.
-	if (!$internal)
-		checkSession('get');
+	if (!$internal) {
+			checkSession('get');
+	}
 
 	require_once($sourcedir . '/Subs-Auth.php');
 
-	if (isset($_SESSION['pack_ftp']))
-		$_SESSION['pack_ftp'] = null;
+	if (isset($_SESSION['pack_ftp'])) {
+			$_SESSION['pack_ftp'] = null;
+	}
 
 	// It won't be first login anymore.
 	unset($_SESSION['first_login']);
@@ -683,8 +708,9 @@ 
 
 	// And some other housekeeping while we're at it.
 	$salt = substr(md5(mt_rand()), 0, 4);
-	if (!empty($user_info['id']))
-		updateMemberData($user_info['id'], array('password_salt' => $salt));
+	if (!empty($user_info['id'])) {
+			updateMemberData($user_info['id'], array('password_salt' => $salt));
+	}
 
 	if (!empty($modSettings['tfa_mode']) && !empty($user_info['id']) && !empty($_COOKIE[$cookiename . '_tfa']))
 	{
@@ -693,10 +719,11 @@ 
 		list ($tfamember, $tfasecret, $exp, $domain, $path, $preserve) = $tfadata;
 
 		// If we're preserving the cookie, reset it with updated salt
-		if (isset($tfamember, $tfasecret, $exp, $domain, $path, $preserve) && $preserve && time() < $exp)
-			setTFACookie(3153600, $user_info['id'], hash_salt($user_settings['tfa_backup'], $salt), true);
-		else
-			setTFACookie(-3600, 0, '');
+		if (isset($tfamember, $tfasecret, $exp, $domain, $path, $preserve) && $preserve && time() < $exp) {
+					setTFACookie(3153600, $user_info['id'], hash_salt($user_settings['tfa_backup'], $salt), true);
+		} else {
+					setTFACookie(-3600, 0, '');
+		}
 	}
 
 	session_destroy();
@@ -704,14 +731,13 @@ 
 	// Off to the merry board index we go!
 	if ($redirect)
 	{
-		if (empty($_SESSION['logout_url']))
-			redirectexit('', $context['server']['needs_login_fix']);
-		elseif (!empty($_SESSION['logout_url']) && (strpos($_SESSION['logout_url'], 'http://') === false && strpos($_SESSION['logout_url'], 'https://') === false))
+		if (empty($_SESSION['logout_url'])) {
+					redirectexit('', $context['server']['needs_login_fix']);
+		} elseif (!empty($_SESSION['logout_url']) && (strpos($_SESSION['logout_url'], 'http://') === false && strpos($_SESSION['logout_url'], 'https://') === false))
 		{
 			unset ($_SESSION['logout_url']);
 			redirectexit();
-		}
-		else
+		} else
 		{
 			$temp = $_SESSION['logout_url'];
 			unset($_SESSION['logout_url']);
@@ -744,8 +770,9 @@ 
 function phpBB3_password_check($passwd, $passwd_hash)
 {
 	// Too long or too short?
-	if (strlen($passwd_hash) != 34)
-		return;
+	if (strlen($passwd_hash) != 34) {
+			return;
+	}
 
 	// Range of characters allowed.
 	$range = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
@@ -756,8 +783,9 @@ 
 	$salt = substr($passwd_hash, 4, 8);
 
 	$hash = md5($salt . $passwd, true);
-	for (; $count != 0; --$count)
-		$hash = md5($hash . $passwd, true);
+	for (; $count != 0; --$count) {
+			$hash = md5($hash . $passwd, true);
+	}
 
 	$output = substr($passwd_hash, 0, 12);
 	$i = 0;
@@ -766,21 +794,25 @@ 
 		$value = ord($hash[$i++]);
 		$output .= $range[$value & 0x3f];
 
-		if ($i < 16)
-			$value |= ord($hash[$i]) << 8;
+		if ($i < 16) {
+					$value |= ord($hash[$i]) << 8;
+		}
 
 		$output .= $range[($value >> 6) & 0x3f];
 
-		if ($i++ >= 16)
-			break;
+		if ($i++ >= 16) {
+					break;
+		}
 
-		if ($i < 16)
-			$value |= ord($hash[$i]) << 16;
+		if ($i < 16) {
+					$value |= ord($hash[$i]) << 16;
+		}
 
 		$output .= $range[($value >> 12) & 0x3f];
 
-		if ($i++ >= 16)
-			break;
+		if ($i++ >= 16) {
+					break;
+		}
 
 		$output .= $range[($value >> 18) & 0x3f];
 	}
@@ -812,8 +844,9 @@ 
 		require_once($sourcedir . '/Subs-Auth.php');
 		setLoginCookie(-3600, 0);
 
-		if (isset($_SESSION['login_' . $cookiename]))
-			unset($_SESSION['login_' . $cookiename]);
+		if (isset($_SESSION['login_' . $cookiename])) {
+					unset($_SESSION['login_' . $cookiename]);
+		}
 	}
 
 	// We need a member!
@@ -827,8 +860,9 @@ 
 	}
 
 	// Right, have we got a flood value?
-	if ($password_flood_value !== false)
-		@list ($time_stamp, $number_tries) = explode('|', $password_flood_value);
+	if ($password_flood_value !== false) {
+			@list ($time_stamp, $number_tries) = explode('|', $password_flood_value);
+	}
 
 	// Timestamp or number of tries invalid?
 	if (empty($number_tries) || empty($time_stamp))
@@ -844,15 +878,17 @@ 
 		$number_tries = $time_stamp < time() - 20 ? 2 : $number_tries;
 
 		// They are trying too fast, make them wait longer
-		if ($time_stamp < time() - 10)
-			$time_stamp = time();
+		if ($time_stamp < time() - 10) {
+					$time_stamp = time();
+		}
 	}
 
 	$number_tries++;
 
 	// Broken the law?
-	if ($number_tries > 5)
-		fatal_lang_error('login_threshold_brute_fail', 'login', [$member_name]);
+	if ($number_tries > 5) {
+			fatal_lang_error('login_threshold_brute_fail', 'login', [$member_name]);
+	}
 
 	// Otherwise set the members data. If they correct on their first attempt then we actually clear it, otherwise we set it!
 	updateMemberData($id_member, array('passwd_flood' => $was_correct && $number_tries == 1 ? '' : $time_stamp . '|' . $number_tries));

Sources/Subs-Auth.php

Braces +168 added lines, -121 removed lines

@@ -13,8 +13,9 @@ 
  * @version 2.1 Beta 4
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  * Sets the SMF-style login cookie and session based on the id_member and password passed.
@@ -45,8 +46,9 @@ 
 	if (isset($_COOKIE[$cookiename]))
 	{
 		// First check for 2.1 json-format cookie
-		if (preg_match('~^{"0":\d+,"1":"[0-9a-f]*","2":\d+,"3":"[^"]+","4":"[^"]+"~', $_COOKIE[$cookiename]) === 1)
-			list(,,, $old_domain, $old_path) = $smcFunc['json_decode']($_COOKIE[$cookiename], true);
+		if (preg_match('~^{"0":\d+,"1":"[0-9a-f]*","2":\d+,"3":"[^"]+","4":"[^"]+"~', $_COOKIE[$cookiename]) === 1) {
+					list(,,, $old_domain, $old_path) = $smcFunc['json_decode']($_COOKIE[$cookiename], true);
+		}
 
 		// Legacy format (for recent 2.0 --> 2.1 upgrades)
 		elseif (preg_match('~^a:[34]:\{i:0;i:\d+;i:1;s:(0|128):"([a-fA-F0-9]{128})?";i:2;[id]:\d+;(i:3;i:\d;)?~', $_COOKIE[$cookiename]) === 1)
@@ -56,15 +58,17 @@ 
 			$cookie_state = (empty($modSettings['localCookies']) ? 0 : 1) | (empty($modSettings['globalCookies']) ? 0 : 2);
 
 			// Maybe we need to temporarily pretend to be using local cookies
-			if ($cookie_state == 0 && $old_state == 1)
-				list($old_domain, $old_path) = url_parts(true, false);
-			else
-				list($old_domain, $old_path) = url_parts($old_state & 1 > 0, $old_state & 2 > 0);
+			if ($cookie_state == 0 && $old_state == 1) {
+							list($old_domain, $old_path) = url_parts(true, false);
+			} else {
+							list($old_domain, $old_path) = url_parts($old_state & 1 > 0, $old_state & 2 > 0);
+			}
 		}
 
 		// Out with the old, in with the new!
-		if (isset($old_domain) && $old_domain != $cookie_url[0] || isset($old_path) && $old_path != $cookie_url[1])
-			smf_setcookie($cookiename, $smcFunc['json_encode'](array(0, '', 0, $old_domain, $old_path), JSON_FORCE_OBJECT), 1, $old_path, $old_domain);
+		if (isset($old_domain) && $old_domain != $cookie_url[0] || isset($old_path) && $old_path != $cookie_url[1]) {
+					smf_setcookie($cookiename, $smcFunc['json_encode'](array(0, '', 0, $old_domain, $old_path), JSON_FORCE_OBJECT), 1, $old_path, $old_domain);
+		}
 	}
 
 	// Get the data and path to set it on.
@@ -80,8 +84,9 @@ 
 	smf_setcookie($cookiename, $data, $expiry_time, $cookie_url[1], $cookie_url[0]);
 
 	// If subdomain-independent cookies are on, unset the subdomain-dependent cookie too.
-	if (empty($id) && !empty($modSettings['globalCookies']))
-		smf_setcookie($cookiename, $data, $expiry_time, $cookie_url[1], '');
+	if (empty($id) && !empty($modSettings['globalCookies'])) {
+			smf_setcookie($cookiename, $data, $expiry_time, $cookie_url[1], '');
+	}
 
 	// Any alias URLs?  This is mainly for use with frames, etc.
 	if (!empty($modSettings['forum_alias_urls']))
@@ -97,8 +102,9 @@ 
 
 			$cookie_url = url_parts(!empty($modSettings['localCookies']), !empty($modSettings['globalCookies']));
 
-			if ($cookie_url[0] == '')
-				$cookie_url[0] = strtok($alias, '/');
+			if ($cookie_url[0] == '') {
+							$cookie_url[0] = strtok($alias, '/');
+			}
 
 			$alias_data = $smcFunc['json_decode']($data);
 			$alias_data[3] = $cookie_url[0];
@@ -149,8 +155,9 @@ 
 	$identifier = $cookiename . '_tfa';
 	$cookie_url = url_parts(!empty($modSettings['localCookies']), !empty($modSettings['globalCookies']));
 
-	if ($preserve)
-		$cookie_length = 81600 * 30;
+	if ($preserve) {
+			$cookie_length = 81600 * 30;
+	}
 
 	// Get the data and path to set it on.
 	$data = $smcFunc['json_encode'](empty($id) ? array(0, '', 0, $cookie_url[0], $cookie_url[1], false) : array($id, $secret, time() + $cookie_length, $cookie_url[0], $cookie_url[1], $preserve), JSON_FORCE_OBJECT);
@@ -159,8 +166,9 @@ 
 	smf_setcookie($identifier, $data, time() + $cookie_length, $cookie_url[1], $cookie_url[0]);
 
 	// If subdomain-independent cookies are on, unset the subdomain-dependent cookie too.
-	if (empty($id) && !empty($modSettings['globalCookies']))
-		smf_setcookie($identifier, $data, time() + $cookie_length, $cookie_url[1], '');
+	if (empty($id) && !empty($modSettings['globalCookies'])) {
+			smf_setcookie($identifier, $data, time() + $cookie_length, $cookie_url[1], '');
+	}
 
 	$_COOKIE[$identifier] = $data;
 }
@@ -182,23 +190,28 @@ 
 	$parsed_url = parse_url($boardurl);
 
 	// Is local cookies off?
-	if (empty($parsed_url['path']) || !$local)
-		$parsed_url['path'] = '';
+	if (empty($parsed_url['path']) || !$local) {
+			$parsed_url['path'] = '';
+	}
 
-	if (!empty($modSettings['globalCookiesDomain']) && strpos($boardurl, $modSettings['globalCookiesDomain']) !== false)
-		$parsed_url['host'] = $modSettings['globalCookiesDomain'];
+	if (!empty($modSettings['globalCookiesDomain']) && strpos($boardurl, $modSettings['globalCookiesDomain']) !== false) {
+			$parsed_url['host'] = $modSettings['globalCookiesDomain'];
+	}
 
 	// Globalize cookies across domains (filter out IP-addresses)?
-	elseif ($global && preg_match('~^\d{1,3}(\.\d{1,3}){3}$~', $parsed_url['host']) == 0 && preg_match('~(?:[^\.]+\.)?([^\.]{2,}\..+)\z~i', $parsed_url['host'], $parts) == 1)
-		$parsed_url['host'] = '.' . $parts[1];
+	elseif ($global && preg_match('~^\d{1,3}(\.\d{1,3}){3}$~', $parsed_url['host']) == 0 && preg_match('~(?:[^\.]+\.)?([^\.]{2,}\..+)\z~i', $parsed_url['host'], $parts) == 1) {
+			$parsed_url['host'] = '.' . $parts[1];
+	}
 
 	// We shouldn't use a host at all if both options are off.
-	elseif (!$local && !$global)
-		$parsed_url['host'] = '';
+	elseif (!$local && !$global) {
+			$parsed_url['host'] = '';
+	}
 
 	// The host also shouldn't be set if there aren't any dots in it.
-	elseif (!isset($parsed_url['host']) || strpos($parsed_url['host'], '.') === false)
-		$parsed_url['host'] = '';
+	elseif (!isset($parsed_url['host']) || strpos($parsed_url['host'], '.') === false) {
+			$parsed_url['host'] = '';
+	}
 
 	return array($parsed_url['host'], $parsed_url['path'] . '/');
 }
@@ -217,8 +230,9 @@ 
 	createToken('login');
 
 	// Never redirect to an attachment
-	if (strpos($_SERVER['REQUEST_URL'], 'dlattach') === false)
-		$_SESSION['login_url'] = $_SERVER['REQUEST_URL'];
+	if (strpos($_SERVER['REQUEST_URL'], 'dlattach') === false) {
+			$_SESSION['login_url'] = $_SERVER['REQUEST_URL'];
+	}
 
 	$context['sub_template'] = 'kick_guest';
 	$context['page_title'] = $txt['login'];
@@ -273,10 +287,12 @@ 
 		$txt['security_wrong'] = sprintf($txt['security_wrong'], isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : $txt['unknown'], $_SERVER['HTTP_USER_AGENT'], $user_info['ip']);
 		log_error($txt['security_wrong'], 'critical');
 
-		if (isset($_POST[$type . '_hash_pass']))
-			unset($_POST[$type . '_hash_pass']);
-		if (isset($_POST[$type . '_pass']))
-			unset($_POST[$type . '_pass']);
+		if (isset($_POST[$type . '_hash_pass'])) {
+					unset($_POST[$type . '_hash_pass']);
+		}
+		if (isset($_POST[$type . '_pass'])) {
+					unset($_POST[$type . '_pass']);
+		}
 
 		$context['incorrect_password'] = true;
 	}
@@ -289,15 +305,17 @@ 
 
 	// Now go through $_POST.  Make sure the session hash is sent.
 	$_POST[$context['session_var']] = $context['session_id'];
-	foreach ($_POST as $k => $v)
-		$context['post_data'] .= adminLogin_outputPostVars($k, $v);
+	foreach ($_POST as $k => $v) {
+			$context['post_data'] .= adminLogin_outputPostVars($k, $v);
+	}
 
 	// Now we'll use the admin_login sub template of the Login template.
 	$context['sub_template'] = 'admin_login';
 
 	// And title the page something like "Login".
-	if (!isset($context['page_title']))
-		$context['page_title'] = $txt['login'];
+	if (!isset($context['page_title'])) {
+			$context['page_title'] = $txt['login'];
+	}
 
 	// The type of action.
 	$context['sessionCheckType'] = $type;
@@ -320,14 +338,15 @@ 
 {
 	global $smcFunc;
 
-	if (!is_array($v))
-		return '
+	if (!is_array($v)) {
+			return '
 <input type="hidden" name="' . $smcFunc['htmlspecialchars']($k) . '" value="' . strtr($v, array('"' => '&quot;', '<' => '&lt;', '>' => '&gt;')) . '">';
-	else
+	} else
 	{
 		$ret = '';
-		foreach ($v as $k2 => $v2)
-			$ret .= adminLogin_outputPostVars($k . '[' . $k2 . ']', $v2);
+		foreach ($v as $k2 => $v2) {
+					$ret .= adminLogin_outputPostVars($k . '[' . $k2 . ']', $v2);
+		}
 
 		return $ret;
 	}
@@ -354,18 +373,20 @@ 
 		foreach ($get as $k => $v)
 		{
 			// Only if it's not already in the $scripturl!
-			if (!isset($temp[$k]))
-				$query_string .= urlencode($k) . '=' . urlencode($v) . ';';
+			if (!isset($temp[$k])) {
+							$query_string .= urlencode($k) . '=' . urlencode($v) . ';';
+			}
 			// If it changed, put it out there, but with an ampersand.
-			elseif ($temp[$k] != $get[$k])
-				$query_string .= urlencode($k) . '=' . urlencode($v) . '&amp;';
+			elseif ($temp[$k] != $get[$k]) {
+							$query_string .= urlencode($k) . '=' . urlencode($v) . '&amp;';
+			}
 		}
-	}
-	else
+	} else
 	{
 		// Add up all the data from $_GET into get_data.
-		foreach ($get as $k => $v)
-			$query_string .= urlencode($k) . '=' . urlencode($v) . ';';
+		foreach ($get as $k => $v) {
+					$query_string .= urlencode($k) . '=' . urlencode($v) . ';';
+		}
 	}
 
 	$query_string = substr($query_string, 0, -1);
@@ -388,8 +409,9 @@ 
 	global $scripturl, $user_info, $smcFunc;
 
 	// If it's not already an array, make it one.
-	if (!is_array($names))
-		$names = explode(',', $names);
+	if (!is_array($names)) {
+			$names = explode(',', $names);
+	}
 
 	$maybe_email = false;
 	foreach ($names as $i => $name)
@@ -400,10 +422,11 @@ 
 		$maybe_email |= strpos($name, '@') !== false;
 
 		// Make it so standard wildcards will work. (* and ?)
-		if ($use_wildcards)
-			$names[$i] = strtr($names[$i], array('%' => '\%', '_' => '\_', '*' => '%', '?' => '_', '\'' => '&#039;'));
-		else
-			$names[$i] = strtr($names[$i], array('\'' => '&#039;'));
+		if ($use_wildcards) {
+					$names[$i] = strtr($names[$i], array('%' => '\%', '_' => '\_', '*' => '%', '?' => '_', '\'' => '&#039;'));
+		} else {
+					$names[$i] = strtr($names[$i], array('\'' => '&#039;'));
+		}
 	}
 
 	// What are we using to compare?
@@ -413,11 +436,12 @@ 
 	$results = array();
 
 	// This ensures you can't search someones email address if you can't see it.
-	if (($use_wildcards || $maybe_email) && allowedTo('moderate_forum'))
-		$email_condition = '
+	if (($use_wildcards || $maybe_email) && allowedTo('moderate_forum')) {
+			$email_condition = '
 			OR (email_address ' . $comparison . ' \'' . implode('\') OR (email_address ' . $comparison . ' \'', $names) . '\')';
-	else
-		$email_condition = '';
+	} else {
+			$email_condition = '';
+	}
 
 	// Get the case of the columns right - but only if we need to as things like MySQL will go slow needlessly otherwise.
 	$member_name = $smcFunc['db_case_sensitive'] ? 'LOWER(member_name)' : 'member_name';
@@ -475,10 +499,11 @@ 
 	$context['template_layers'] = array();
 	$context['sub_template'] = 'find_members';
 
-	if (isset($_REQUEST['search']))
-		$context['last_search'] = $smcFunc['htmlspecialchars']($_REQUEST['search'], ENT_QUOTES);
-	else
-		$_REQUEST['start'] = 0;
+	if (isset($_REQUEST['search'])) {
+			$context['last_search'] = $smcFunc['htmlspecialchars']($_REQUEST['search'], ENT_QUOTES);
+	} else {
+			$_REQUEST['start'] = 0;
+	}
 
 	// Allow the user to pass the input to be added to to the box.
 	$context['input_box_name'] = isset($_REQUEST['input']) && preg_match('~^[\w-]+$~', $_REQUEST['input']) === 1 ? $_REQUEST['input'] : 'to';
@@ -519,10 +544,10 @@ 
 		);
 
 		$context['results'] = array_slice($context['results'], $_REQUEST['start'], 7);
+	} else {
+			$context['links']['up'] = $scripturl . '?action=pm;sa=send' . (empty($_REQUEST['u']) ? '' : ';u=' . $_REQUEST['u']);
+	}
 	}
-	else
-		$context['links']['up'] = $scripturl . '?action=pm;sa=send' . (empty($_REQUEST['u']) ? '' : ';u=' . $_REQUEST['u']);
-}
 
 /**
  * Outputs each member name on its own line.
@@ -538,8 +563,9 @@ 
 	$_REQUEST['search'] = trim($smcFunc['strtolower']($_REQUEST['search']));
 	$_REQUEST['search'] = strtr($_REQUEST['search'], array('%' => '\%', '_' => '\_', '*' => '%', '?' => '_', '&#038;' => '&amp;'));
 
-	if (function_exists('iconv'))
-		header('Content-Type: text/plain; charset=UTF-8');
+	if (function_exists('iconv')) {
+			header('Content-Type: text/plain; charset=UTF-8');
+	}
 
 	$request = $smcFunc['db_query']('', '
 		SELECT real_name
@@ -559,14 +585,16 @@ 
 		if (function_exists('iconv'))
 		{
 			$utf8 = iconv($txt['lang_character_set'], 'UTF-8', $row['real_name']);
-			if ($utf8)
-				$row['real_name'] = $utf8;
+			if ($utf8) {
+							$row['real_name'] = $utf8;
+			}
 		}
 
 		$row['real_name'] = strtr($row['real_name'], array('&amp;' => '&#038;', '&lt;' => '&#060;', '&gt;' => '&#062;', '&quot;' => '&#034;'));
 
-		if (preg_match('~&#\d+;~', $row['real_name']) != 0)
-			$row['real_name'] = preg_replace_callback('~&#(\d+);~', 'fixchar__callback', $row['real_name']);
+		if (preg_match('~&#\d+;~', $row['real_name']) != 0) {
+					$row['real_name'] = preg_replace_callback('~&#(\d+);~', 'fixchar__callback', $row['real_name']);
+		}
 
 		echo $row['real_name'], "\n";
 	}
@@ -623,9 +651,9 @@ 
 
 		// Update the database...
 		updateMemberData($memID, array('member_name' => $user, 'passwd' => $newPassword_sha1));
+	} else {
+			updateMemberData($memID, array('passwd' => $newPassword_sha1));
 	}
-	else
-		updateMemberData($memID, array('passwd' => $newPassword_sha1));
 
 	call_integration_hook('integrate_reset_pass', array($old_user, $user, $newPassword));
 
@@ -656,31 +684,37 @@ 
 	$errors = array();
 
 	// Don't use too long a name.
-	if ($smcFunc['strlen']($username) > 25)
-		$errors[] = array('lang', 'error_long_name');
+	if ($smcFunc['strlen']($username) > 25) {
+			$errors[] = array('lang', 'error_long_name');
+	}
 
 	// No name?!  How can you register with no name?
-	if ($username == '')
-		$errors[] = array('lang', 'need_username');
+	if ($username == '') {
+			$errors[] = array('lang', 'need_username');
+	}
 
 	// Only these characters are permitted.
-	if (in_array($username, array('_', '|')) || preg_match('~[<>&"\'=\\\\]~', preg_replace('~&#(?:\\d{1,7}|x[0-9a-fA-F]{1,6});~', '', $username)) != 0 || strpos($username, '[code') !== false || strpos($username, '[/code') !== false)
-		$errors[] = array('lang', 'error_invalid_characters_username');
+	if (in_array($username, array('_', '|')) || preg_match('~[<>&"\'=\\\\]~', preg_replace('~&#(?:\\d{1,7}|x[0-9a-fA-F]{1,6});~', '', $username)) != 0 || strpos($username, '[code') !== false || strpos($username, '[/code') !== false) {
+			$errors[] = array('lang', 'error_invalid_characters_username');
+	}
 
-	if (stristr($username, $txt['guest_title']) !== false)
-		$errors[] = array('lang', 'username_reserved', 'general', array($txt['guest_title']));
+	if (stristr($username, $txt['guest_title']) !== false) {
+			$errors[] = array('lang', 'username_reserved', 'general', array($txt['guest_title']));
+	}
 
 	if ($check_reserved_name)
 	{
 		require_once($sourcedir . '/Subs-Members.php');
-		if (isReservedName($username, $memID, false))
-			$errors[] = array('done', '(' . $smcFunc['htmlspecialchars']($username) . ') ' . $txt['name_in_use']);
+		if (isReservedName($username, $memID, false)) {
+					$errors[] = array('done', '(' . $smcFunc['htmlspecialchars']($username) . ') ' . $txt['name_in_use']);
+		}
 	}
 
-	if ($return_error)
-		return $errors;
-	elseif (empty($errors))
-		return null;
+	if ($return_error) {
+			return $errors;
+	} elseif (empty($errors)) {
+			return null;
+	}
 
 	loadLanguage('Errors');
 	$error = $errors[0];
@@ -706,22 +740,26 @@ 
 	global $modSettings, $smcFunc;
 
 	// Perform basic requirements first.
-	if ($smcFunc['strlen']($password) < (empty($modSettings['password_strength']) ? 4 : 8))
-		return 'short';
+	if ($smcFunc['strlen']($password) < (empty($modSettings['password_strength']) ? 4 : 8)) {
+			return 'short';
+	}
 
 	// Is this enough?
-	if (empty($modSettings['password_strength']))
-		return null;
+	if (empty($modSettings['password_strength'])) {
+			return null;
+	}
 
 	// Otherwise, perform the medium strength test - checking if password appears in the restricted string.
-	if (preg_match('~\b' . preg_quote($password, '~') . '\b~', implode(' ', $restrict_in)) != 0)
-		return 'restricted_words';
-	elseif ($smcFunc['strpos']($password, $username) !== false)
-		return 'restricted_words';
+	if (preg_match('~\b' . preg_quote($password, '~') . '\b~', implode(' ', $restrict_in)) != 0) {
+			return 'restricted_words';
+	} elseif ($smcFunc['strpos']($password, $username) !== false) {
+			return 'restricted_words';
+	}
 
 	// If just medium, we're done.
-	if ($modSettings['password_strength'] == 1)
-		return null;
+	if ($modSettings['password_strength'] == 1) {
+			return null;
+	}
 
 	// Otherwise, hard test next, check for numbers and letters, uppercase too.
 	$good = preg_match('~(\D\d|\d\D)~', $password) != 0;
@@ -753,14 +791,16 @@ 
 			)
 		);
 		$groups = array();
-		while ($row = $smcFunc['db_fetch_assoc']($request))
-			$groups[] = $row['id_group'];
+		while ($row = $smcFunc['db_fetch_assoc']($request)) {
+					$groups[] = $row['id_group'];
+		}
 		$smcFunc['db_free_result']($request);
 
-		if (empty($groups))
-			$group_query = '0=1';
-		else
-			$group_query = 'id_group IN (' . implode(',', $groups) . ')';
+		if (empty($groups)) {
+					$group_query = '0=1';
+		} else {
+					$group_query = 'id_group IN (' . implode(',', $groups) . ')';
+		}
 	}
 
 	// Then, same again, just the boards this time!
@@ -770,10 +810,11 @@ 
 	{
 		$boards = boardsAllowedTo('moderate_board', true);
 
-		if (empty($boards))
-			$board_query = '0=1';
-		else
-			$board_query = 'id_board IN (' . implode(',', $boards) . ')';
+		if (empty($boards)) {
+					$board_query = '0=1';
+		} else {
+					$board_query = 'id_board IN (' . implode(',', $boards) . ')';
+		}
 	}
 
 	// What boards are they the moderator of?
@@ -788,8 +829,9 @@ 
 				'current_member' => $user_info['id'],
 			)
 		);
-		while ($row = $smcFunc['db_fetch_assoc']($request))
-			$boards_mod[] = $row['id_board'];
+		while ($row = $smcFunc['db_fetch_assoc']($request)) {
+					$boards_mod[] = $row['id_board'];
+		}
 		$smcFunc['db_free_result']($request);
 
 		// Can any of the groups they're in moderate any of the boards?
@@ -801,8 +843,9 @@ 
 				'groups' => $user_info['groups'],
 			)
 		);
-		while ($row = $smcFunc['db_fetch_assoc']($request))
-			$boards_mod[] = $row['id_board'];
+		while ($row = $smcFunc['db_fetch_assoc']($request)) {
+					$boards_mod[] = $row['id_board'];
+		}
 		$smcFunc['db_free_result']($request);
 
 		// Just in case we've got duplicates here...
@@ -847,10 +890,12 @@ 
 	global $modSettings;
 
 	// In case a customization wants to override the default settings
-	if ($httponly === null)
-		$httponly = !empty($modSettings['httponlyCookies']);
-	if ($secure === null)
-		$secure = !empty($modSettings['secureCookies']);
+	if ($httponly === null) {
+			$httponly = !empty($modSettings['httponlyCookies']);
+	}
+	if ($secure === null) {
+			$secure = !empty($modSettings['secureCookies']);
+	}
 
 	// Intercept cookie?
 	call_integration_hook('integrate_cookie', array($name, $value, $expire, $path, $domain, $secure, $httponly));
@@ -870,8 +915,9 @@ 
 function hash_password($username, $password, $cost = null)
 {
 	global $sourcedir, $smcFunc, $modSettings;
-	if (!function_exists('password_hash'))
-		require_once($sourcedir . '/Subs-Password.php');
+	if (!function_exists('password_hash')) {
+			require_once($sourcedir . '/Subs-Password.php');
+	}
 
 	$cost = empty($cost) ? (empty($modSettings['bcrypt_hash_cost']) ? 10 : $modSettings['bcrypt_hash_cost']) : $cost;
 
@@ -903,8 +949,9 @@ 
 function hash_verify_password($username, $password, $hash)
 {
 	global $sourcedir, $smcFunc;
-	if (!function_exists('password_verify'))
-		require_once($sourcedir . '/Subs-Password.php');
+	if (!function_exists('password_verify')) {
+			require_once($sourcedir . '/Subs-Password.php');
+	}
 
 	return password_verify($smcFunc['strtolower']($username) . $password, $hash);
 }

other/install.php

Spacing +2 added lines, -3 removed lines

@@ -1697,8 +1697,7 @@ 
 	updateStats('topic');
 
 	// This function is needed to do the updateStats('subject') call.
-	$smcFunc['strtolower'] = $db_character_set != 'utf8' && $txt['lang_character_set'] != 'UTF-8' ? 'strtolower' :
-		function($string){
+	$smcFunc['strtolower'] = $db_character_set != 'utf8' && $txt['lang_character_set'] != 'UTF-8' ? 'strtolower' : function($string) {
 			global $sourcedir;
 			if (function_exists('mb_strtolower'))
 				return mb_strtolower($string, 'UTF-8');
@@ -1767,7 +1766,7 @@ 
 		if (trim($settingsArray[$i]) == 'if (file_exists(dirname(__FILE__) . \'/install.php\'))' && trim($settingsArray[$i + 1]) == '{' && trim($settingsArray[$i + 9]) == '}')
 		{
 			// Set the ten lines to nothing.
-			for ($j=0; $j < 10; $j++)
+			for ($j = 0; $j < 10; $j++)
 				$settingsArray[$i++] = '';
 
 			continue;

Braces +465 added lines, -346 removed lines

@@ -20,8 +20,9 @@ 
 // ><html dir="ltr"><head><title>Error!</title></head><body>Sorry, this installer requires PHP!<div style="display: none;">
 
 // Let's pull in useful classes
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	define('SMF', 1);
+}
 
 require_once('Sources/Class-Package.php');
 
@@ -63,10 +64,11 @@ 
 
 			list ($charcode) = pg_fetch_row($request);
 
-			if ($charcode == 'UTF8')
-				return true;
-			else
-				return false;
+			if ($charcode == 'UTF8') {
+							return true;
+			} else {
+							return false;
+			}
 		},
 		'utf8_version' => '8.0',
 		'utf8_version_check' => '$request = pg_query(\'SELECT version()\'); list ($version) = pg_fetch_row($request); list($pgl, $version) = explode(" ", $version); return $version;',
@@ -76,12 +78,14 @@ 
 			$value = preg_replace('~[^A-Za-z0-9_\$]~', '', $value);
 
 			// Is it reserved?
-			if ($value == 'pg_')
-				return $txt['error_db_prefix_reserved'];
+			if ($value == 'pg_') {
+							return $txt['error_db_prefix_reserved'];
+			}
 
 			// Is the prefix numeric?
-			if (preg_match('~^\d~', $value))
-				return $txt['error_db_prefix_numeric'];
+			if (preg_match('~^\d~', $value)) {
+							return $txt['error_db_prefix_numeric'];
+			}
 
 			return true;
 		},
@@ -128,10 +132,11 @@ 
 		$incontext['skip'] = false;
 
 		// Call the step and if it returns false that means pause!
-		if (function_exists($step[2]) && $step[2]() === false)
-			break;
-		elseif (function_exists($step[2]))
-			$incontext['current_step']++;
+		if (function_exists($step[2]) && $step[2]() === false) {
+					break;
+		} elseif (function_exists($step[2])) {
+					$incontext['current_step']++;
+		}
 
 		// No warnings pass on.
 		$incontext['warning'] = '';
@@ -147,8 +152,9 @@ 
 	global $databases;
 
 	// Just so people using older versions of PHP aren't left in the cold.
-	if (!isset($_SERVER['PHP_SELF']))
-		$_SERVER['PHP_SELF'] = isset($GLOBALS['HTTP_SERVER_VARS']['PHP_SELF']) ? $GLOBALS['HTTP_SERVER_VARS']['PHP_SELF'] : 'install.php';
+	if (!isset($_SERVER['PHP_SELF'])) {
+			$_SERVER['PHP_SELF'] = isset($GLOBALS['HTTP_SERVER_VARS']['PHP_SELF']) ? $GLOBALS['HTTP_SERVER_VARS']['PHP_SELF'] : 'install.php';
+	}
 
 	// Enable error reporting for fatal errors.
 	error_reporting(E_ERROR | E_PARSE);
@@ -164,21 +170,23 @@ 
 	{
 		ob_start();
 
-		if (ini_get('session.save_handler') == 'user')
-			@ini_set('session.save_handler', 'files');
-		if (function_exists('session_start'))
-			@session_start();
-	}
-	else
+		if (ini_get('session.save_handler') == 'user') {
+					@ini_set('session.save_handler', 'files');
+		}
+		if (function_exists('session_start')) {
+					@session_start();
+		}
+	} else
 	{
 		ob_start('ob_gzhandler');
 
-		if (ini_get('session.save_handler') == 'user')
-			@ini_set('session.save_handler', 'files');
+		if (ini_get('session.save_handler') == 'user') {
+					@ini_set('session.save_handler', 'files');
+		}
 		session_start();
 
-		if (!headers_sent())
-			echo '<!DOCTYPE html>
+		if (!headers_sent()) {
+					echo '<!DOCTYPE html>
 <html>
 	<head>
 		<title>', htmlspecialchars($_GET['pass_string']), '</title>
@@ -187,14 +195,16 @@ 
 		<strong>', htmlspecialchars($_GET['pass_string']), '</strong>
 	</body>
 </html>';
+		}
 		exit;
 	}
 
 	// Add slashes, as long as they aren't already being added.
-	if (!function_exists('get_magic_quotes_gpc') || @get_magic_quotes_gpc() == 0)
-		foreach ($_POST as $k => $v)
+	if (!function_exists('get_magic_quotes_gpc') || @get_magic_quotes_gpc() == 0) {
+			foreach ($_POST as $k => $v)
 			if (strpos($k, 'password') === false && strpos($k, 'db_passwd') === false)
 				$_POST[$k] = addslashes($v);
+	}
 
 	// This is really quite simple; if ?delete is on the URL, delete the installer...
 	if (isset($_GET['delete']))
@@ -215,8 +225,7 @@ 
 			$ftp->close();
 
 			unset($_SESSION['installer_temp_ftp']);
-		}
-		else
+		} else
 		{
 			@unlink(__FILE__);
 
@@ -230,10 +239,11 @@ 
 		// Now just redirect to a blank.png...
 		$secure = false;
 
-		if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on')
-			$secure = true;
-		elseif (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' || !empty($_SERVER['HTTP_X_FORWARDED_SSL']) && $_SERVER['HTTP_X_FORWARDED_SSL'] == 'on')
-			$secure = true;
+		if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') {
+					$secure = true;
+		} elseif (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' || !empty($_SERVER['HTTP_X_FORWARDED_SSL']) && $_SERVER['HTTP_X_FORWARDED_SSL'] == 'on') {
+					$secure = true;
+		}
 
 		header('Location: http' . ($secure ? 's' : '') . '://' . (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME'] . ':' . $_SERVER['SERVER_PORT']) . dirname($_SERVER['PHP_SELF']) . '/Themes/default/images/blank.png');
 		exit;
@@ -244,10 +254,11 @@ 
 	{
 		// Get PHP's default timezone, if set
 		$ini_tz = ini_get('date.timezone');
-		if (!empty($ini_tz))
-			$timezone_id = $ini_tz;
-		else
-			$timezone_id = '';
+		if (!empty($ini_tz)) {
+					$timezone_id = $ini_tz;
+		} else {
+					$timezone_id = '';
+		}
 
 		// If date.timezone is unset, invalid, or just plain weird, make a best guess
 		if (!in_array($timezone_id, timezone_identifiers_list()))
@@ -277,8 +288,9 @@ 
 		$dir = dir(dirname(__FILE__) . '/Themes/default/languages');
 		while ($entry = $dir->read())
 		{
-			if (substr($entry, 0, 8) == 'Install.' && substr($entry, -4) == '.php')
-				$incontext['detected_languages'][$entry] = ucfirst(substr($entry, 8, strlen($entry) - 12));
+			if (substr($entry, 0, 8) == 'Install.' && substr($entry, -4) == '.php') {
+							$incontext['detected_languages'][$entry] = ucfirst(substr($entry, 8, strlen($entry) - 12));
+			}
 		}
 		$dir->close();
 	}
@@ -313,10 +325,11 @@ 
 	}
 
 	// Override the language file?
-	if (isset($_GET['lang_file']))
-		$_SESSION['installer_temp_lang'] = $_GET['lang_file'];
-	elseif (isset($GLOBALS['HTTP_GET_VARS']['lang_file']))
-		$_SESSION['installer_temp_lang'] = $GLOBALS['HTTP_GET_VARS']['lang_file'];
+	if (isset($_GET['lang_file'])) {
+			$_SESSION['installer_temp_lang'] = $_GET['lang_file'];
+	} elseif (isset($GLOBALS['HTTP_GET_VARS']['lang_file'])) {
+			$_SESSION['installer_temp_lang'] = $GLOBALS['HTTP_GET_VARS']['lang_file'];
+	}
 
 	// Make sure it exists, if it doesn't reset it.
 	if (!isset($_SESSION['installer_temp_lang']) || preg_match('~[^\\w_\\-.]~', $_SESSION['installer_temp_lang']) === 1 || !file_exists(dirname(__FILE__) . '/Themes/default/languages/' . $_SESSION['installer_temp_lang']))
@@ -325,8 +338,9 @@ 
 		list ($_SESSION['installer_temp_lang']) = array_keys($incontext['detected_languages']);
 
 		// If we have english and some other language, use the other language.  We Americans hate english :P.
-		if ($_SESSION['installer_temp_lang'] == 'Install.english.php' && count($incontext['detected_languages']) > 1)
-			list (, $_SESSION['installer_temp_lang']) = array_keys($incontext['detected_languages']);
+		if ($_SESSION['installer_temp_lang'] == 'Install.english.php' && count($incontext['detected_languages']) > 1) {
+					list (, $_SESSION['installer_temp_lang']) = array_keys($incontext['detected_languages']);
+		}
 	}
 
 	// And now include the actual language file itself.
@@ -343,15 +357,18 @@ 
 	global $db_prefix, $db_connection, $sourcedir, $smcFunc, $modSettings;
 	global $db_server, $db_passwd, $db_type, $db_name, $db_user, $db_persist;
 
-	if (empty($sourcedir))
-		$sourcedir = dirname(__FILE__) . '/Sources';
+	if (empty($sourcedir)) {
+			$sourcedir = dirname(__FILE__) . '/Sources';
+	}
 
 	// Need this to check whether we need the database password.
 	require(dirname(__FILE__) . '/Settings.php');
-	if (!defined('SMF'))
-		define('SMF', 1);
-	if (empty($smcFunc))
-		$smcFunc = array();
+	if (!defined('SMF')) {
+			define('SMF', 1);
+	}
+	if (empty($smcFunc)) {
+			$smcFunc = array();
+	}
 
 	$modSettings['disableQueryCheck'] = true;
 
@@ -359,8 +376,9 @@ 
 	if (!$db_connection)
 	{
 		require_once($sourcedir . '/Subs-Db-' . $db_type . '.php');
-		if (version_compare(PHP_VERSION, '5', '<'))
-			require_once($sourcedir . '/Subs-Compat.php');
+		if (version_compare(PHP_VERSION, '5', '<')) {
+					require_once($sourcedir . '/Subs-Compat.php');
+		}
 
 		$db_options = array('persist' => $db_persist);
 		$port = '';
@@ -371,19 +389,20 @@ 
 			if ($db_type == 'mysql')
 			{
 				$port = ((int) $_POST['db_port'] == ini_get($db_type . 'default_port')) ? '' : (int) $_POST['db_port'];
-			}
-			elseif ($db_type == 'postgresql')
+			} elseif ($db_type == 'postgresql')
 			{
 				// PostgreSQL doesn't have a default port setting in php.ini, so just check against the default
 				$port = ((int) $_POST['db_port'] == 5432) ? '' : (int) $_POST['db_port'];
 			}
 		}
 
-		if (!empty($port))
-			$db_options['port'] = $port;
+		if (!empty($port)) {
+					$db_options['port'] = $port;
+		}
 
-		if (!$db_connection)
-			$db_connection = smf_db_initiate($db_server, $db_name, $db_user, $db_passwd, $db_prefix, $db_options);
+		if (!$db_connection) {
+					$db_connection = smf_db_initiate($db_server, $db_name, $db_user, $db_passwd, $db_prefix, $db_options);
+		}
 	}
 }
 
@@ -411,8 +430,9 @@ 
 		// @todo REMOVE THIS!!
 		else
 		{
-			if (function_exists('doStep' . $_GET['step']))
-				call_user_func('doStep' . $_GET['step']);
+			if (function_exists('doStep' . $_GET['step'])) {
+							call_user_func('doStep' . $_GET['step']);
+			}
 		}
 		// Show the footer.
 		template_install_below();
@@ -430,8 +450,9 @@ 
 	$incontext['sub_template'] = 'welcome_message';
 
 	// Done the submission?
-	if (isset($_POST['contbutt']))
-		return true;
+	if (isset($_POST['contbutt'])) {
+			return true;
+	}
 
 	// See if we think they have already installed it?
 	if (is_readable(dirname(__FILE__) . '/Settings.php'))
@@ -439,14 +460,17 @@ 
 		$probably_installed = 0;
 		foreach (file(dirname(__FILE__) . '/Settings.php') as $line)
 		{
-			if (preg_match('~^\$db_passwd\s=\s\'([^\']+)\';$~', $line))
-				$probably_installed++;
-			if (preg_match('~^\$boardurl\s=\s\'([^\']+)\';~', $line) && !preg_match('~^\$boardurl\s=\s\'http://127\.0\.0\.1/smf\';~', $line))
-				$probably_installed++;
+			if (preg_match('~^\$db_passwd\s=\s\'([^\']+)\';$~', $line)) {
+							$probably_installed++;
+			}
+			if (preg_match('~^\$boardurl\s=\s\'([^\']+)\';~', $line) && !preg_match('~^\$boardurl\s=\s\'http://127\.0\.0\.1/smf\';~', $line)) {
+							$probably_installed++;
+			}
 		}
 
-		if ($probably_installed == 2)
-			$incontext['warning'] = $txt['error_already_installed'];
+		if ($probably_installed == 2) {
+					$incontext['warning'] = $txt['error_already_installed'];
+		}
 	}
 
 	// Is some database support even compiled in?
@@ -461,45 +485,54 @@ 
 				$databases[$key]['supported'] = false;
 				$notFoundSQLFile = true;
 				$txt['error_db_script_missing'] = sprintf($txt['error_db_script_missing'], 'install_' . $GLOBALS['db_script_version'] . '_' . $type . '.sql');
+			} else {
+							$incontext['supported_databases'][] = $db;
 			}
-			else
-				$incontext['supported_databases'][] = $db;
 		}
 	}
 
 	// Check the PHP version.
-	if ((!function_exists('version_compare') || version_compare($GLOBALS['required_php_version'], PHP_VERSION, '>=')))
-		$error = 'error_php_too_low';
+	if ((!function_exists('version_compare') || version_compare($GLOBALS['required_php_version'], PHP_VERSION, '>='))) {
+			$error = 'error_php_too_low';
+	}
 	// Make sure we have a supported database
-	elseif (empty($incontext['supported_databases']))
-		$error = empty($notFoundSQLFile) ? 'error_db_missing' : 'error_db_script_missing';
+	elseif (empty($incontext['supported_databases'])) {
+			$error = empty($notFoundSQLFile) ? 'error_db_missing' : 'error_db_script_missing';
+	}
 	// How about session support?  Some crazy sysadmin remove it?
-	elseif (!function_exists('session_start'))
-		$error = 'error_session_missing';
+	elseif (!function_exists('session_start')) {
+			$error = 'error_session_missing';
+	}
 	// Make sure they uploaded all the files.
-	elseif (!file_exists(dirname(__FILE__) . '/index.php'))
-		$error = 'error_missing_files';
+	elseif (!file_exists(dirname(__FILE__) . '/index.php')) {
+			$error = 'error_missing_files';
+	}
 	// Very simple check on the session.save_path for Windows.
 	// @todo Move this down later if they don't use database-driven sessions?
-	elseif (@ini_get('session.save_path') == '/tmp' && substr(__FILE__, 1, 2) == ':\\')
-		$error = 'error_session_save_path';
+	elseif (@ini_get('session.save_path') == '/tmp' && substr(__FILE__, 1, 2) == ':\\') {
+			$error = 'error_session_save_path';
+	}
 
 	// Since each of the three messages would look the same, anyway...
-	if (isset($error))
-		$incontext['error'] = $txt[$error];
+	if (isset($error)) {
+			$incontext['error'] = $txt[$error];
+	}
 
 	// Mod_security blocks everything that smells funny. Let SMF handle security.
-	if (!fixModSecurity() && !isset($_GET['overmodsecurity']))
-		$incontext['error'] = $txt['error_mod_security'] . '<br><br><a href="' . $installurl . '?overmodsecurity=true">' . $txt['error_message_click'] . '</a> ' . $txt['error_message_bad_try_again'];
+	if (!fixModSecurity() && !isset($_GET['overmodsecurity'])) {
+			$incontext['error'] = $txt['error_mod_security'] . '<br><br><a href="' . $installurl . '?overmodsecurity=true">' . $txt['error_message_click'] . '</a> ' . $txt['error_message_bad_try_again'];
+	}
 
 	// Confirm mbstring is loaded...
-	if (!extension_loaded('mbstring'))
-		$incontext['error'] = $txt['install_no_mbstring'];
+	if (!extension_loaded('mbstring')) {
+			$incontext['error'] = $txt['install_no_mbstring'];
+	}
 
 	// Check for https stream support.
 	$supported_streams = stream_get_wrappers();
-	if (!in_array('https', $supported_streams))
-		$incontext['warning'] = $txt['install_no_https'];
+	if (!in_array('https', $supported_streams)) {
+			$incontext['warning'] = $txt['install_no_https'];
+	}
 
 	return false;
 }
@@ -525,12 +558,14 @@ 
 		'db_last_error.php',
 	);
 
-	foreach ($incontext['detected_languages'] as $lang => $temp)
-		$extra_files[] = 'Themes/default/languages/' . $lang;
+	foreach ($incontext['detected_languages'] as $lang => $temp) {
+			$extra_files[] = 'Themes/default/languages/' . $lang;
+	}
 
 	// With mod_security installed, we could attempt to fix it with .htaccess.
-	if (function_exists('apache_get_modules') && in_array('mod_security', apache_get_modules()))
-		$writable_files[] = file_exists(dirname(__FILE__) . '/.htaccess') ? '.htaccess' : '.';
+	if (function_exists('apache_get_modules') && in_array('mod_security', apache_get_modules())) {
+			$writable_files[] = file_exists(dirname(__FILE__) . '/.htaccess') ? '.htaccess' : '.';
+	}
 
 	$failed_files = array();
 
@@ -542,20 +577,23 @@ 
 		foreach ($writable_files as $file)
 		{
 			// Some files won't exist, try to address up front
-			if (!file_exists(dirname(__FILE__) . '/' . $file))
-				@touch(dirname(__FILE__) . '/' . $file);
+			if (!file_exists(dirname(__FILE__) . '/' . $file)) {
+							@touch(dirname(__FILE__) . '/' . $file);
+			}
 			// NOW do the writable check...
 			if (!is_writable(dirname(__FILE__) . '/' . $file))
 			{
 				@chmod(dirname(__FILE__) . '/' . $file, 0755);
 
 				// Well, 755 hopefully worked... if not, try 777.
-				if (!is_writable(dirname(__FILE__) . '/' . $file) && !@chmod(dirname(__FILE__) . '/' . $file, 0777))
-					$failed_files[] = $file;
+				if (!is_writable(dirname(__FILE__) . '/' . $file) && !@chmod(dirname(__FILE__) . '/' . $file, 0777)) {
+									$failed_files[] = $file;
+				}
 			}
 		}
-		foreach ($extra_files as $file)
-			@chmod(dirname(__FILE__) . (empty($file) ? '' : '/' . $file), 0777);
+		foreach ($extra_files as $file) {
+					@chmod(dirname(__FILE__) . (empty($file) ? '' : '/' . $file), 0777);
+		}
 	}
 	// Windows is trickier.  Let's try opening for r+...
 	else
@@ -565,30 +603,35 @@ 
 		foreach ($writable_files as $file)
 		{
 			// Folders can't be opened for write... but the index.php in them can ;)
-			if (is_dir(dirname(__FILE__) . '/' . $file))
-				$file .= '/index.php';
+			if (is_dir(dirname(__FILE__) . '/' . $file)) {
+							$file .= '/index.php';
+			}
 
 			// Funny enough, chmod actually does do something on windows - it removes the read only attribute.
 			@chmod(dirname(__FILE__) . '/' . $file, 0777);
 			$fp = @fopen(dirname(__FILE__) . '/' . $file, 'r+');
 
 			// Hmm, okay, try just for write in that case...
-			if (!is_resource($fp))
-				$fp = @fopen(dirname(__FILE__) . '/' . $file, 'w');
+			if (!is_resource($fp)) {
+							$fp = @fopen(dirname(__FILE__) . '/' . $file, 'w');
+			}
 
-			if (!is_resource($fp))
-				$failed_files[] = $file;
+			if (!is_resource($fp)) {
+							$failed_files[] = $file;
+			}
 
 			@fclose($fp);
 		}
-		foreach ($extra_files as $file)
-			@chmod(dirname(__FILE__) . (empty($file) ? '' : '/' . $file), 0777);
+		foreach ($extra_files as $file) {
+					@chmod(dirname(__FILE__) . (empty($file) ? '' : '/' . $file), 0777);
+		}
 	}
 
 	$failure = count($failed_files) >= 1;
 
-	if (!isset($_SERVER))
-		return !$failure;
+	if (!isset($_SERVER)) {
+			return !$failure;
+	}
 
 	// Put the list into context.
 	$incontext['failed_files'] = $failed_files;
@@ -636,19 +679,23 @@ 
 
 		if (!isset($ftp) || $ftp->error !== false)
 		{
-			if (!isset($ftp))
-				$ftp = new ftp_connection(null);
+			if (!isset($ftp)) {
+							$ftp = new ftp_connection(null);
+			}
 			// Save the error so we can mess with listing...
-			elseif ($ftp->error !== false && empty($incontext['ftp_errors']) && !empty($ftp->last_message))
-				$incontext['ftp_errors'][] = $ftp->last_message;
+			elseif ($ftp->error !== false && empty($incontext['ftp_errors']) && !empty($ftp->last_message)) {
+							$incontext['ftp_errors'][] = $ftp->last_message;
+			}
 
 			list ($username, $detect_path, $found_path) = $ftp->detect_path(dirname(__FILE__));
 
-			if (empty($_POST['ftp_path']) && $found_path)
-				$_POST['ftp_path'] = $detect_path;
+			if (empty($_POST['ftp_path']) && $found_path) {
+							$_POST['ftp_path'] = $detect_path;
+			}
 
-			if (!isset($_POST['ftp_username']))
-				$_POST['ftp_username'] = $username;
+			if (!isset($_POST['ftp_username'])) {
+							$_POST['ftp_username'] = $username;
+			}
 
 			// Set the username etc, into context.
 			$incontext['ftp'] = array(
@@ -660,8 +707,7 @@ 
 			);
 
 			return false;
-		}
-		else
+		} else
 		{
 			$_SESSION['installer_temp_ftp'] = array(
 				'server' => $_POST['ftp_server'],
@@ -675,10 +721,12 @@ 
 
 			foreach ($failed_files as $file)
 			{
-				if (!is_writable(dirname(__FILE__) . '/' . $file))
-					$ftp->chmod($file, 0755);
-				if (!is_writable(dirname(__FILE__) . '/' . $file))
-					$ftp->chmod($file, 0777);
+				if (!is_writable(dirname(__FILE__) . '/' . $file)) {
+									$ftp->chmod($file, 0755);
+				}
+				if (!is_writable(dirname(__FILE__) . '/' . $file)) {
+									$ftp->chmod($file, 0777);
+				}
 				if (!is_writable(dirname(__FILE__) . '/' . $file))
 				{
 					$failed_files_updated[] = $file;
@@ -734,15 +782,17 @@ 
 
 			if (!$foundOne)
 			{
-				if (isset($db['default_host']))
-					$incontext['db']['server'] = ini_get($db['default_host']) or $incontext['db']['server'] = 'localhost';
+				if (isset($db['default_host'])) {
+									$incontext['db']['server'] = ini_get($db['default_host']) or $incontext['db']['server'] = 'localhost';
+				}
 				if (isset($db['default_user']))
 				{
 					$incontext['db']['user'] = ini_get($db['default_user']);
 					$incontext['db']['name'] = ini_get($db['default_user']);
 				}
-				if (isset($db['default_password']))
-					$incontext['db']['pass'] = ini_get($db['default_password']);
+				if (isset($db['default_password'])) {
+									$incontext['db']['pass'] = ini_get($db['default_password']);
+				}
 
 				// For simplicity and less confusion, leave the port blank by default
 				$incontext['db']['port'] = '';
@@ -761,10 +811,10 @@ 
 		$incontext['db']['server'] = $_POST['db_server'];
 		$incontext['db']['prefix'] = $_POST['db_prefix'];
 
-		if (!empty($_POST['db_port']))
-			$incontext['db']['port'] = $_POST['db_port'];
-	}
-	else
+		if (!empty($_POST['db_port'])) {
+					$incontext['db']['port'] = $_POST['db_port'];
+		}
+	} else
 	{
 		$incontext['db']['prefix'] = 'smf_';
 	}
@@ -800,10 +850,11 @@ 
 		if (!empty($_POST['db_port']))
 		{
 			// For MySQL, we can get the "default port" from PHP. PostgreSQL has no such option though.
-			if (($db_type == 'mysql' || $db_type == 'mysqli') && $_POST['db_port'] != ini_get($db_type . '.default_port'))
-				$vars['db_port'] = (int) $_POST['db_port'];
-			elseif ($db_type == 'postgresql' && $_POST['db_port'] != 5432)
-				$vars['db_port'] = (int) $_POST['db_port'];
+			if (($db_type == 'mysql' || $db_type == 'mysqli') && $_POST['db_port'] != ini_get($db_type . '.default_port')) {
+							$vars['db_port'] = (int) $_POST['db_port'];
+			} elseif ($db_type == 'postgresql' && $_POST['db_port'] != 5432) {
+							$vars['db_port'] = (int) $_POST['db_port'];
+			}
 		}
 
 		// God I hope it saved!
@@ -816,8 +867,9 @@ 
 		// Make sure it works.
 		require(dirname(__FILE__) . '/Settings.php');
 
-		if (empty($sourcedir))
-			$sourcedir = dirname(__FILE__) . '/Sources';
+		if (empty($sourcedir)) {
+					$sourcedir = dirname(__FILE__) . '/Sources';
+		}
 
 		// Better find the database file!
 		if (!file_exists($sourcedir . '/Subs-Db-' . $db_type . '.php'))
@@ -827,18 +879,21 @@ 
 		}
 
 		// Now include it for database functions!
-		if (!defined('SMF'))
-			define('SMF', 1);
+		if (!defined('SMF')) {
+					define('SMF', 1);
+		}
 
 		$modSettings['disableQueryCheck'] = true;
-		if (empty($smcFunc))
-			$smcFunc = array();
+		if (empty($smcFunc)) {
+					$smcFunc = array();
+		}
 
 			require_once($sourcedir . '/Subs-Db-' . $db_type . '.php');
 
 		// What - running PHP4? The shame!
-		if (version_compare(PHP_VERSION, '5', '<'))
-			require_once($sourcedir . '/Subs-Compat.php');
+		if (version_compare(PHP_VERSION, '5', '<')) {
+					require_once($sourcedir . '/Subs-Compat.php');
+		}
 
 		// Attempt a connection.
 		$needsDB = !empty($databases[$db_type]['always_has_db']);
@@ -926,12 +981,14 @@ 
 	$incontext['page_title'] = $txt['install_settings'];
 
 	// Let's see if we got the database type correct.
-	if (isset($_POST['db_type'], $databases[$_POST['db_type']]))
-		$db_type = $_POST['db_type'];
+	if (isset($_POST['db_type'], $databases[$_POST['db_type']])) {
+			$db_type = $_POST['db_type'];
+	}
 
 	// Else we'd better be able to get the connection.
-	else
-		load_database();
+	else {
+			load_database();
+	}
 
 	$db_type = isset($_POST['db_type']) ? $_POST['db_type'] : $db_type;
 
@@ -940,10 +997,11 @@ 
 
 		$secure = false;
 
-		if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on')
-			$secure = true;
-		elseif (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' || !empty($_SERVER['HTTP_X_FORWARDED_SSL']) && $_SERVER['HTTP_X_FORWARDED_SSL'] == 'on')
-			$secure = true;
+		if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') {
+					$secure = true;
+		} elseif (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' || !empty($_SERVER['HTTP_X_FORWARDED_SSL']) && $_SERVER['HTTP_X_FORWARDED_SSL'] == 'on') {
+					$secure = true;
+		}
 
 	// Now, to put what we've learned together... and add a path.
 	$incontext['detected_url'] = 'http' . ($secure ? 's' : '') . '://' . $host . substr($_SERVER['PHP_SELF'], 0, strrpos($_SERVER['PHP_SELF'], '/'));
@@ -975,18 +1033,21 @@ 
 	// Submitting?
 	if (isset($_POST['boardurl']))
 	{
-		if (substr($_POST['boardurl'], -10) == '/index.php')
-			$_POST['boardurl'] = substr($_POST['boardurl'], 0, -10);
-		elseif (substr($_POST['boardurl'], -1) == '/')
-			$_POST['boardurl'] = substr($_POST['boardurl'], 0, -1);
-		if (substr($_POST['boardurl'], 0, 7) != 'http://' && substr($_POST['boardurl'], 0, 7) != 'file://' && substr($_POST['boardurl'], 0, 8) != 'https://')
-			$_POST['boardurl'] = 'http://' . $_POST['boardurl'];
+		if (substr($_POST['boardurl'], -10) == '/index.php') {
+					$_POST['boardurl'] = substr($_POST['boardurl'], 0, -10);
+		} elseif (substr($_POST['boardurl'], -1) == '/') {
+					$_POST['boardurl'] = substr($_POST['boardurl'], 0, -1);
+		}
+		if (substr($_POST['boardurl'], 0, 7) != 'http://' && substr($_POST['boardurl'], 0, 7) != 'file://' && substr($_POST['boardurl'], 0, 8) != 'https://') {
+					$_POST['boardurl'] = 'http://' . $_POST['boardurl'];
+		}
 
 		//Make sure boardurl is aligned with ssl setting
-		if (empty($_POST['force_ssl']))
-			$_POST['boardurl'] = strtr($_POST['boardurl'], array('https://' => 'http://'));
-		else
-			$_POST['boardurl'] = strtr($_POST['boardurl'], array('http://' => 'https://'));
+		if (empty($_POST['force_ssl'])) {
+					$_POST['boardurl'] = strtr($_POST['boardurl'], array('https://' => 'http://'));
+		} else {
+					$_POST['boardurl'] = strtr($_POST['boardurl'], array('http://' => 'https://'));
+		}
 
 		// Save these variables.
 		$vars = array(
@@ -1025,10 +1086,10 @@ 
 			{
 				$incontext['error'] = sprintf($txt['error_utf8_version'], $databases[$db_type]['utf8_version']);
 				return false;
-			}
-			else
-				// Set the character set here.
+			} else {
+							// Set the character set here.
 				updateSettingsFile(array('db_character_set' => 'utf8'));
+			}
 		}
 
 		// Good, skip on.
@@ -1048,8 +1109,9 @@ 
 	$incontext['continue'] = 1;
 
 	// Already done?
-	if (isset($_POST['pop_done']))
-		return true;
+	if (isset($_POST['pop_done'])) {
+			return true;
+	}
 
 	// Reload settings.
 	require(dirname(__FILE__) . '/Settings.php');
@@ -1067,8 +1129,9 @@ 
 	$modSettings = array();
 	if ($result !== false)
 	{
-		while ($row = $smcFunc['db_fetch_assoc']($result))
-			$modSettings[$row['variable']] = $row['value'];
+		while ($row = $smcFunc['db_fetch_assoc']($result)) {
+					$modSettings[$row['variable']] = $row['value'];
+		}
 		$smcFunc['db_free_result']($result);
 
 		// Do they match?  If so, this is just a refresh so charge on!
@@ -1081,20 +1144,22 @@ 
 	$modSettings['disableQueryCheck'] = true;
 
 	// If doing UTF8, select it. PostgreSQL requires passing it as a string...
-	if (!empty($db_character_set) && $db_character_set == 'utf8' && !empty($databases[$db_type]['utf8_support']))
-		$smcFunc['db_query']('', '
+	if (!empty($db_character_set) && $db_character_set == 'utf8' && !empty($databases[$db_type]['utf8_support'])) {
+			$smcFunc['db_query']('', '
 			SET NAMES {string:utf8}',
 			array(
 				'db_error_skip' => true,
 				'utf8' => 'utf8',
 			)
 		);
+	}
 
 	// Windows likes to leave the trailing slash, which yields to C:\path\to\SMF\/attachments...
-	if (substr(__DIR__, -1) == '\\')
-		$attachdir = __DIR__ . 'attachments';
-	else
-		$attachdir = __DIR__ . '/attachments';
+	if (substr(__DIR__, -1) == '\\') {
+			$attachdir = __DIR__ . 'attachments';
+	} else {
+			$attachdir = __DIR__ . '/attachments';
+	}
 
 	$replaces = array(
 		'{$db_prefix}' => $db_prefix,
@@ -1111,8 +1176,9 @@ 
 
 	foreach ($txt as $key => $value)
 	{
-		if (substr($key, 0, 8) == 'default_')
-			$replaces['{$' . $key . '}'] = $smcFunc['db_escape_string']($value);
+		if (substr($key, 0, 8) == 'default_') {
+					$replaces['{$' . $key . '}'] = $smcFunc['db_escape_string']($value);
+		}
 	}
 	$replaces['{$default_reserved_names}'] = strtr($replaces['{$default_reserved_names}'], array('\\\\n' => '\\n'));
 
@@ -1127,8 +1193,9 @@ 
 
 		while ($row = $smcFunc['db_fetch_assoc']($get_engines))
 		{
-			if ($row['Support'] == 'YES' || $row['Support'] == 'DEFAULT')
-				$engines[] = $row['Engine'];
+			if ($row['Support'] == 'YES' || $row['Support'] == 'DEFAULT') {
+							$engines[] = $row['Engine'];
+			}
 		}
 
 		// Done with this now
@@ -1152,8 +1219,7 @@ 
 			$replaces['START TRANSACTION;'] = '';
 			$replaces['COMMIT;'] = '';
 		}
-	}
-	else
+	} else
 	{
 		$has_innodb = false;
 	}
@@ -1175,21 +1241,24 @@ 
 	foreach ($sql_lines as $count => $line)
 	{
 		// No comments allowed!
-		if (substr(trim($line), 0, 1) != '#')
-			$current_statement .= "\n" . rtrim($line);
+		if (substr(trim($line), 0, 1) != '#') {
+					$current_statement .= "\n" . rtrim($line);
+		}
 
 		// Is this the end of the query string?
-		if (empty($current_statement) || (preg_match('~;[\s]*$~s', $line) == 0 && $count != count($sql_lines)))
-			continue;
+		if (empty($current_statement) || (preg_match('~;[\s]*$~s', $line) == 0 && $count != count($sql_lines))) {
+					continue;
+		}
 
 		// Does this table already exist?  If so, don't insert more data into it!
 		if (preg_match('~^\s*INSERT INTO ([^\s\n\r]+?)~', $current_statement, $match) != 0 && in_array($match[1], $exists))
 		{
 			preg_match_all('~\)[,;]~', $current_statement, $matches);
-			if (!empty($matches[0]))
-				$incontext['sql_results']['insert_dups'] += count($matches[0]);
-			else
-				$incontext['sql_results']['insert_dups']++;
+			if (!empty($matches[0])) {
+							$incontext['sql_results']['insert_dups'] += count($matches[0]);
+			} else {
+							$incontext['sql_results']['insert_dups']++;
+			}
 
 			$current_statement = '';
 			continue;
@@ -1198,8 +1267,9 @@ 
 		if ($smcFunc['db_query']('', $current_statement, array('security_override' => true, 'db_error_skip' => true), $db_connection) === false)
 		{
 			// Use the appropriate function based on the DB type
-			if ($db_type == 'mysql' || $db_type == 'mysqli')
-				$db_errorno = $db_type . '_errno';
+			if ($db_type == 'mysql' || $db_type == 'mysqli') {
+							$db_errorno = $db_type . '_errno';
+			}
 
 			// Error 1050: Table already exists!
 			// @todo Needs to be made better!
@@ -1214,18 +1284,18 @@ 
 				// MySQLi requires a connection object. It's optional with MySQL and Postgres
 				$incontext['failures'][$count] = $smcFunc['db_error']($db_connection);
 			}
-		}
-		else
+		} else
 		{
-			if (preg_match('~^\s*CREATE TABLE ([^\s\n\r]+?)~', $current_statement, $match) == 1)
-				$incontext['sql_results']['tables']++;
-			elseif (preg_match('~^\s*INSERT INTO ([^\s\n\r]+?)~', $current_statement, $match) == 1)
+			if (preg_match('~^\s*CREATE TABLE ([^\s\n\r]+?)~', $current_statement, $match) == 1) {
+							$incontext['sql_results']['tables']++;
+			} elseif (preg_match('~^\s*INSERT INTO ([^\s\n\r]+?)~', $current_statement, $match) == 1)
 			{
 				preg_match_all('~\)[,;]~', $current_statement, $matches);
-				if (!empty($matches[0]))
-					$incontext['sql_results']['inserts'] += count($matches[0]);
-				else
-					$incontext['sql_results']['inserts']++;
+				if (!empty($matches[0])) {
+									$incontext['sql_results']['inserts'] += count($matches[0]);
+				} else {
+									$incontext['sql_results']['inserts']++;
+				}
 			}
 		}
 
@@ -1238,15 +1308,17 @@ 
 	// Sort out the context for the SQL.
 	foreach ($incontext['sql_results'] as $key => $number)
 	{
-		if ($number == 0)
-			unset($incontext['sql_results'][$key]);
-		else
-			$incontext['sql_results'][$key] = sprintf($txt['db_populate_' . $key], $number);
+		if ($number == 0) {
+					unset($incontext['sql_results'][$key]);
+		} else {
+					$incontext['sql_results'][$key] = sprintf($txt['db_populate_' . $key], $number);
+		}
 	}
 
 	// Make sure UTF will be used globally.
-	if ((!empty($databases[$db_type]['utf8_support']) && !empty($databases[$db_type]['utf8_required'])) || (empty($databases[$db_type]['utf8_required']) && !empty($databases[$db_type]['utf8_support']) && isset($_POST['utf8'])))
-		$newSettings[] = array('global_character_set', 'UTF-8');
+	if ((!empty($databases[$db_type]['utf8_support']) && !empty($databases[$db_type]['utf8_required'])) || (empty($databases[$db_type]['utf8_required']) && !empty($databases[$db_type]['utf8_support']) && isset($_POST['utf8']))) {
+			$newSettings[] = array('global_character_set', 'UTF-8');
+	}
 
 	// Auto-detect local & global cookie settings
 	$url_parts = parse_url($boardurl);
@@ -1275,15 +1347,19 @@ 
 
 		// Look for subfolder, if found, set localCookie
 		// Checking for len > 1 ensures you don't have just a slash...
-		if (!empty($url_parts['path']) && strlen($url_parts['path']) > 1)
-			$localCookies = '1';
+		if (!empty($url_parts['path']) && strlen($url_parts['path']) > 1) {
+					$localCookies = '1';
+		}
 
-		if (isset($globalCookies))
-			$newSettings[] = array('globalCookies', $globalCookies);
-		if (isset($globalCookiesDomain))
-			$newSettings[] = array('globalCookiesDomain', $globalCookiesDomain);
-		if (isset($localCookies))
-			$newSettings[] = array('localCookies', $localCookies);
+		if (isset($globalCookies)) {
+					$newSettings[] = array('globalCookies', $globalCookies);
+		}
+		if (isset($globalCookiesDomain)) {
+					$newSettings[] = array('globalCookiesDomain', $globalCookiesDomain);
+		}
+		if (isset($localCookies)) {
+					$newSettings[] = array('localCookies', $localCookies);
+		}
 	}
 
 	// Are we allowing stat collection?
@@ -1301,16 +1377,17 @@ 
 			fwrite($fp, $out);
 
 			$return_data = '';
-			while (!feof($fp))
-				$return_data .= fgets($fp, 128);
+			while (!feof($fp)) {
+							$return_data .= fgets($fp, 128);
+			}
 
 			fclose($fp);
 
 			// Get the unique site ID.
 			preg_match('~SITE-ID:\s(\w{10})~', $return_data, $ID);
 
-			if (!empty($ID[1]))
-				$smcFunc['db_insert']('replace',
+			if (!empty($ID[1])) {
+							$smcFunc['db_insert']('replace',
 					$db_prefix . 'settings',
 					array('variable' => 'string', 'value' => 'string'),
 					array(
@@ -1319,11 +1396,12 @@ 
 					),
 					array('variable')
 				);
+			}
 		}
 	}
 	// Don't remove stat collection unless we unchecked the box for real, not from the loop.
-	elseif (empty($_POST['stats']) && empty($upcontext['allow_sm_stats']))
-		$smcFunc['db_query']('', '
+	elseif (empty($_POST['stats']) && empty($upcontext['allow_sm_stats'])) {
+			$smcFunc['db_query']('', '
 			DELETE FROM {db_prefix}settings
 			WHERE variable = {string:enable_sm_stats}',
 			array(
@@ -1331,20 +1409,23 @@ 
 				'db_error_skip' => true,
 			)
 		);
+	}
 
 	// Are we enabling SSL?
-	if (!empty($_POST['force_ssl']))
-		$newSettings[] = array('force_ssl', 2);
+	if (!empty($_POST['force_ssl'])) {
+			$newSettings[] = array('force_ssl', 2);
+	}
 
 	// Setting a timezone is required.
 	if (!isset($modSettings['default_timezone']) && function_exists('date_default_timezone_set'))
 	{
 		// Get PHP's default timezone, if set
 		$ini_tz = ini_get('date.timezone');
-		if (!empty($ini_tz))
-			$timezone_id = $ini_tz;
-		else
-			$timezone_id = '';
+		if (!empty($ini_tz)) {
+					$timezone_id = $ini_tz;
+		} else {
+					$timezone_id = '';
+		}
 
 		// If date.timezone is unset, invalid, or just plain weird, make a best guess
 		if (!in_array($timezone_id, timezone_identifiers_list()))
@@ -1353,8 +1434,9 @@ 
 			$timezone_id = timezone_name_from_abbr('', $server_offset, 0);
 		}
 
-		if (date_default_timezone_set($timezone_id))
-			$newSettings[] = array('default_timezone', $timezone_id);
+		if (date_default_timezone_set($timezone_id)) {
+					$newSettings[] = array('default_timezone', $timezone_id);
+		}
 	}
 
 	if (!empty($newSettings))
@@ -1385,16 +1467,18 @@ 
 	}
 
 	// MySQL specific stuff
-	if (substr($db_type, 0, 5) != 'mysql')
-		return false;
+	if (substr($db_type, 0, 5) != 'mysql') {
+			return false;
+	}
 
 	// Find database user privileges.
 	$privs = array();
 	$get_privs = $smcFunc['db_query']('', 'SHOW PRIVILEGES', array());
 	while ($row = $smcFunc['db_fetch_assoc']($get_privs))
 	{
-		if ($row['Privilege'] == 'Alter')
-			$privs[] = $row['Privilege'];
+		if ($row['Privilege'] == 'Alter') {
+					$privs[] = $row['Privilege'];
+		}
 	}
 	$smcFunc['db_free_result']($get_privs);
 
@@ -1424,8 +1508,9 @@ 
 	$incontext['continue'] = 1;
 
 	// Skipping?
-	if (!empty($_POST['skip']))
-		return true;
+	if (!empty($_POST['skip'])) {
+			return true;
+	}
 
 	// Need this to check whether we need the database password.
 	require(dirname(__FILE__) . '/Settings.php');
@@ -1442,18 +1527,22 @@ 
 	// We need this to properly hash the password for Admin
 	$smcFunc['strtolower'] = $db_character_set != 'utf8' && $txt['lang_character_set'] != 'UTF-8' ? 'strtolower' : function($string) {
 			global $sourcedir;
-			if (function_exists('mb_strtolower'))
-				return mb_strtolower($string, 'UTF-8');
+			if (function_exists('mb_strtolower')) {
+							return mb_strtolower($string, 'UTF-8');
+			}
 			require_once($sourcedir . '/Subs-Charset.php');
 			return utf8_strtolower($string);
 		};
 
-	if (!isset($_POST['username']))
-		$_POST['username'] = '';
-	if (!isset($_POST['email']))
-		$_POST['email'] = '';
-	if (!isset($_POST['server_email']))
-		$_POST['server_email'] = '';
+	if (!isset($_POST['username'])) {
+			$_POST['username'] = '';
+	}
+	if (!isset($_POST['email'])) {
+			$_POST['email'] = '';
+	}
+	if (!isset($_POST['server_email'])) {
+			$_POST['server_email'] = '';
+	}
 
 	$incontext['username'] = htmlspecialchars(stripslashes($_POST['username']));
 	$incontext['email'] = htmlspecialchars(stripslashes($_POST['email']));
@@ -1472,8 +1561,9 @@ 
 			'admin_group' => 1,
 		)
 	);
-	if ($smcFunc['db_num_rows']($request) != 0)
-		$incontext['skip'] = 1;
+	if ($smcFunc['db_num_rows']($request) != 0) {
+			$incontext['skip'] = 1;
+	}
 	$smcFunc['db_free_result']($request);
 
 	// Trying to create an account?
@@ -1504,8 +1594,9 @@ 
 		}
 
 		// Update the webmaster's email?
-		if (!empty($_POST['server_email']) && (empty($webmaster_email) || $webmaster_email == 'noreply@myserver.com'))
-			updateSettingsFile(array('webmaster_email' => $_POST['server_email']));
+		if (!empty($_POST['server_email']) && (empty($webmaster_email) || $webmaster_email == 'noreply@myserver.com')) {
+					updateSettingsFile(array('webmaster_email' => $_POST['server_email']));
+		}
 
 		// Work out whether we're going to have dodgy characters and remove them.
 		$invalid_characters = preg_match('~[<>&"\'=\\\]~', $_POST['username']) != 0;
@@ -1528,32 +1619,27 @@ 
 			$smcFunc['db_free_result']($result);
 
 			$incontext['account_existed'] = $txt['error_user_settings_taken'];
-		}
-		elseif ($_POST['username'] == '' || strlen($_POST['username']) > 25)
+		} elseif ($_POST['username'] == '' || strlen($_POST['username']) > 25)
 		{
 			// Try the previous step again.
 			$incontext['error'] = $_POST['username'] == '' ? $txt['error_username_left_empty'] : $txt['error_username_too_long'];
 			return false;
-		}
-		elseif ($invalid_characters || $_POST['username'] == '_' || $_POST['username'] == '|' || strpos($_POST['username'], '[code') !== false || strpos($_POST['username'], '[/code') !== false)
+		} elseif ($invalid_characters || $_POST['username'] == '_' || $_POST['username'] == '|' || strpos($_POST['username'], '[code') !== false || strpos($_POST['username'], '[/code') !== false)
 		{
 			// Try the previous step again.
 			$incontext['error'] = $txt['error_invalid_characters_username'];
 			return false;
-		}
-		elseif (empty($_POST['email']) || !filter_var(stripslashes($_POST['email']), FILTER_VALIDATE_EMAIL) || strlen(stripslashes($_POST['email'])) > 255)
+		} elseif (empty($_POST['email']) || !filter_var(stripslashes($_POST['email']), FILTER_VALIDATE_EMAIL) || strlen(stripslashes($_POST['email'])) > 255)
 		{
 			// One step back, this time fill out a proper admin email address.
 			$incontext['error'] = sprintf($txt['error_valid_admin_email_needed'], $_POST['username']);
 			return false;
-		}
-		elseif (empty($_POST['server_email']) || !filter_var(stripslashes($_POST['server_email']), FILTER_VALIDATE_EMAIL) || strlen(stripslashes($_POST['server_email'])) > 255)
+		} elseif (empty($_POST['server_email']) || !filter_var(stripslashes($_POST['server_email']), FILTER_VALIDATE_EMAIL) || strlen(stripslashes($_POST['server_email'])) > 255)
 		{
 			// One step back, this time fill out a proper admin email address.
 			$incontext['error'] = $txt['error_valid_server_email_needed'];
 			return false;
-		}
-		elseif ($_POST['username'] != '')
+		} elseif ($_POST['username'] != '')
 		{
 			$incontext['member_salt'] = substr(md5(mt_rand()), 0, 4);
 
@@ -1621,17 +1707,19 @@ 
 	reloadSettings();
 
 	// Bring a warning over.
-	if (!empty($incontext['account_existed']))
-		$incontext['warning'] = $incontext['account_existed'];
+	if (!empty($incontext['account_existed'])) {
+			$incontext['warning'] = $incontext['account_existed'];
+	}
 
-	if (!empty($db_character_set) && !empty($databases[$db_type]['utf8_support']))
-		$smcFunc['db_query']('', '
+	if (!empty($db_character_set) && !empty($databases[$db_type]['utf8_support'])) {
+			$smcFunc['db_query']('', '
 			SET NAMES {string:db_character_set}',
 			array(
 				'db_character_set' => $db_character_set,
 				'db_error_skip' => true,
 			)
 		);
+	}
 
 	// As track stats is by default enabled let's add some activity.
 	$smcFunc['db_insert']('ignore',
@@ -1652,14 +1740,16 @@ 
 	// Only proceed if we can load the data.
 	if ($request)
 	{
-		while ($row = $smcFunc['db_fetch_row']($request))
-			$modSettings[$row[0]] = $row[1];
+		while ($row = $smcFunc['db_fetch_row']($request)) {
+					$modSettings[$row[0]] = $row[1];
+		}
 		$smcFunc['db_free_result']($request);
 	}
 
 	// Automatically log them in ;)
-	if (isset($incontext['member_id']) && isset($incontext['member_salt']))
-		setLoginCookie(3153600 * 60, $incontext['member_id'], hash_salt($_POST['password1'], $incontext['member_salt']));
+	if (isset($incontext['member_id']) && isset($incontext['member_salt'])) {
+			setLoginCookie(3153600 * 60, $incontext['member_id'], hash_salt($_POST['password1'], $incontext['member_salt']));
+	}
 
 	$result = $smcFunc['db_query']('', '
 		SELECT value
@@ -1670,13 +1760,14 @@ 
 			'db_error_skip' => true,
 		)
 	);
-	if ($smcFunc['db_num_rows']($result) != 0)
-		list ($db_sessions) = $smcFunc['db_fetch_row']($result);
+	if ($smcFunc['db_num_rows']($result) != 0) {
+			list ($db_sessions) = $smcFunc['db_fetch_row']($result);
+	}
 	$smcFunc['db_free_result']($result);
 
-	if (empty($db_sessions))
-		$_SESSION['admin_time'] = time();
-	else
+	if (empty($db_sessions)) {
+			$_SESSION['admin_time'] = time();
+	} else
 	{
 		$_SERVER['HTTP_USER_AGENT'] = substr($_SERVER['HTTP_USER_AGENT'], 0, 211);
 
@@ -1700,8 +1791,9 @@ 
 	$smcFunc['strtolower'] = $db_character_set != 'utf8' && $txt['lang_character_set'] != 'UTF-8' ? 'strtolower' :
 		function($string){
 			global $sourcedir;
-			if (function_exists('mb_strtolower'))
-				return mb_strtolower($string, 'UTF-8');
+			if (function_exists('mb_strtolower')) {
+							return mb_strtolower($string, 'UTF-8');
+			}
 			require_once($sourcedir . '/Subs-Charset.php');
 			return utf8_strtolower($string);
 		};
@@ -1717,8 +1809,9 @@ 
 		)
 	);
 	$context['utf8'] = $db_character_set === 'utf8' || $txt['lang_character_set'] === 'UTF-8';
-	if ($smcFunc['db_num_rows']($request) > 0)
-		updateStats('subject', 1, htmlspecialchars($txt['default_topic_subject']));
+	if ($smcFunc['db_num_rows']($request) > 0) {
+			updateStats('subject', 1, htmlspecialchars($txt['default_topic_subject']));
+	}
 	$smcFunc['db_free_result']($request);
 
 	// Now is the perfect time to fetch the SM files.
@@ -1737,8 +1830,9 @@ 
 
 	// Check if we need some stupid MySQL fix.
 	$server_version = $smcFunc['db_server_info']();
-	if (($db_type == 'mysql' || $db_type == 'mysqli') && in_array(substr($server_version, 0, 6), array('5.0.50', '5.0.51')))
-		updateSettings(array('db_mysql_group_by_fix' => '1'));
+	if (($db_type == 'mysql' || $db_type == 'mysqli') && in_array(substr($server_version, 0, 6), array('5.0.50', '5.0.51'))) {
+			updateSettings(array('db_mysql_group_by_fix' => '1'));
+	}
 
 	// Some final context for the template.
 	$incontext['dir_still_writable'] = is_writable(dirname(__FILE__)) && substr(__FILE__, 1, 2) != ':\\';
@@ -1758,8 +1852,9 @@ 
 	$settingsArray = file(dirname(__FILE__) . '/Settings.php');
 
 	// @todo Do we just want to read the file in clean, and split it this way always?
-	if (count($settingsArray) == 1)
-		$settingsArray = preg_split('~[\r\n]~', $settingsArray[0]);
+	if (count($settingsArray) == 1) {
+			$settingsArray = preg_split('~[\r\n]~', $settingsArray[0]);
+	}
 
 	for ($i = 0, $n = count($settingsArray); $i < $n; $i++)
 	{
@@ -1767,25 +1862,29 @@ 
 		if (trim($settingsArray[$i]) == 'if (file_exists(dirname(__FILE__) . \'/install.php\'))' && trim($settingsArray[$i + 1]) == '{' && trim($settingsArray[$i + 9]) == '}')
 		{
 			// Set the ten lines to nothing.
-			for ($j=0; $j < 10; $j++)
-				$settingsArray[$i++] = '';
+			for ($j=0; $j < 10; $j++) {
+							$settingsArray[$i++] = '';
+			}
 
 			continue;
 		}
 
-		if (trim($settingsArray[$i]) == '?' . '>')
-			$settingsArray[$i] = '';
+		if (trim($settingsArray[$i]) == '?' . '>') {
+					$settingsArray[$i] = '';
+		}
 
 		// Don't trim or bother with it if it's not a variable.
-		if (substr($settingsArray[$i], 0, 1) != '$')
-			continue;
+		if (substr($settingsArray[$i], 0, 1) != '$') {
+					continue;
+		}
 
 		$settingsArray[$i] = rtrim($settingsArray[$i]) . "\n";
 
-		foreach ($vars as $var => $val)
-			if (strncasecmp($settingsArray[$i], '$' . $var, 1 + strlen($var)) == 0)
+		foreach ($vars as $var => $val) {
+					if (strncasecmp($settingsArray[$i], '$' . $var, 1 + strlen($var)) == 0)
 			{
 				$comment = strstr($settingsArray[$i], '#');
+		}
 				$settingsArray[$i] = '$' . $var . ' = \'' . $val . '\';' . ($comment != '' ? "\t\t" . $comment : "\n");
 				unset($vars[$var]);
 			}
@@ -1795,36 +1894,41 @@ 
 	if (!empty($vars))
 	{
 		$settingsArray[$i++] = '';
-		foreach ($vars as $var => $val)
-			$settingsArray[$i++] = '$' . $var . ' = \'' . $val . '\';' . "\n";
+		foreach ($vars as $var => $val) {
+					$settingsArray[$i++] = '$' . $var . ' = \'' . $val . '\';' . "\n";
+		}
 	}
 
 	// Blank out the file - done to fix a oddity with some servers.
 	$fp = @fopen(dirname(__FILE__) . '/Settings.php', 'w');
-	if (!$fp)
-		return false;
+	if (!$fp) {
+			return false;
+	}
 	fclose($fp);
 
 	$fp = fopen(dirname(__FILE__) . '/Settings.php', 'r+');
 
 	// Gotta have one of these ;)
-	if (trim($settingsArray[0]) != '<?php')
-		fwrite($fp, "<?php\n");
+	if (trim($settingsArray[0]) != '<?php') {
+			fwrite($fp, "<?php\n");
+	}
 
 	$lines = count($settingsArray);
 	for ($i = 0; $i < $lines - 1; $i++)
 	{
 		// Don't just write a bunch of blank lines.
-		if ($settingsArray[$i] != '' || @$settingsArray[$i - 1] != '')
-			fwrite($fp, strtr($settingsArray[$i], "\r", ''));
+		if ($settingsArray[$i] != '' || @$settingsArray[$i - 1] != '') {
+					fwrite($fp, strtr($settingsArray[$i], "\r", ''));
+		}
 	}
 	fwrite($fp, $settingsArray[$i] . '?' . '>');
 	fclose($fp);
 
 	// Even though on normal installations the filemtime should prevent this being used by the installer incorrectly
 	// it seems that there are times it might not. So let's MAKE it dump the cache.
-	if (function_exists('opcache_invalidate'))
-		opcache_invalidate(dirname(__FILE__) . '/Settings.php', true);
+	if (function_exists('opcache_invalidate')) {
+			opcache_invalidate(dirname(__FILE__) . '/Settings.php', true);
+	}
 
 	return true;
 }
@@ -1849,9 +1953,9 @@ 
 	SecFilterScanPOST Off
 </IfModule>';
 
-	if (!function_exists('apache_get_modules') || !in_array('mod_security', apache_get_modules()))
-		return true;
-	elseif (file_exists(dirname(__FILE__) . '/.htaccess') && is_writable(dirname(__FILE__) . '/.htaccess'))
+	if (!function_exists('apache_get_modules') || !in_array('mod_security', apache_get_modules())) {
+			return true;
+	} elseif (file_exists(dirname(__FILE__) . '/.htaccess') && is_writable(dirname(__FILE__) . '/.htaccess'))
 	{
 		$current_htaccess = implode('', file(dirname(__FILE__) . '/.htaccess'));
 
@@ -1863,29 +1967,28 @@ 
 				fwrite($ht_handle, $htaccess_addition);
 				fclose($ht_handle);
 				return true;
+			} else {
+							return false;
 			}
-			else
-				return false;
+		} else {
+					return true;
 		}
-		else
-			return true;
-	}
-	elseif (file_exists(dirname(__FILE__) . '/.htaccess'))
-		return strpos(implode('', file(dirname(__FILE__) . '/.htaccess')), '<IfModule mod_security.c>') !== false;
-	elseif (is_writable(dirname(__FILE__)))
+	} elseif (file_exists(dirname(__FILE__) . '/.htaccess')) {
+			return strpos(implode('', file(dirname(__FILE__) . '/.htaccess')), '<IfModule mod_security.c>') !== false;
+	} elseif (is_writable(dirname(__FILE__)))
 	{
 		if ($ht_handle = fopen(dirname(__FILE__) . '/.htaccess', 'w'))
 		{
 			fwrite($ht_handle, $htaccess_addition);
 			fclose($ht_handle);
 			return true;
+		} else {
+					return false;
 		}
-		else
+	} else {
 			return false;
 	}
-	else
-		return false;
-}
+	}
 
 function template_install_above()
 {
@@ -1923,9 +2026,10 @@ 
 								<label for="installer_language">', $txt['installer_language'], ':</label>
 								<select id="installer_language" name="lang_file" onchange="location.href = \'', $installurl, '?lang_file=\' + this.options[this.selectedIndex].value;">';
 
-		foreach ($incontext['detected_languages'] as $lang => $name)
-			echo '
+		foreach ($incontext['detected_languages'] as $lang => $name) {
+					echo '
 									<option', isset($_SESSION['installer_temp_lang']) && $_SESSION['installer_temp_lang'] == $lang ? ' selected' : '', ' value="', $lang, '">', $name, '</option>';
+		}
 
 		echo '
 								</select>
@@ -1945,9 +2049,10 @@ 
 						<h2>', $txt['upgrade_progress'], '</h2>
 						<ul>';
 
-	foreach ($incontext['steps'] as $num => $step)
-		echo '
+	foreach ($incontext['steps'] as $num => $step) {
+			echo '
 							<li class="', $num < $incontext['current_step'] ? 'stepdone' : ($num == $incontext['current_step'] ? 'stepcurrent' : 'stepwaiting'), '">', $txt['upgrade_step'], ' ', $step[0], ': ', $step[1], '</li>';
+	}
 
 	echo '
 						</ul>
@@ -1972,20 +2077,23 @@ 
 		echo '
 								<div class="floatright">';
 
-		if (!empty($incontext['continue']))
-			echo '
+		if (!empty($incontext['continue'])) {
+					echo '
 									<input type="submit" id="contbutt" name="contbutt" value="', $txt['upgrade_continue'], '" onclick="return submitThisOnce(this);" class="button" />';
-		if (!empty($incontext['skip']))
-			echo '
+		}
+		if (!empty($incontext['skip'])) {
+					echo '
 									<input type="submit" id="skip" name="skip" value="', $txt['upgrade_skip'], '" onclick="return submitThisOnce(this);" class="button" />';
+		}
 		echo '
 								</div>';
 	}
 
 	// Show the closing form tag and other data only if not in the last step
-	if (count($incontext['steps']) - 1 !== (int) $incontext['current_step'])
-		echo '
+	if (count($incontext['steps']) - 1 !== (int) $incontext['current_step']) {
+			echo '
 							</form>';
+	}
 
 	echo '
 						</div>
@@ -2020,13 +2128,15 @@ 
 		</div>';
 
 	// Show the warnings, or not.
-	if (template_warning_divs())
-		echo '
+	if (template_warning_divs()) {
+			echo '
 		<h3>', $txt['install_all_lovely'], '</h3>';
+	}
 
 	// Say we want the continue button!
-	if (empty($incontext['error']))
-		$incontext['continue'] = 1;
+	if (empty($incontext['error'])) {
+			$incontext['continue'] = 1;
+	}
 
 	// For the latest version stuff.
 	echo '
@@ -2060,8 +2170,8 @@ 
 	global $txt, $incontext;
 
 	// Errors are very serious..
-	if (!empty($incontext['error']))
-		echo '
+	if (!empty($incontext['error'])) {
+			echo '
 		<div style="margin: 2ex; padding: 2ex; border: 2px dashed #cc3344; color: black; background-color: #ffe4e9;">
 			<div style="float: left; width: 2ex; font-size: 2em; color: red;">!!</div>
 			<strong style="text-decoration: underline;">', $txt['upgrade_critical_error'], '</strong><br>
@@ -2069,9 +2179,10 @@ 
 				', $incontext['error'], '
 			</div>
 		</div>';
+	}
 	// A warning message?
-	elseif (!empty($incontext['warning']))
-		echo '
+	elseif (!empty($incontext['warning'])) {
+			echo '
 		<div style="margin: 2ex; padding: 2ex; border: 2px dashed #cc3344; color: black; background-color: #ffe4e9;">
 			<div style="float: left; width: 2ex; font-size: 2em; color: red;">!!</div>
 			<strong style="text-decoration: underline;">', $txt['upgrade_warning'], '</strong><br>
@@ -2079,6 +2190,7 @@ 
 				', $incontext['warning'], '
 			</div>
 		</div>';
+	}
 
 	return empty($incontext['error']) && empty($incontext['warning']);
 }
@@ -2094,27 +2206,30 @@ 
 			<li>', $incontext['failed_files']), '</li>
 		</ul>';
 
-	if (isset($incontext['systemos'], $incontext['detected_path']) && $incontext['systemos'] == 'linux')
-		echo '
+	if (isset($incontext['systemos'], $incontext['detected_path']) && $incontext['systemos'] == 'linux') {
+			echo '
 		<hr>
 		<p>', $txt['chmod_linux_info'], '</p>
 		<tt># chmod a+w ', implode(' ' . $incontext['detected_path'] . '/', $incontext['failed_files']), '</tt>';
+	}
 
 	// This is serious!
-	if (!template_warning_divs())
-		return;
+	if (!template_warning_divs()) {
+			return;
+	}
 
 	echo '
 		<hr>
 		<p>', $txt['ftp_setup_info'], '</p>';
 
-	if (!empty($incontext['ftp_errors']))
-		echo '
+	if (!empty($incontext['ftp_errors'])) {
+			echo '
 		<div class="error_message">
 			', $txt['error_ftp_no_connect'], '<br><br>
 			<code>', implode('<br>', $incontext['ftp_errors']), '</code>
 		</div>
 		<br>';
+	}
 
 	echo '
 		<form action="', $incontext['form_url'], '" method="post">
@@ -2174,17 +2289,17 @@ 
 				<td>
 					<select name="db_type" id="db_type_input" onchange="toggleDBInput();">';
 
-	foreach ($incontext['supported_databases'] as $key => $db)
-			echo '
+	foreach ($incontext['supported_databases'] as $key => $db) {
+				echo '
 						<option value="', $key, '"', isset($_POST['db_type']) && $_POST['db_type'] == $key ? ' selected' : '', '>', $db['name'], '</option>';
+	}
 
 	echo '
 					</select>
 					<div class="smalltext block">', $txt['db_settings_type_info'], '</div>
 				</td>
 			</tr>';
-	}
-	else
+	} else
 	{
 		echo '
 			<tr style="display: none;">
@@ -2377,9 +2492,10 @@ 
 				<div style="color: red;">', $txt['error_db_queries'], '</div>
 				<ul>';
 
-		foreach ($incontext['failures'] as $line => $fail)
-			echo '
+		foreach ($incontext['failures'] as $line => $fail) {
+					echo '
 						<li><strong>', $txt['error_db_queries_line'], $line + 1, ':</strong> ', nl2br(htmlspecialchars($fail)), '</li>';
+		}
 
 		echo '
 				</ul>';
@@ -2440,15 +2556,16 @@ 
 			</tr>
 		</table>';
 
-	if ($incontext['require_db_confirm'])
-		echo '
+	if ($incontext['require_db_confirm']) {
+			echo '
 		<h2>', $txt['user_settings_database'], '</h2>
 		<p>', $txt['user_settings_database_info'], '</p>
 
 		<div style="margin-bottom: 2ex; padding-', $txt['lang_rtl'] == false ? 'left' : 'right', ': 50px;">
 			<input type="password" name="password3" size="30" />
 		</div>';
-}
+	}
+	}
 
 // Tell them it's done, and to delete.
 function template_delete_install()
@@ -2461,14 +2578,15 @@ 
 	template_warning_divs();
 
 	// Install directory still writable?
-	if ($incontext['dir_still_writable'])
-		echo '
+	if ($incontext['dir_still_writable']) {
+			echo '
 		<em>', $txt['still_writable'], '</em><br>
 		<br>';
+	}
 
 	// Don't show the box if it's like 99% sure it won't work :P.
-	if ($incontext['probably_delete_install'])
-		echo '
+	if ($incontext['probably_delete_install']) {
+			echo '
 		<div style="margin: 1ex; font-weight: bold;">
 			<label for="delete_self"><input type="checkbox" id="delete_self" onclick="doTheDelete();" /> ', $txt['delete_installer'], !isset($_SESSION['installer_temp_ftp']) ? ' ' . $txt['delete_installer_maybe'] : '', '</label>
 		</div>
@@ -2484,6 +2602,7 @@ 
 			}
 		</script>
 		<br>';
+	}
 
 	echo '
 		', sprintf($txt['go_to_your_forum'], $boardurl . '/index.php'), '<br>

other/Settings.php

Braces +13 added lines, -8 removed lines

@@ -186,8 +186,9 @@ 
 
 ########## Error-Catching ##########
 # Note: You shouldn't touch these settings.
-if (file_exists(dirname(__FILE__) . '/db_last_error.php'))
+if (file_exists(dirname(__FILE__) . '/db_last_error.php')) {
 	include(dirname(__FILE__) . '/db_last_error.php');
+}
 
 if (!isset($db_last_error))
 {
@@ -199,20 +200,24 @@ 
 if (file_exists(dirname(__FILE__) . '/install.php'))
 {
 	$secure = false;
-	if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on')
-		$secure = true;
-	elseif (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' || !empty($_SERVER['HTTP_X_FORWARDED_SSL']) && $_SERVER['HTTP_X_FORWARDED_SSL'] == 'on')
-		$secure = true;
+	if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') {
+			$secure = true;
+	} elseif (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' || !empty($_SERVER['HTTP_X_FORWARDED_SSL']) && $_SERVER['HTTP_X_FORWARDED_SSL'] == 'on') {
+			$secure = true;
+	}
 
 	header('Location: http' . ($secure ? 's' : '') . '://' . (empty($_SERVER['HTTP_HOST']) ? $_SERVER['SERVER_NAME'] . (empty($_SERVER['SERVER_PORT']) || $_SERVER['SERVER_PORT'] == '80' ? '' : ':' . $_SERVER['SERVER_PORT']) : $_SERVER['HTTP_HOST']) . (strtr(dirname($_SERVER['PHP_SELF']), '\\', '/') == '/' ? '' : strtr(dirname($_SERVER['PHP_SELF']), '\\', '/')) . '/install.php'); exit;
 }
 
 # Make sure the paths are correct... at least try to fix them.
-if (!file_exists($boarddir) && file_exists(dirname(__FILE__) . '/agreement.txt'))
+if (!file_exists($boarddir) && file_exists(dirname(__FILE__) . '/agreement.txt')) {
 	$boarddir = dirname(__FILE__);
-if (!file_exists($sourcedir) && file_exists($boarddir . '/Sources'))
+}
+if (!file_exists($sourcedir) && file_exists($boarddir . '/Sources')) {
 	$sourcedir = $boarddir . '/Sources';
-if (!file_exists($cachedir) && file_exists($boarddir . '/cache'))
+}
+if (!file_exists($cachedir) && file_exists($boarddir . '/cache')) {
 	$cachedir = $boarddir . '/cache';
+}
 
 ?>
\ No newline at end of file

Sources/Subs-Db-mysql.php

Spacing +10 added lines, -10 removed lines

@@ -255,8 +255,8 @@ 
 
 		case 'datetime':
 			if (preg_match('~^(\d{4})-([0-1]?\d)-([0-3]?\d) ([0-1]?\d|2[0-3]):([0-5]\d):([0-5]\d)$~', $replacement, $datetime_matches) === 1)
-				return 'str_to_date('.
-					sprintf('\'%04d-%02d-%02d %02d:%02d:%02d\'', $datetime_matches[1], $datetime_matches[2], $datetime_matches[3], $datetime_matches[4], $datetime_matches[5] ,$datetime_matches[6]).
+				return 'str_to_date(' .
+					sprintf('\'%04d-%02d-%02d %02d:%02d:%02d\'', $datetime_matches[1], $datetime_matches[2], $datetime_matches[3], $datetime_matches[4], $datetime_matches[5], $datetime_matches[6]) .
 					',\'%Y-%m-%d %h:%i:%s\')';
 			else
 				smf_db_error_backtrace('Wrong value type sent to the database. Datetime expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
@@ -460,7 +460,7 @@ 
 		$old_pos = 0;
 		$pos = -1;
 		// Remove the string escape for better runtime
-		$db_string_1 = str_replace('\\\'','',$db_string);
+		$db_string_1 = str_replace('\\\'', '', $db_string);
 		while (true)
 		{
 			$pos = strpos($db_string_1, '\'', $pos + 1);
@@ -842,7 +842,7 @@ 
 	{
 		$count = count($insertRows);
 		$ai = 0;
-		for($i = 0; $i < $count; $i++)
+		for ($i = 0; $i < $count; $i++)
 		{
 			$old_id = $smcFunc['db_insert_id']();
 
@@ -868,13 +868,13 @@ 
 				$count2 = count($indexed_columns);
 				for ($x = 0; $x < $count2; $x++)
 				{
-					$where_string += key($indexed_columns[$x]) . ' = '. $insertRows[$i][$x];
+					$where_string += key($indexed_columns[$x]) . ' = ' . $insertRows[$i][$x];
 					if (($x + 1) < $count2)
 						$where_string += ' AND ';
 				}
 
-				$request = $smcFunc['db_query']('','
-					SELECT `'. $keys[0] . '` FROM ' . $table .'
+				$request = $smcFunc['db_query']('', '
+					SELECT `'. $keys[0] . '` FROM ' . $table . '
 					WHERE ' . $where_string . ' LIMIT 1',
 					array()
 				);
@@ -903,7 +903,7 @@ 
 			$return_var = array();
 			$count = count($insertRows);
 			$start = smf_db_insert_id($table, $keys[0]);
-			for ($i = 0; $i < $count; $i++ )
+			for ($i = 0; $i < $count; $i++)
 				$return_var[] = $start + $i;
 		}
 		return $return_var;
@@ -1036,7 +1036,7 @@ 
 	mysqli_stmt_bind_param($mysql_error_data_prep, 'iissssssi',
 		$error_array[0], $error_array[1], $error_array[2], $error_array[3], $error_array[4], $error_array[5], $error_array[6],
 		$error_array[7], $error_array[8]);
-	mysqli_stmt_execute ($mysql_error_data_prep);
+	mysqli_stmt_execute($mysql_error_data_prep);
 }
 
 /**
@@ -1050,7 +1050,7 @@ 
  */
 function smf_db_custom_order($field, $array_values, $desc = false)
 {
-	$return = 'CASE '. $field . ' ';
+	$return = 'CASE ' . $field . ' ';
 	$count = count($array_values);
 	$then = ($desc ? ' THEN -' : ' THEN ');
 

Braces +277 added lines, -205 removed lines

@@ -13,8 +13,9 @@ 
  * @version 2.1 Beta 4
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  *  Maps the implementations in this file (smf_db_function_name)
@@ -33,8 +34,8 @@ 
 	global $smcFunc;
 
 	// Map some database specific functions, only do this once.
-	if (!isset($smcFunc['db_fetch_assoc']))
-		$smcFunc += array(
+	if (!isset($smcFunc['db_fetch_assoc'])) {
+			$smcFunc += array(
 			'db_query'                  => 'smf_db_query',
 			'db_quote'                  => 'smf_db_quote',
 			'db_fetch_assoc'            => 'mysqli_fetch_assoc',
@@ -63,9 +64,11 @@ 
 			'db_error_insert'			=> 'smf_db_error_insert',
 			'db_custom_order'			=> 'smf_db_custom_order',
 		);
+	}
 
-	if (!empty($db_options['persist']))
-		$db_server = 'p:' . $db_server;
+	if (!empty($db_options['persist'])) {
+			$db_server = 'p:' . $db_server;
+	}
 
 	$connection = mysqli_init();
 
@@ -74,24 +77,27 @@ 
 	$success = false;
 
 	if ($connection) {
-		if (!empty($db_options['port']))
-			$success = mysqli_real_connect($connection, $db_server, $db_user, $db_passwd, '', $db_options['port'], null, $flags);
-		else
-			$success = mysqli_real_connect($connection, $db_server, $db_user, $db_passwd, '', 0, null, $flags);
+		if (!empty($db_options['port'])) {
+					$success = mysqli_real_connect($connection, $db_server, $db_user, $db_passwd, '', $db_options['port'], null, $flags);
+		} else {
+					$success = mysqli_real_connect($connection, $db_server, $db_user, $db_passwd, '', 0, null, $flags);
+		}
 	}
 
 	// Something's wrong, show an error if its fatal (which we assume it is)
 	if ($success === false)
 	{
-		if (!empty($db_options['non_fatal']))
-			return null;
-		else
-			display_db_error();
+		if (!empty($db_options['non_fatal'])) {
+					return null;
+		} else {
+					display_db_error();
+		}
 	}
 
 	// Select the database, unless told not to
-	if (empty($db_options['dont_select_db']) && !@mysqli_select_db($connection, $db_name) && empty($db_options['non_fatal']))
-		display_db_error();
+	if (empty($db_options['dont_select_db']) && !@mysqli_select_db($connection, $db_name) && empty($db_options['non_fatal'])) {
+			display_db_error();
+	}
 
 	$smcFunc['db_query']('', 'SET SESSION sql_mode = \'ONLY_FULL_GROUP_BY,STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION\'',
 		array(),
@@ -167,34 +173,42 @@ 
 	global $db_callback, $user_info, $db_prefix, $smcFunc;
 
 	list ($values, $connection) = $db_callback;
-	if (!is_object($connection))
-		display_db_error();
+	if (!is_object($connection)) {
+			display_db_error();
+	}
 
-	if ($matches[1] === 'db_prefix')
-		return $db_prefix;
+	if ($matches[1] === 'db_prefix') {
+			return $db_prefix;
+	}
 
-	if (isset($user_info[$matches[1]]) && strpos($matches[1], 'query_') !== false)
-		return $user_info[$matches[1]];
+	if (isset($user_info[$matches[1]]) && strpos($matches[1], 'query_') !== false) {
+			return $user_info[$matches[1]];
+	}
 
-	if ($matches[1] === 'empty')
-		return '\'\'';
+	if ($matches[1] === 'empty') {
+			return '\'\'';
+	}
 
-	if (!isset($matches[2]))
-		smf_db_error_backtrace('Invalid value inserted or no type specified.', '', E_USER_ERROR, __FILE__, __LINE__);
+	if (!isset($matches[2])) {
+			smf_db_error_backtrace('Invalid value inserted or no type specified.', '', E_USER_ERROR, __FILE__, __LINE__);
+	}
 
-	if ($matches[1] === 'literal')
-		return '\'' . mysqli_real_escape_string($connection, $matches[2]) . '\'';
+	if ($matches[1] === 'literal') {
+			return '\'' . mysqli_real_escape_string($connection, $matches[2]) . '\'';
+	}
 
-	if (!isset($values[$matches[2]]))
-		smf_db_error_backtrace('The database value you\'re trying to insert does not exist: ' . (isset($smcFunc['htmlspecialchars']) ? $smcFunc['htmlspecialchars']($matches[2]) : htmlspecialchars($matches[2])), '', E_USER_ERROR, __FILE__, __LINE__);
+	if (!isset($values[$matches[2]])) {
+			smf_db_error_backtrace('The database value you\'re trying to insert does not exist: ' . (isset($smcFunc['htmlspecialchars']) ? $smcFunc['htmlspecialchars']($matches[2]) : htmlspecialchars($matches[2])), '', E_USER_ERROR, __FILE__, __LINE__);
+	}
 
 	$replacement = $values[$matches[2]];
 
 	switch ($matches[1])
 	{
 		case 'int':
-			if (!is_numeric($replacement) || (string) $replacement !== (string) (int) $replacement)
-				smf_db_error_backtrace('Wrong value type sent to the database. Integer expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
+			if (!is_numeric($replacement) || (string) $replacement !== (string) (int) $replacement) {
+							smf_db_error_backtrace('Wrong value type sent to the database. Integer expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
+			}
 			return (string) (int) $replacement;
 		break;
 
@@ -206,65 +220,73 @@ 
 		case 'array_int':
 			if (is_array($replacement))
 			{
-				if (empty($replacement))
-					smf_db_error_backtrace('Database error, given array of integer values is empty. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
+				if (empty($replacement)) {
+									smf_db_error_backtrace('Database error, given array of integer values is empty. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
+				}
 
 				foreach ($replacement as $key => $value)
 				{
-					if (!is_numeric($value) || (string) $value !== (string) (int) $value)
-						smf_db_error_backtrace('Wrong value type sent to the database. Array of integers expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
+					if (!is_numeric($value) || (string) $value !== (string) (int) $value) {
+											smf_db_error_backtrace('Wrong value type sent to the database. Array of integers expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
+					}
 
 					$replacement[$key] = (string) (int) $value;
 				}
 
 				return implode(', ', $replacement);
+			} else {
+							smf_db_error_backtrace('Wrong value type sent to the database. Array of integers expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
 			}
-			else
-				smf_db_error_backtrace('Wrong value type sent to the database. Array of integers expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
 
 		break;
 
 		case 'array_string':
 			if (is_array($replacement))
 			{
-				if (empty($replacement))
-					smf_db_error_backtrace('Database error, given array of string values is empty. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
+				if (empty($replacement)) {
+									smf_db_error_backtrace('Database error, given array of string values is empty. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
+				}
 
-				foreach ($replacement as $key => $value)
-					$replacement[$key] = sprintf('\'%1$s\'', mysqli_real_escape_string($connection, $value));
+				foreach ($replacement as $key => $value) {
+									$replacement[$key] = sprintf('\'%1$s\'', mysqli_real_escape_string($connection, $value));
+				}
 
 				return implode(', ', $replacement);
+			} else {
+							smf_db_error_backtrace('Wrong value type sent to the database. Array of strings expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
 			}
-			else
-				smf_db_error_backtrace('Wrong value type sent to the database. Array of strings expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
 		break;
 
 		case 'date':
-			if (preg_match('~^(\d{4})-([0-1]?\d)-([0-3]?\d)$~', $replacement, $date_matches) === 1)
-				return sprintf('\'%04d-%02d-%02d\'', $date_matches[1], $date_matches[2], $date_matches[3]);
-			else
-				smf_db_error_backtrace('Wrong value type sent to the database. Date expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
+			if (preg_match('~^(\d{4})-([0-1]?\d)-([0-3]?\d)$~', $replacement, $date_matches) === 1) {
+							return sprintf('\'%04d-%02d-%02d\'', $date_matches[1], $date_matches[2], $date_matches[3]);
+			} else {
+							smf_db_error_backtrace('Wrong value type sent to the database. Date expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
+			}
 		break;
 
 		case 'time':
-			if (preg_match('~^([0-1]?\d|2[0-3]):([0-5]\d):([0-5]\d)$~', $replacement, $time_matches) === 1)
-				return sprintf('\'%02d:%02d:%02d\'', $time_matches[1], $time_matches[2], $time_matches[3]);
-			else
-				smf_db_error_backtrace('Wrong value type sent to the database. Time expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
+			if (preg_match('~^([0-1]?\d|2[0-3]):([0-5]\d):([0-5]\d)$~', $replacement, $time_matches) === 1) {
+							return sprintf('\'%02d:%02d:%02d\'', $time_matches[1], $time_matches[2], $time_matches[3]);
+			} else {
+							smf_db_error_backtrace('Wrong value type sent to the database. Time expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
+			}
 		break;
 
 		case 'datetime':
-			if (preg_match('~^(\d{4})-([0-1]?\d)-([0-3]?\d) ([0-1]?\d|2[0-3]):([0-5]\d):([0-5]\d)$~', $replacement, $datetime_matches) === 1)
-				return 'str_to_date('.
+			if (preg_match('~^(\d{4})-([0-1]?\d)-([0-3]?\d) ([0-1]?\d|2[0-3]):([0-5]\d):([0-5]\d)$~', $replacement, $datetime_matches) === 1) {
+							return 'str_to_date('.
 					sprintf('\'%04d-%02d-%02d %02d:%02d:%02d\'', $datetime_matches[1], $datetime_matches[2], $datetime_matches[3], $datetime_matches[4], $datetime_matches[5] ,$datetime_matches[6]).
 					',\'%Y-%m-%d %h:%i:%s\')';
-			else
-				smf_db_error_backtrace('Wrong value type sent to the database. Datetime expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
+			} else {
+							smf_db_error_backtrace('Wrong value type sent to the database. Datetime expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
+			}
 		break;
 
 		case 'float':
-			if (!is_numeric($replacement))
-				smf_db_error_backtrace('Wrong value type sent to the database. Floating point number expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
+			if (!is_numeric($replacement)) {
+							smf_db_error_backtrace('Wrong value type sent to the database. Floating point number expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
+			}
 			return (string) (float) $replacement;
 		break;
 
@@ -278,32 +300,37 @@ 
 		break;
 
 		case 'inet':
-			if ($replacement == 'null' || $replacement == '')
-				return 'null';
-			if (!isValidIP($replacement))
-				smf_db_error_backtrace('Wrong value type sent to the database. IPv4 or IPv6 expected.(' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
+			if ($replacement == 'null' || $replacement == '') {
+							return 'null';
+			}
+			if (!isValidIP($replacement)) {
+							smf_db_error_backtrace('Wrong value type sent to the database. IPv4 or IPv6 expected.(' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
+			}
 			//we don't use the native support of mysql > 5.6.2
 			return sprintf('unhex(\'%1$s\')', bin2hex(inet_pton($replacement)));
 
 		case 'array_inet':
 			if (is_array($replacement))
 			{
-				if (empty($replacement))
-					smf_db_error_backtrace('Database error, given array of IPv4 or IPv6 values is empty. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
+				if (empty($replacement)) {
+									smf_db_error_backtrace('Database error, given array of IPv4 or IPv6 values is empty. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
+				}
 
 				foreach ($replacement as $key => $value)
 				{
-					if ($replacement == 'null' || $replacement == '')
-						$replacement[$key] = 'null';
-					if (!isValidIP($value))
-						smf_db_error_backtrace('Wrong value type sent to the database. IPv4 or IPv6 expected.(' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
+					if ($replacement == 'null' || $replacement == '') {
+											$replacement[$key] = 'null';
+					}
+					if (!isValidIP($value)) {
+											smf_db_error_backtrace('Wrong value type sent to the database. IPv4 or IPv6 expected.(' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
+					}
 					$replacement[$key] = sprintf('unhex(\'%1$s\')', bin2hex(inet_pton($value)));
 				}
 
 				return implode(', ', $replacement);
+			} else {
+							smf_db_error_backtrace('Wrong value type sent to the database. Array of IPv4 or IPv6 expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
 			}
-			else
-				smf_db_error_backtrace('Wrong value type sent to the database. Array of IPv4 or IPv6 expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);
 		break;
 
 		default:
@@ -379,22 +406,25 @@ 
 		// Are we in SSI mode?  If so try that username and password first
 		if (SMF == 'SSI' && !empty($ssi_db_user) && !empty($ssi_db_passwd))
 		{
-			if (empty($db_persist))
-				$db_connection = @mysqli_connect($db_server, $ssi_db_user, $ssi_db_passwd);
-			else
-				$db_connection = @mysqli_connect('p:' . $db_server, $ssi_db_user, $ssi_db_passwd);
+			if (empty($db_persist)) {
+							$db_connection = @mysqli_connect($db_server, $ssi_db_user, $ssi_db_passwd);
+			} else {
+							$db_connection = @mysqli_connect('p:' . $db_server, $ssi_db_user, $ssi_db_passwd);
+			}
 		}
 		// Fall back to the regular username and password if need be
 		if (!$db_connection)
 		{
-			if (empty($db_persist))
-				$db_connection = @mysqli_connect($db_server, $db_user, $db_passwd);
-			else
-				$db_connection = @mysqli_connect('p:' . $db_server, $db_user, $db_passwd);
+			if (empty($db_persist)) {
+							$db_connection = @mysqli_connect($db_server, $db_user, $db_passwd);
+			} else {
+							$db_connection = @mysqli_connect('p:' . $db_server, $db_user, $db_passwd);
+			}
 		}
 
-		if (!$db_connection || !@mysqli_select_db($db_connection, $db_name))
-			$db_connection = false;
+		if (!$db_connection || !@mysqli_select_db($db_connection, $db_name)) {
+					$db_connection = false;
+		}
 
 		$connection = $db_connection;
 	}
@@ -402,18 +432,20 @@ 
 	// One more query....
 	$db_count = !isset($db_count) ? 1 : $db_count + 1;
 
-	if (empty($modSettings['disableQueryCheck']) && strpos($db_string, '\'') !== false && empty($db_values['security_override']))
-		smf_db_error_backtrace('Hacking attempt...', 'Illegal character (\') used in query...', true, __FILE__, __LINE__);
+	if (empty($modSettings['disableQueryCheck']) && strpos($db_string, '\'') !== false && empty($db_values['security_override'])) {
+			smf_db_error_backtrace('Hacking attempt...', 'Illegal character (\') used in query...', true, __FILE__, __LINE__);
+	}
 
 	// Use "ORDER BY null" to prevent Mysql doing filesorts for Group By clauses without an Order By
 	if (strpos($db_string, 'GROUP BY') !== false && strpos($db_string, 'ORDER BY') === false && preg_match('~^\s+SELECT~i', $db_string))
 	{
 		// Add before LIMIT
-		if ($pos = strpos($db_string, 'LIMIT '))
-			$db_string = substr($db_string, 0, $pos) . "\t\t\tORDER BY null\n" . substr($db_string, $pos, strlen($db_string));
-		else
-			// Append it.
+		if ($pos = strpos($db_string, 'LIMIT ')) {
+					$db_string = substr($db_string, 0, $pos) . "\t\t\tORDER BY null\n" . substr($db_string, $pos, strlen($db_string));
+		} else {
+					// Append it.
 			$db_string .= "\n\t\t\tORDER BY null";
+		}
 	}
 
 	if (empty($db_values['security_override']) && (!empty($db_values) || strpos($db_string, '{db_prefix}') !== false))
@@ -439,17 +471,18 @@ 
 		while (true)
 		{
 			$pos = strpos($db_string_1, '\'', $pos + 1);
-			if ($pos === false)
-				break;
+			if ($pos === false) {
+							break;
+			}
 			$clean .= substr($db_string_1, $old_pos, $pos - $old_pos);
 
 			while (true)
 			{
 				$pos1 = strpos($db_string_1, '\'', $pos + 1);
 				$pos2 = strpos($db_string_1, '\\', $pos + 1);
-				if ($pos1 === false)
-					break;
-				elseif ($pos2 === false || $pos2 > $pos1)
+				if ($pos1 === false) {
+									break;
+				} elseif ($pos2 === false || $pos2 > $pos1)
 				{
 					$pos = $pos1;
 					break;
@@ -465,16 +498,19 @@ 
 		$clean = trim(strtolower(preg_replace($allowed_comments_from, $allowed_comments_to, $clean)));
 
 		// Comments?  We don't use comments in our queries, we leave 'em outside!
-		if (strpos($clean, '/*') > 2 || strpos($clean, '--') !== false || strpos($clean, ';') !== false)
-			$fail = true;
+		if (strpos($clean, '/*') > 2 || strpos($clean, '--') !== false || strpos($clean, ';') !== false) {
+					$fail = true;
+		}
 		// Trying to change passwords, slow us down, or something?
-		elseif (strpos($clean, 'sleep') !== false && preg_match('~(^|[^a-z])sleep($|[^[_a-z])~s', $clean) != 0)
-			$fail = true;
-		elseif (strpos($clean, 'benchmark') !== false && preg_match('~(^|[^a-z])benchmark($|[^[a-z])~s', $clean) != 0)
-			$fail = true;
+		elseif (strpos($clean, 'sleep') !== false && preg_match('~(^|[^a-z])sleep($|[^[_a-z])~s', $clean) != 0) {
+					$fail = true;
+		} elseif (strpos($clean, 'benchmark') !== false && preg_match('~(^|[^a-z])benchmark($|[^[a-z])~s', $clean) != 0) {
+					$fail = true;
+		}
 
-		if (!empty($fail) && function_exists('log_error'))
-			smf_db_error_backtrace('Hacking attempt...', 'Hacking attempt...' . "\n" . $db_string, E_USER_ERROR, __FILE__, __LINE__);
+		if (!empty($fail) && function_exists('log_error')) {
+					smf_db_error_backtrace('Hacking attempt...', 'Hacking attempt...' . "\n" . $db_string, E_USER_ERROR, __FILE__, __LINE__);
+		}
 	}
 
 	// Debugging.
@@ -484,8 +520,9 @@ 
 		list ($file, $line) = smf_db_error_backtrace('', '', 'return', __FILE__, __LINE__);
 
 		// Initialize $db_cache if not already initialized.
-		if (!isset($db_cache))
-			$db_cache = array();
+		if (!isset($db_cache)) {
+					$db_cache = array();
+		}
 
 		if (!empty($_SESSION['debug_redirect']))
 		{
@@ -501,17 +538,20 @@ 
 		$db_cache[$db_count]['s'] = ($st = microtime(true)) - $time_start;
 	}
 
-	if (empty($db_unbuffered))
-		$ret = @mysqli_query($connection, $db_string);
-	else
-		$ret = @mysqli_query($connection, $db_string, MYSQLI_USE_RESULT);
+	if (empty($db_unbuffered)) {
+			$ret = @mysqli_query($connection, $db_string);
+	} else {
+			$ret = @mysqli_query($connection, $db_string, MYSQLI_USE_RESULT);
+	}
 
-	if ($ret === false && empty($db_values['db_error_skip']))
-		$ret = smf_db_error($db_string, $connection);
+	if ($ret === false && empty($db_values['db_error_skip'])) {
+			$ret = smf_db_error($db_string, $connection);
+	}
 
 	// Debugging.
-	if (isset($db_show_debug) && $db_show_debug === true)
-		$db_cache[$db_count]['t'] = array_sum(explode(' ', microtime())) - array_sum(explode(' ', $st));
+	if (isset($db_show_debug) && $db_show_debug === true) {
+			$db_cache[$db_count]['t'] = array_sum(explode(' ', microtime())) - array_sum(explode(' ', $st));
+	}
 
 	return $ret;
 }
@@ -558,12 +598,13 @@ 
 	// Decide which connection to use
 	$connection = $connection === null ? $db_connection : $connection;
 
-	if ($type == 'begin')
-		return @mysqli_query($connection, 'BEGIN');
-	elseif ($type == 'rollback')
-		return @mysqli_query($connection, 'ROLLBACK');
-	elseif ($type == 'commit')
-		return @mysqli_query($connection, 'COMMIT');
+	if ($type == 'begin') {
+			return @mysqli_query($connection, 'BEGIN');
+	} elseif ($type == 'rollback') {
+			return @mysqli_query($connection, 'ROLLBACK');
+	} elseif ($type == 'commit') {
+			return @mysqli_query($connection, 'COMMIT');
+	}
 
 	return false;
 }
@@ -603,8 +644,9 @@ 
 	//    2013: Lost connection to server during query.
 
 	// Log the error.
-	if ($query_errno != 1213 && $query_errno != 1205 && function_exists('log_error'))
-		log_error($txt['database_error'] . ': ' . $query_error . (!empty($modSettings['enableErrorQueryLogging']) ? "\n\n$db_string" : ''), 'database', $file, $line);
+	if ($query_errno != 1213 && $query_errno != 1205 && function_exists('log_error')) {
+			log_error($txt['database_error'] . ': ' . $query_error . (!empty($modSettings['enableErrorQueryLogging']) ? "\n\n$db_string" : ''), 'database', $file, $line);
+	}
 
 	// Database error auto fixing ;).
 	if (function_exists('cache_get_data') && (!isset($modSettings['autoFixDatabase']) || $modSettings['autoFixDatabase'] == '1'))
@@ -613,8 +655,9 @@ 
 		$old_cache = @$modSettings['cache_enable'];
 		$modSettings['cache_enable'] = '1';
 
-		if (($temp = cache_get_data('db_last_error', 600)) !== null)
-			$db_last_error = max(@$db_last_error, $temp);
+		if (($temp = cache_get_data('db_last_error', 600)) !== null) {
+					$db_last_error = max(@$db_last_error, $temp);
+		}
 
 		if (@$db_last_error < time() - 3600 * 24 * 3)
 		{
@@ -630,8 +673,9 @@ 
 					foreach ($tables as $table)
 					{
 						// Now, it's still theoretically possible this could be an injection.  So backtick it!
-						if (trim($table) != '')
-							$fix_tables[] = '`' . strtr(trim($table), array('`' => '')) . '`';
+						if (trim($table) != '') {
+													$fix_tables[] = '`' . strtr(trim($table), array('`' => '')) . '`';
+						}
 					}
 				}
 
@@ -640,8 +684,9 @@ 
 			// Table crashed.  Let's try to fix it.
 			elseif ($query_errno == 1016)
 			{
-				if (preg_match('~\'([^\.\']+)~', $query_error, $match) != 0)
-					$fix_tables = array('`' . $match[1] . '`');
+				if (preg_match('~\'([^\.\']+)~', $query_error, $match) != 0) {
+									$fix_tables = array('`' . $match[1] . '`');
+				}
 			}
 			// Indexes crashed.  Should be easy to fix!
 			elseif ($query_errno == 1034 || $query_errno == 1035)
@@ -660,13 +705,15 @@ 
 
 			// Make a note of the REPAIR...
 			cache_put_data('db_last_error', time(), 600);
-			if (($temp = cache_get_data('db_last_error', 600)) === null)
-				updateSettingsFile(array('db_last_error' => time()));
+			if (($temp = cache_get_data('db_last_error', 600)) === null) {
+							updateSettingsFile(array('db_last_error' => time()));
+			}
 
 			// Attempt to find and repair the broken table.
-			foreach ($fix_tables as $table)
-				$smcFunc['db_query']('', "
+			foreach ($fix_tables as $table) {
+							$smcFunc['db_query']('', "
 					REPAIR TABLE $table", false, false);
+			}
 
 			// And send off an email!
 			sendmail($webmaster_email, $txt['database_error'], $txt['tried_to_repair'], null, 'dberror');
@@ -675,11 +722,12 @@ 
 
 			// Try the query again...?
 			$ret = $smcFunc['db_query']('', $db_string, false, false);
-			if ($ret !== false)
-				return $ret;
+			if ($ret !== false) {
+							return $ret;
+			}
+		} else {
+					$modSettings['cache_enable'] = $old_cache;
 		}
-		else
-			$modSettings['cache_enable'] = $old_cache;
 
 		// Check for the "lost connection" or "deadlock found" errors - and try it just one more time.
 		if (in_array($query_errno, array(1205, 1213, 2006, 2013)))
@@ -689,22 +737,25 @@ 
 				// Are we in SSI mode?  If so try that username and password first
 				if (SMF == 'SSI' && !empty($ssi_db_user) && !empty($ssi_db_passwd))
 				{
-					if (empty($db_persist))
-						$db_connection = @mysqli_connect($db_server, $ssi_db_user, $ssi_db_passwd);
-					else
-						$db_connection = @mysqli_connect('p:' . $db_server, $ssi_db_user, $ssi_db_passwd);
+					if (empty($db_persist)) {
+											$db_connection = @mysqli_connect($db_server, $ssi_db_user, $ssi_db_passwd);
+					} else {
+											$db_connection = @mysqli_connect('p:' . $db_server, $ssi_db_user, $ssi_db_passwd);
+					}
 				}
 				// Fall back to the regular username and password if need be
 				if (!$db_connection)
 				{
-					if (empty($db_persist))
-						$db_connection = @mysqli_connect($db_server, $db_user, $db_passwd);
-					else
-						$db_connection = @mysqli_connect('p:' . $db_server, $db_user, $db_passwd);
+					if (empty($db_persist)) {
+											$db_connection = @mysqli_connect($db_server, $db_user, $db_passwd);
+					} else {
+											$db_connection = @mysqli_connect('p:' . $db_server, $db_user, $db_passwd);
+					}
 				}
 
-				if (!$db_connection || !@mysqli_select_db($db_connection, $db_name))
-					$db_connection = false;
+				if (!$db_connection || !@mysqli_select_db($db_connection, $db_name)) {
+									$db_connection = false;
+				}
 			}
 
 			if ($db_connection)
@@ -715,24 +766,27 @@ 
 					$ret = $smcFunc['db_query']('', $db_string, false, false);
 
 					$new_errno = mysqli_errno($db_connection);
-					if ($ret !== false || in_array($new_errno, array(1205, 1213)))
-						break;
+					if ($ret !== false || in_array($new_errno, array(1205, 1213))) {
+											break;
+					}
 				}
 
 				// If it failed again, shucks to be you... we're not trying it over and over.
-				if ($ret !== false)
-					return $ret;
+				if ($ret !== false) {
+									return $ret;
+				}
 			}
 		}
 		// Are they out of space, perhaps?
 		elseif ($query_errno == 1030 && (strpos($query_error, ' -1 ') !== false || strpos($query_error, ' 28 ') !== false || strpos($query_error, ' 12 ') !== false))
 		{
-			if (!isset($txt))
-				$query_error .= ' - check database storage space.';
-			else
+			if (!isset($txt)) {
+							$query_error .= ' - check database storage space.';
+			} else
 			{
-				if (!isset($txt['mysql_error_space']))
-					loadLanguage('Errors');
+				if (!isset($txt['mysql_error_space'])) {
+									loadLanguage('Errors');
+				}
 
 				$query_error .= !isset($txt['mysql_error_space']) ? ' - check database storage space.' : $txt['mysql_error_space'];
 			}
@@ -740,15 +794,17 @@ 
 	}
 
 	// Nothing's defined yet... just die with it.
-	if (empty($context) || empty($txt))
-		die($query_error);
+	if (empty($context) || empty($txt)) {
+			die($query_error);
+	}
 
 	// Show an error message, if possible.
 	$context['error_title'] = $txt['database_error'];
-	if (allowedTo('admin_forum'))
-		$context['error_message'] = nl2br($query_error) . '<br>' . $txt['file'] . ': ' . $file . '<br>' . $txt['line'] . ': ' . $line;
-	else
-		$context['error_message'] = $txt['try_again'];
+	if (allowedTo('admin_forum')) {
+			$context['error_message'] = nl2br($query_error) . '<br>' . $txt['file'] . ': ' . $file . '<br>' . $txt['line'] . ': ' . $line;
+	} else {
+			$context['error_message'] = $txt['try_again'];
+	}
 
 	if (allowedTo('admin_forum') && isset($db_show_debug) && $db_show_debug === true)
 	{
@@ -780,8 +836,9 @@ 
 	$return_var = null;
 
 	// With nothing to insert, simply return.
-	if (empty($data))
-		return;
+	if (empty($data)) {
+			return;
+	}
 
 	// Replace the prefix holder with the actual prefix.
 	$table = str_replace('{db_prefix}', $db_prefix, $table);
@@ -791,23 +848,26 @@ 
 	if (!empty($keys) && (count($keys) > 0) && $returnmode > 0)
 	{
 		$with_returning = true;
-		if ($returnmode == 2)
-			$return_var = array();
+		if ($returnmode == 2) {
+					$return_var = array();
+		}
 	}
 
 	// Inserting data as a single row can be done as a single array.
-	if (!is_array($data[array_rand($data)]))
-		$data = array($data);
+	if (!is_array($data[array_rand($data)])) {
+			$data = array($data);
+	}
 
 	// Create the mold for a single row insert.
 	$insertData = '(';
 	foreach ($columns as $columnName => $type)
 	{
 		// Are we restricting the length?
-		if (strpos($type, 'string-') !== false)
-			$insertData .= sprintf('SUBSTRING({string:%1$s}, 1, ' . substr($type, 7) . '), ', $columnName);
-		else
-			$insertData .= sprintf('{%1$s:%2$s}, ', $type, $columnName);
+		if (strpos($type, 'string-') !== false) {
+					$insertData .= sprintf('SUBSTRING({string:%1$s}, 1, ' . substr($type, 7) . '), ', $columnName);
+		} else {
+					$insertData .= sprintf('{%1$s:%2$s}, ', $type, $columnName);
+		}
 	}
 	$insertData = substr($insertData, 0, -2) . ')';
 
@@ -816,8 +876,9 @@ 
 
 	// Here's where the variables are injected to the query.
 	$insertRows = array();
-	foreach ($data as $dataRow)
-		$insertRows[] = smf_db_quote($insertData, array_combine($indexed_columns, $dataRow), $connection);
+	foreach ($data as $dataRow) {
+			$insertRows[] = smf_db_quote($insertData, array_combine($indexed_columns, $dataRow), $connection);
+	}
 
 	// Determine the method of insertion.
 	$queryTitle = $method == 'replace' ? 'REPLACE' : ($method == 'ignore' ? 'INSERT IGNORE' : 'INSERT');
@@ -836,8 +897,7 @@ 
 			),
 			$connection
 		);
-	}
-	else //special way for ignore method with returning
+	} else //special way for ignore method with returning
 	{
 		$count = count($insertRows);
 		$ai = 0;
@@ -857,19 +917,21 @@ 
 			);
 			$new_id = $smcFunc['db_insert_id']();
 
-			if ($last_id != $new_id) //the inserted value was new
+			if ($last_id != $new_id) {
+				//the inserted value was new
 			{
 				$ai = $new_id;
 			}
-			else	// the inserted value already exists we need to find the pk
+			} else	// the inserted value already exists we need to find the pk
 			{
 				$where_string = '';
 				$count2 = count($indexed_columns);
 				for ($x = 0; $x < $count2; $x++)
 				{
 					$where_string += key($indexed_columns[$x]) . ' = '. $insertRows[$i][$x];
-					if (($x + 1) < $count2)
-						$where_string += ' AND ';
+					if (($x + 1) < $count2) {
+											$where_string += ' AND ';
+					}
 				}
 
 				$request = $smcFunc['db_query']('','
@@ -885,25 +947,27 @@ 
 				}
 			}
 
-			if ($returnmode == 1)
-				$return_var = $ai;
-			else if ($returnmode == 2)
-				$return_var[] = $ai;
+			if ($returnmode == 1) {
+							$return_var = $ai;
+			} else if ($returnmode == 2) {
+							$return_var[] = $ai;
+			}
 		}
 	}
 
 
 	if ($with_returning)
 	{
-		if ($returnmode == 1 && empty($return_var))
-			$return_var = smf_db_insert_id($table, $keys[0]) + count($insertRows) - 1;
-		else if ($returnmode == 2 && empty($return_var))
+		if ($returnmode == 1 && empty($return_var)) {
+					$return_var = smf_db_insert_id($table, $keys[0]) + count($insertRows) - 1;
+		} else if ($returnmode == 2 && empty($return_var))
 		{
 			$return_var = array();
 			$count = count($insertRows);
 			$start = smf_db_insert_id($table, $keys[0]);
-			for ($i = 0; $i < $count; $i++ )
-				$return_var[] = $start + $i;
+			for ($i = 0; $i < $count; $i++ ) {
+							$return_var[] = $start + $i;
+			}
 		}
 		return $return_var;
 	}
@@ -921,8 +985,9 @@ 
  */
 function smf_db_error_backtrace($error_message, $log_message = '', $error_type = false, $file = null, $line = null)
 {
-	if (empty($log_message))
-		$log_message = $error_message;
+	if (empty($log_message)) {
+			$log_message = $error_message;
+	}
 
 	foreach (debug_backtrace() as $step)
 	{
@@ -941,12 +1006,14 @@ 
 	}
 
 	// A special case - we want the file and line numbers for debugging.
-	if ($error_type == 'return')
-		return array($file, $line);
+	if ($error_type == 'return') {
+			return array($file, $line);
+	}
 
 	// Is always a critical error.
-	if (function_exists('log_error'))
-		log_error($log_message, 'critical', $file, $line);
+	if (function_exists('log_error')) {
+			log_error($log_message, 'critical', $file, $line);
+	}
 
 	if (function_exists('fatal_error'))
 	{
@@ -954,12 +1021,12 @@ 
 
 		// Cannot continue...
 		exit;
+	} elseif ($error_type) {
+			trigger_error($error_message . ($line !== null ? '<em>(' . basename($file) . '-' . $line . ')</em>' : ''), $error_type);
+	} else {
+			trigger_error($error_message . ($line !== null ? '<em>(' . basename($file) . '-' . $line . ')</em>' : ''));
+	}
 	}
-	elseif ($error_type)
-		trigger_error($error_message . ($line !== null ? '<em>(' . basename($file) . '-' . $line . ')</em>' : ''), $error_type);
-	else
-		trigger_error($error_message . ($line !== null ? '<em>(' . basename($file) . '-' . $line . ')</em>' : ''));
-}
 
 /**
  * Escape the LIKE wildcards so that they match the character and not the wildcard.
@@ -976,10 +1043,11 @@ 
 		'\\' => '\\\\',
 	);
 
-	if ($translate_human_wildcards)
-		$replacements += array(
+	if ($translate_human_wildcards) {
+			$replacements += array(
 			'*' => '%',
 		);
+	}
 
 	return strtr($string, $replacements);
 }
@@ -993,8 +1061,9 @@ 
  */
 function smf_is_resource($result)
 {
-	if ($result instanceof mysqli_result)
-		return true;
+	if ($result instanceof mysqli_result) {
+			return true;
+	}
 
 	return false;
 }
@@ -1022,16 +1091,18 @@ 
 	global  $db_prefix, $db_connection;
 	static $mysql_error_data_prep;
 
-	if (empty($mysql_error_data_prep))
-			$mysql_error_data_prep = mysqli_prepare($db_connection,
+	if (empty($mysql_error_data_prep)) {
+				$mysql_error_data_prep = mysqli_prepare($db_connection,
 				'INSERT INTO ' . $db_prefix . 'log_errors(id_member, log_time, ip, url, message, session, error_type, file, line)
 													VALUES(		?,		?,		unhex(?), ?, 		?,		?,			?,		?,	?)'
 			);
+	}
 
-	if (filter_var($error_array[2], FILTER_VALIDATE_IP) !== false)
-		$error_array[2] = bin2hex(inet_pton($error_array[2]));
-	else
-		$error_array[2] = null;
+	if (filter_var($error_array[2], FILTER_VALIDATE_IP) !== false) {
+			$error_array[2] = bin2hex(inet_pton($error_array[2]));
+	} else {
+			$error_array[2] = null;
+	}
 	mysqli_stmt_bind_param($mysql_error_data_prep, 'iissssssi',
 		$error_array[0], $error_array[1], $error_array[2], $error_array[3], $error_array[4], $error_array[5], $error_array[6],
 		$error_array[7], $error_array[8]);
@@ -1053,8 +1124,9 @@ 
 	$count = count($array_values);
 	$then = ($desc ? ' THEN -' : ' THEN ');
 
-	for ($i = 0; $i < $count; $i++)
-		$return .= 'WHEN ' . (int) $array_values[$i] . $then . $i . ' ';
+	for ($i = 0; $i < $count; $i++) {
+			$return .= 'WHEN ' . (int) $array_values[$i] . $then . $i . ' ';
+	}
 
 	$return .= 'END';
 	return $return;