albertlast / SMF2.1

cache/index.php

Braces +2 added lines, -1 removed lines

@@ -12,7 +12,8 @@
 	header('Location: ' . $boardurl);
 }
 // Can't find it... just forget it.
-else
+else {
 	exit;
+}
 
 ?>
\ No newline at end of file

avatars/index.php

Braces +2 added lines, -1 removed lines

@@ -12,7 +12,8 @@
 	header('Location: ' . $boardurl);
 }
 // Can't find it... just forget it.
-else
+else {
 	exit;
+}
 
 ?>
\ No newline at end of file

avatars/Oxygen/index.php

Braces +3 added lines, -2 removed lines

@@ -1,9 +1,10 @@
 <?php
 
 // Try to handle it with the upper level index.php. (it should know what to do.)
-if (file_exists(dirname(dirname(__FILE__)) . '/index.php'))
+if (file_exists(dirname(dirname(__FILE__)) . '/index.php')) {
 	include (dirname(dirname(__FILE__)) . '/index.php');
-else
+} else {
 	exit;
+}
 
 ?>
\ No newline at end of file

Packages/index.php

Braces +2 added lines, -1 removed lines

@@ -12,7 +12,8 @@
 	header('Location: ' . $boardurl);
 }
 // Can't find it... just forget it.
-else
+else {
 	exit;
+}
 
 ?>
\ No newline at end of file

Packages/backups/index.php

Braces +3 added lines, -2 removed lines

@@ -1,9 +1,10 @@
 <?php
 
 // Try to handle it with the upper level index.php. (it should know what to do.)
-if (file_exists(dirname(dirname(__FILE__)) . '/index.php'))
+if (file_exists(dirname(dirname(__FILE__)) . '/index.php')) {
 	include (dirname(dirname(__FILE__)) . '/index.php');
-else
+} else {
 	exit;
+}
 
 ?>
\ No newline at end of file

Sources/ManageMail.php

Braces +26 added lines, -18 removed lines

@@ -15,8 +15,9 @@ 
  * @version 2.1 Beta 3
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  * Main dispatcher. This function checks permissions and passes control through to the relevant section.
@@ -245,8 +246,9 @@ 
 	while ($row = $smcFunc['db_fetch_assoc']($request))
 	{
 		// Private PM/email subjects and similar shouldn't be shown in the mailbox area.
-		if (!empty($row['private']))
-			$row['subject'] = $txt['personal_message'];
+		if (!empty($row['private'])) {
+					$row['subject'] = $txt['personal_message'];
+		}
 
 		$mails[] = $row;
 	}
@@ -300,8 +302,9 @@ 
 		$element = substr($key, strrpos($key, '_') + 1);
 		$processedBirthdayEmails[$index][$element] = $value;
 	}
-	foreach ($processedBirthdayEmails as $index => $dummy)
-		$emails[$index] = $index;
+	foreach ($processedBirthdayEmails as $index => $dummy) {
+			$emails[$index] = $index;
+	}
 
 	$config_vars = array(
 			// Mail queue stuff, this rocks ;)
@@ -322,8 +325,9 @@ 
 
 	call_integration_hook('integrate_modify_mail_settings', array(&$config_vars));
 
-	if ($return_config)
-		return $config_vars;
+	if ($return_config) {
+			return $config_vars;
+	}
 
 	// Saving?
 	if (isset($_GET['save']))
@@ -398,9 +402,9 @@ 
 		);
 		list ($_GET['te']) = $smcFunc['db_fetch_row']($request);
 		$smcFunc['db_free_result']($request);
+	} else {
+			$_GET['te'] = (int) $_GET['te'];
 	}
-	else
-		$_GET['te'] = (int) $_GET['te'];
 
 	$_GET['sent'] = isset($_GET['sent']) ? (int) $_GET['sent'] : 0;
 
@@ -424,12 +428,14 @@ 
 
 	// Try get more time...
 	@set_time_limit(600);
-	if (function_exists('apache_reset_timeout'))
-		@apache_reset_timeout();
+	if (function_exists('apache_reset_timeout')) {
+			@apache_reset_timeout();
+	}
 
 	// Have we already used our maximum time?
-	if (time() - array_sum(explode(' ', $time_start)) < 5)
-		return;
+	if (time() - array_sum(explode(' ', $time_start)) < 5) {
+			return;
+	}
 
 	$context['continue_get_data'] = '?action=admin;area=mailqueue;sa=clear;te=' . $_GET['te'] . ';sent=' . $_GET['sent'] . ';' . $context['session_var'] . '=' . $context['session_id'];
 	$context['page_title'] = $txt['not_done_title'];
@@ -459,8 +465,9 @@ 
 {
 	global $txt;
 
-	if ($time_diff < 0)
-		$time_diff = 0;
+	if ($time_diff < 0) {
+			$time_diff = 0;
+	}
 
 	// Just do a bit of an if fest...
 	if ($time_diff > 86400)
@@ -481,8 +488,9 @@ 
 		return sprintf($minutes == 1 ? $txt['mq_minute'] : $txt['mq_minutes'], $minutes);
 	}
 	// Otherwise must be second
-	else
-		return sprintf($time_diff == 1 ? $txt['mq_second'] : $txt['mq_seconds'], $time_diff);
-}
+	else {
+			return sprintf($time_diff == 1 ? $txt['mq_second'] : $txt['mq_seconds'], $time_diff);
+	}
+	}
 
 ?>
\ No newline at end of file

Sources/Themes.php

Braces +348 added lines, -271 removed lines

@@ -30,8 +30,9 @@ 
  * @version 2.1 Beta 3
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  * Subaction handler - manages the action and delegates control to the proper
@@ -103,12 +104,12 @@ 
 	cache_put_data('minimized_css', null);
 
 	// Follow the sa or just go to administration.
-	if (isset($_GET['sa']) && !empty($subActions[$_GET['sa']]))
-		call_helper($subActions[$_GET['sa']]);
-
-	else
-		call_helper($subActions['admin']);
-}
+	if (isset($_GET['sa']) && !empty($subActions[$_GET['sa']])) {
+			call_helper($subActions[$_GET['sa']]);
+	} else {
+			call_helper($subActions['admin']);
+	}
+	}
 
 /**
  * This function allows administration of themes and their settings,
@@ -130,15 +131,16 @@ 
 		checkSession();
 		validateToken('admin-tm');
 
-		if (isset($_POST['options']['known_themes']))
-			foreach ($_POST['options']['known_themes'] as $key => $id)
+		if (isset($_POST['options']['known_themes'])) {
+					foreach ($_POST['options']['known_themes'] as $key => $id)
 				$_POST['options']['known_themes'][$key] = (int) $id;
+		} else {
+					fatal_lang_error('themes_none_selectable', false);
+		}
 
-		else
-			fatal_lang_error('themes_none_selectable', false);
-
-		if (!in_array($_POST['options']['theme_guests'], $_POST['options']['known_themes']))
-			fatal_lang_error('themes_default_selectable', false);
+		if (!in_array($_POST['options']['theme_guests'], $_POST['options']['known_themes'])) {
+					fatal_lang_error('themes_default_selectable', false);
+		}
 
 		// Commit the new settings.
 		updateSettings(array(
@@ -146,8 +148,9 @@ 
 			'theme_guests' => $_POST['options']['theme_guests'],
 			'knownThemes' => implode(',', $_POST['options']['known_themes']),
 		));
-		if ((int) $_POST['theme_reset'] == 0 || in_array($_POST['theme_reset'], $_POST['options']['known_themes']))
-			updateMemberData(null, array('id_theme' => (int) $_POST['theme_reset']));
+		if ((int) $_POST['theme_reset'] == 0 || in_array($_POST['theme_reset'], $_POST['options']['known_themes'])) {
+					updateMemberData(null, array('id_theme' => (int) $_POST['theme_reset']));
+		}
 
 		redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=admin');
 	}
@@ -166,8 +169,9 @@ 
 	// Look for a non existent theme directory. (ie theme87.)
 	$theme_dir = $boarddir . '/Themes/theme';
 	$i = 1;
-	while (file_exists($theme_dir . $i))
-		$i++;
+	while (file_exists($theme_dir . $i)) {
+			$i++;
+	}
 
 	$context['new_theme_name'] = 'theme' . $i;
 
@@ -189,8 +193,9 @@ 
 	loadLanguage('Admin');
 	isAllowedTo('admin_forum');
 
-	if (isset($_REQUEST['th']))
-		return SetThemeSettings();
+	if (isset($_REQUEST['th'])) {
+			return SetThemeSettings();
+	}
 
 	if (isset($_POST['save']))
 	{
@@ -274,12 +279,13 @@ 
 		$context['themes'] = array();
 		while ($row = $smcFunc['db_fetch_assoc']($request))
 		{
-			if (!isset($context['themes'][$row['id_theme']]))
-				$context['themes'][$row['id_theme']] = array(
+			if (!isset($context['themes'][$row['id_theme']])) {
+							$context['themes'][$row['id_theme']] = array(
 					'id' => $row['id_theme'],
 					'num_default_options' => 0,
 					'num_members' => 0,
 				);
+			}
 			$context['themes'][$row['id_theme']][$row['variable']] = $row['value'];
 		}
 		$smcFunc['db_free_result']($request);
@@ -293,8 +299,9 @@ 
 				'guest_member' => -1,
 			)
 		);
-		while ($row = $smcFunc['db_fetch_assoc']($request))
-			$context['themes'][$row['id_theme']]['num_default_options'] = $row['value'];
+		while ($row = $smcFunc['db_fetch_assoc']($request)) {
+					$context['themes'][$row['id_theme']]['num_default_options'] = $row['value'];
+		}
 		$smcFunc['db_free_result']($request);
 
 		// Need to make sure we don't do custom fields.
@@ -305,8 +312,9 @@ 
 			)
 		);
 		$customFields = array();
-		while ($row = $smcFunc['db_fetch_assoc']($request))
-			$customFields[] = $row['col_name'];
+		while ($row = $smcFunc['db_fetch_assoc']($request)) {
+					$customFields[] = $row['col_name'];
+		}
 		$smcFunc['db_free_result']($request);
 		$customFieldsQuery = empty($customFields) ? '' : ('AND variable NOT IN ({array_string:custom_fields})');
 
@@ -321,14 +329,16 @@ 
 				'custom_fields' => empty($customFields) ? array() : $customFields,
 			)
 		);
-		while ($row = $smcFunc['db_fetch_assoc']($request))
-			$context['themes'][$row['id_theme']]['num_members'] = $row['value'];
+		while ($row = $smcFunc['db_fetch_assoc']($request)) {
+					$context['themes'][$row['id_theme']]['num_members'] = $row['value'];
+		}
 		$smcFunc['db_free_result']($request);
 
 		// There has to be a Settings template!
-		foreach ($context['themes'] as $k => $v)
-			if (empty($v['theme_dir']) || (!file_exists($v['theme_dir'] . '/Settings.template.php') && empty($v['num_members'])))
+		foreach ($context['themes'] as $k => $v) {
+					if (empty($v['theme_dir']) || (!file_exists($v['theme_dir'] . '/Settings.template.php') && empty($v['num_members'])))
 				unset($context['themes'][$k]);
+		}
 
 		loadTemplate('Themes');
 		$context['sub_template'] = 'reset_list';
@@ -343,16 +353,19 @@ 
 		checkSession();
 		validateToken('admin-sto');
 
-		if (empty($_POST['options']))
-			$_POST['options'] = array();
-		if (empty($_POST['default_options']))
-			$_POST['default_options'] = array();
+		if (empty($_POST['options'])) {
+					$_POST['options'] = array();
+		}
+		if (empty($_POST['default_options'])) {
+					$_POST['default_options'] = array();
+		}
 
 		// Set up the sql query.
 		$setValues = array();
 
-		foreach ($_POST['options'] as $opt => $val)
-			$setValues[] = array(-1, $_GET['th'], $opt, is_array($val) ? implode(',', $val) : $val);
+		foreach ($_POST['options'] as $opt => $val) {
+					$setValues[] = array(-1, $_GET['th'], $opt, is_array($val) ? implode(',', $val) : $val);
+		}
 
 		$old_settings = array();
 		foreach ($_POST['default_options'] as $opt => $val)
@@ -366,8 +379,8 @@ 
 		if (!empty($setValues))
 		{
 			// Are there options in non-default themes set that should be cleared?
-			if (!empty($old_settings))
-				$smcFunc['db_query']('', '
+			if (!empty($old_settings)) {
+							$smcFunc['db_query']('', '
 					DELETE FROM {db_prefix}themes
 					WHERE id_theme != {int:default_theme}
 						AND id_member = {int:guest_member}
@@ -378,6 +391,7 @@ 
 						'old_settings' => $old_settings,
 					)
 				);
+			}
 
 			$smcFunc['db_insert']('replace',
 				'{db_prefix}themes',
@@ -391,8 +405,7 @@ 
 		cache_put_data('theme_settings-1', null, 90);
 
 		redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=reset');
-	}
-	elseif (isset($_POST['submit']) && $_POST['who'] == 1)
+	} elseif (isset($_POST['submit']) && $_POST['who'] == 1)
 	{
 		checkSession();
 		validateToken('admin-sto');
@@ -405,9 +418,9 @@ 
 		$old_settings = array();
 		foreach ($_POST['default_options'] as $opt => $val)
 		{
-			if ($_POST['default_options_master'][$opt] == 0)
-				continue;
-			elseif ($_POST['default_options_master'][$opt] == 1)
+			if ($_POST['default_options_master'][$opt] == 0) {
+							continue;
+			} elseif ($_POST['default_options_master'][$opt] == 1)
 			{
 				// Delete then insert for ease of database compatibility!
 				$smcFunc['db_query']('substring', '
@@ -433,8 +446,7 @@ 
 				);
 
 				$old_settings[] = $opt;
-			}
-			elseif ($_POST['default_options_master'][$opt] == 2)
+			} elseif ($_POST['default_options_master'][$opt] == 2)
 			{
 				$smcFunc['db_query']('', '
 					DELETE FROM {db_prefix}themes
@@ -449,8 +461,8 @@ 
 		}
 
 		// Delete options from other themes.
-		if (!empty($old_settings))
-			$smcFunc['db_query']('', '
+		if (!empty($old_settings)) {
+					$smcFunc['db_query']('', '
 				DELETE FROM {db_prefix}themes
 				WHERE id_theme != {int:default_theme}
 					AND id_member > {int:no_member}
@@ -461,12 +473,13 @@ 
 					'old_settings' => $old_settings,
 				)
 			);
+		}
 
 		foreach ($_POST['options'] as $opt => $val)
 		{
-			if ($_POST['options_master'][$opt] == 0)
-				continue;
-			elseif ($_POST['options_master'][$opt] == 1)
+			if ($_POST['options_master'][$opt] == 0) {
+							continue;
+			} elseif ($_POST['options_master'][$opt] == 1)
 			{
 				// Delete then insert for ease of database compatibility - again!
 				$smcFunc['db_query']('substring', '
@@ -491,8 +504,7 @@ 
 						'value' => (is_array($val) ? implode(',', $val) : $val),
 					)
 				);
-			}
-			elseif ($_POST['options_master'][$opt] == 2)
+			} elseif ($_POST['options_master'][$opt] == 2)
 			{
 				$smcFunc['db_query']('', '
 					DELETE FROM {db_prefix}themes
@@ -509,8 +521,7 @@ 
 		}
 
 		redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=reset');
-	}
-	elseif (!empty($_GET['who']) && $_GET['who'] == 2)
+	} elseif (!empty($_GET['who']) && $_GET['who'] == 2)
 	{
 		checkSession('get');
 		validateToken('admin-stor', 'request');
@@ -525,8 +536,9 @@ 
 				)
 			);
 			$customFields = array();
-			while ($row = $smcFunc['db_fetch_assoc']($request))
-				$customFields[] = $row['col_name'];
+			while ($row = $smcFunc['db_fetch_assoc']($request)) {
+							$customFields[] = $row['col_name'];
+			}
 			$smcFunc['db_free_result']($request);
 		}
 		$customFieldsQuery = empty($customFields) ? '' : ('AND variable NOT IN ({array_string:custom_fields})');
@@ -578,13 +590,13 @@ 
 			)
 		);
 		$context['theme_options'] = array();
-		while ($row = $smcFunc['db_fetch_assoc']($request))
-			$context['theme_options'][$row['variable']] = $row['value'];
+		while ($row = $smcFunc['db_fetch_assoc']($request)) {
+					$context['theme_options'][$row['variable']] = $row['value'];
+		}
 		$smcFunc['db_free_result']($request);
 
 		$context['theme_options_reset'] = false;
-	}
-	else
+	} else
 	{
 		$context['theme_options'] = array();
 		$context['theme_options_reset'] = true;
@@ -593,30 +605,32 @@ 
 	foreach ($context['options'] as $i => $setting)
 	{
 		// Just skip separators
-		if (!is_array($setting))
-			continue;
+		if (!is_array($setting)) {
+					continue;
+		}
 
 		// Is this disabled?
 		if ($setting['id'] == 'calendar_start_day' && empty($modSettings['cal_enabled']))
 		{
 			unset($context['options'][$i]);
 			continue;
-		}
-		elseif (($setting['id'] == 'topics_per_page' || $setting['id'] == 'messages_per_page') && !empty($modSettings['disableCustomPerPage']))
+		} elseif (($setting['id'] == 'topics_per_page' || $setting['id'] == 'messages_per_page') && !empty($modSettings['disableCustomPerPage']))
 		{
 			unset($context['options'][$i]);
 			continue;
 		}
 
-		if (!isset($setting['type']) || $setting['type'] == 'bool')
-			$context['options'][$i]['type'] = 'checkbox';
-		elseif ($setting['type'] == 'int' || $setting['type'] == 'integer')
-			$context['options'][$i]['type'] = 'number';
-		elseif ($setting['type'] == 'string')
-			$context['options'][$i]['type'] = 'text';
+		if (!isset($setting['type']) || $setting['type'] == 'bool') {
+					$context['options'][$i]['type'] = 'checkbox';
+		} elseif ($setting['type'] == 'int' || $setting['type'] == 'integer') {
+					$context['options'][$i]['type'] = 'number';
+		} elseif ($setting['type'] == 'string') {
+					$context['options'][$i]['type'] = 'text';
+		}
 
-		if (isset($setting['options']))
-			$context['options'][$i]['type'] = 'list';
+		if (isset($setting['options'])) {
+					$context['options'][$i]['type'] = 'list';
+		}
 
 		$context['options'][$i]['value'] = !isset($context['theme_options'][$setting['id']]) ? '' : $context['theme_options'][$setting['id']];
 	}
@@ -641,8 +655,9 @@ 
 {
 	global $txt, $context, $settings, $modSettings, $smcFunc;
 
-	if (empty($_GET['th']) && empty($_GET['id']))
-		return ThemeAdmin();
+	if (empty($_GET['th']) && empty($_GET['id'])) {
+			return ThemeAdmin();
+	}
 
 	$_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
 
@@ -653,8 +668,9 @@ 
 	isAllowedTo('admin_forum');
 
 	// Validate inputs/user.
-	if (empty($_GET['th']))
-		fatal_lang_error('no_theme', false);
+	if (empty($_GET['th'])) {
+			fatal_lang_error('no_theme', false);
+	}
 
 	// Fetch the smiley sets...
 	$sets = explode(',', 'none,' . $modSettings['smiley_sets_known']);
@@ -662,8 +678,9 @@ 
 	$context['smiley_sets'] = array(
 		'' => $txt['smileys_no_default']
 	);
-	foreach ($sets as $i => $set)
-		$context['smiley_sets'][$set] = $smcFunc['htmlspecialchars']($set_names[$i]);
+	foreach ($sets as $i => $set) {
+			$context['smiley_sets'][$set] = $smcFunc['htmlspecialchars']($set_names[$i]);
+	}
 
 	$old_id = $settings['theme_id'];
 	$old_settings = $settings;
@@ -688,8 +705,9 @@ 
 	if (file_exists($settings['theme_dir'] . '/index.template.php'))
 	{
 		$file_contents = implode('', file($settings['theme_dir'] . '/index.template.php'));
-		if (preg_match('~\$settings\[\'theme_variants\'\]\s*=(.+?);~', $file_contents, $matches))
-				eval('global $settings;' . $matches[0]);
+		if (preg_match('~\$settings\[\'theme_variants\'\]\s*=(.+?);~', $file_contents, $matches)) {
+						eval('global $settings;' . $matches[0]);
+		}
 	}
 
 	// Submitting!
@@ -698,37 +716,45 @@ 
 		checkSession();
 		validateToken('admin-sts');
 
-		if (empty($_POST['options']))
-			$_POST['options'] = array();
-		if (empty($_POST['default_options']))
-			$_POST['default_options'] = array();
+		if (empty($_POST['options'])) {
+					$_POST['options'] = array();
+		}
+		if (empty($_POST['default_options'])) {
+					$_POST['default_options'] = array();
+		}
 
 		// Make sure items are cast correctly.
 		foreach ($context['theme_settings'] as $item)
 		{
 			// Disregard this item if this is just a separator.
-			if (!is_array($item))
-				continue;
+			if (!is_array($item)) {
+							continue;
+			}
 
 			foreach (array('options', 'default_options') as $option)
 			{
-				if (!isset($_POST[$option][$item['id']]))
-					continue;
+				if (!isset($_POST[$option][$item['id']])) {
+									continue;
+				}
 				// Checkbox.
-				elseif (empty($item['type']))
-					$_POST[$option][$item['id']] = $_POST[$option][$item['id']] ? 1 : 0;
+				elseif (empty($item['type'])) {
+									$_POST[$option][$item['id']] = $_POST[$option][$item['id']] ? 1 : 0;
+				}
 				// Number
-				elseif ($item['type'] == 'number')
-					$_POST[$option][$item['id']] = (int) $_POST[$option][$item['id']];
+				elseif ($item['type'] == 'number') {
+									$_POST[$option][$item['id']] = (int) $_POST[$option][$item['id']];
+				}
 			}
 		}
 
 		// Set up the sql query.
 		$inserts = array();
-		foreach ($_POST['options'] as $opt => $val)
-			$inserts[] = array(0, $_GET['th'], $opt, is_array($val) ? implode(',', $val) : $val);
-		foreach ($_POST['default_options'] as $opt => $val)
-			$inserts[] = array(0, 1, $opt, is_array($val) ? implode(',', $val) : $val);
+		foreach ($_POST['options'] as $opt => $val) {
+					$inserts[] = array(0, $_GET['th'], $opt, is_array($val) ? implode(',', $val) : $val);
+		}
+		foreach ($_POST['default_options'] as $opt => $val) {
+					$inserts[] = array(0, 1, $opt, is_array($val) ? implode(',', $val) : $val);
+		}
 		// If we're actually inserting something..
 		if (!empty($inserts))
 		{
@@ -754,8 +780,9 @@ 
 
 	foreach ($settings as $setting => $dummy)
 	{
-		if (!in_array($setting, array('theme_url', 'theme_dir', 'images_url', 'template_dirs')))
-			$settings[$setting] = htmlspecialchars__recursive($settings[$setting]);
+		if (!in_array($setting, array('theme_url', 'theme_dir', 'images_url', 'template_dirs'))) {
+					$settings[$setting] = htmlspecialchars__recursive($settings[$setting]);
+		}
 	}
 
 	$context['settings'] = $context['theme_settings'];
@@ -764,18 +791,21 @@ 
 	foreach ($context['settings'] as $i => $setting)
 	{
 		// Separators are dummies, so leave them alone.
-		if (!is_array($setting))
-			continue;
+		if (!is_array($setting)) {
+					continue;
+		}
 
-		if (!isset($setting['type']) || $setting['type'] == 'bool')
-			$context['settings'][$i]['type'] = 'checkbox';
-		elseif ($setting['type'] == 'int' || $setting['type'] == 'integer')
-			$context['settings'][$i]['type'] = 'number';
-		elseif ($setting['type'] == 'string')
-			$context['settings'][$i]['type'] = 'text';
+		if (!isset($setting['type']) || $setting['type'] == 'bool') {
+					$context['settings'][$i]['type'] = 'checkbox';
+		} elseif ($setting['type'] == 'int' || $setting['type'] == 'integer') {
+					$context['settings'][$i]['type'] = 'number';
+		} elseif ($setting['type'] == 'string') {
+					$context['settings'][$i]['type'] = 'text';
+		}
 
-		if (isset($setting['options']))
-			$context['settings'][$i]['type'] = 'list';
+		if (isset($setting['options'])) {
+					$context['settings'][$i]['type'] = 'list';
+		}
 
 		$context['settings'][$i]['value'] = !isset($settings[$setting['id']]) ? '' : $settings[$setting['id']];
 	}
@@ -828,8 +858,9 @@ 
 	$themeID = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
 
 	// You can't delete the default theme!
-	if ($themeID == 1)
-		fatal_lang_error('no_access', false);
+	if ($themeID == 1) {
+			fatal_lang_error('no_access', false);
+	}
 
 	$theme_info = get_single_theme($themeID);
 
@@ -837,8 +868,9 @@ 
 	remove_theme($themeID);
 
 	// And remove all its files and folders too.
-	if (!empty($theme_info) && !empty($theme_info['theme_dir']))
-		remove_dir($theme_info['theme_dir']);
+	if (!empty($theme_info) && !empty($theme_info['theme_dir'])) {
+			remove_dir($theme_info['theme_dir']);
+	}
 
 	// Go back to the list page.
 	redirectexit('action=admin;area=theme;sa=list;' . $context['session_var'] . '=' . $context['session_id'] . ';done=removing');
@@ -863,12 +895,14 @@ 
 	$enableThemes = explode(',', $modSettings['enableThemes']);
 
 	// Are we disabling it?
-	if (isset($_GET['disabled']))
-		$enableThemes = array_diff($enableThemes, array($themeID));
+	if (isset($_GET['disabled'])) {
+			$enableThemes = array_diff($enableThemes, array($themeID));
+	}
 
 	// Nope? then enable it!
-	else
-		$enableThemes[] = (string) $themeID;
+	else {
+			$enableThemes[] = (string) $themeID;
+	}
 
 	// Update the setting.
 	$enableThemes = strtr(implode(',', $enableThemes), array(',,' => ','));
@@ -903,18 +937,21 @@ 
 
 	$_SESSION['id_theme'] = 0;
 
-	if (isset($_GET['id']))
-		$_GET['th'] = $_GET['id'];
+	if (isset($_GET['id'])) {
+			$_GET['th'] = $_GET['id'];
+	}
 
 	// Saving a variant cause JS doesn't work - pretend it did ;)
 	if (isset($_POST['save']))
 	{
 		// Which theme?
-		foreach ($_POST['save'] as $k => $v)
-			$_GET['th'] = (int) $k;
+		foreach ($_POST['save'] as $k => $v) {
+					$_GET['th'] = (int) $k;
+		}
 
-		if (isset($_POST['vrt'][$k]))
-			$_GET['vrt'] = $_POST['vrt'][$k];
+		if (isset($_POST['vrt'][$k])) {
+					$_GET['vrt'] = $_POST['vrt'][$k];
+		}
 	}
 
 	// Have we made a decision, or are we just browsing?
@@ -992,8 +1029,9 @@ 
 		else
 		{
 			// The forum's default theme is always 0 and we
-			if (isset($_GET['th']) && $_GET['th'] == 0)
-					$_GET['th'] = $modSettings['theme_guests'];
+			if (isset($_GET['th']) && $_GET['th'] == 0) {
+								$_GET['th'] = $modSettings['theme_guests'];
+			}
 
 			updateMemberData((int) $_REQUEST['u'], array('id_theme' => (int) $_GET['th']));
 
@@ -1007,8 +1045,9 @@ 
 				);
 				cache_put_data('theme_settings-' . $_GET['th'] . ':' . (int) $_REQUEST['u'], null, 90);
 
-				if ($user_info['id'] == $_REQUEST['u'])
-					$_SESSION['id_variant'] = 0;
+				if ($user_info['id'] == $_REQUEST['u']) {
+									$_SESSION['id_variant'] = 0;
+				}
 			}
 
 			redirectexit('action=profile;u=' . (int) $_REQUEST['u'] . ';area=theme');
@@ -1077,12 +1116,13 @@ 
 		);
 		while ($row = $smcFunc['db_fetch_assoc']($request))
 		{
-			if (!isset($context['available_themes'][$row['id_theme']]))
-				$context['available_themes'][$row['id_theme']] = array(
+			if (!isset($context['available_themes'][$row['id_theme']])) {
+							$context['available_themes'][$row['id_theme']] = array(
 					'id' => $row['id_theme'],
 					'selected' => $context['current_theme'] == $row['id_theme'],
 					'num_users' => 0
 				);
+			}
 			$context['available_themes'][$row['id_theme']][$row['variable']] = $row['value'];
 		}
 		$smcFunc['db_free_result']($request);
@@ -1095,9 +1135,9 @@ 
 			'num_users' => 0
 		);
 		$guest_theme = 0;
+	} else {
+			$guest_theme = $modSettings['theme_guests'];
 	}
-	else
-		$guest_theme = $modSettings['theme_guests'];
 
 	$request = $smcFunc['db_query']('', '
 		SELECT id_theme, COUNT(*) AS the_count
@@ -1110,15 +1150,17 @@ 
 	while ($row = $smcFunc['db_fetch_assoc']($request))
 	{
 		// Figure out which theme it is they are REALLY using.
-		if (!empty($modSettings['knownThemes']) && !in_array($row['id_theme'], explode(',', $modSettings['knownThemes'])))
-			$row['id_theme'] = $guest_theme;
-		elseif (empty($modSettings['theme_allow']))
-			$row['id_theme'] = $guest_theme;
+		if (!empty($modSettings['knownThemes']) && !in_array($row['id_theme'], explode(',', $modSettings['knownThemes']))) {
+					$row['id_theme'] = $guest_theme;
+		} elseif (empty($modSettings['theme_allow'])) {
+					$row['id_theme'] = $guest_theme;
+		}
 
-		if (isset($context['available_themes'][$row['id_theme']]))
-			$context['available_themes'][$row['id_theme']]['num_users'] += $row['the_count'];
-		else
-			$context['available_themes'][$guest_theme]['num_users'] += $row['the_count'];
+		if (isset($context['available_themes'][$row['id_theme']])) {
+					$context['available_themes'][$row['id_theme']]['num_users'] += $row['the_count'];
+		} else {
+					$context['available_themes'][$guest_theme]['num_users'] += $row['the_count'];
+		}
 	}
 	$smcFunc['db_free_result']($request);
 
@@ -1137,8 +1179,9 @@ 
 				'id_member' => isset($_REQUEST['sa']) && $_REQUEST['sa'] == 'pick' ? array(-1, $context['current_member']) : array(-1),
 			)
 		);
-		while ($row = $smcFunc['db_fetch_assoc']($request))
-			$variant_preferences[$row['id_theme']] = $row['value'];
+		while ($row = $smcFunc['db_fetch_assoc']($request)) {
+					$variant_preferences[$row['id_theme']] = $row['value'];
+		}
 		$smcFunc['db_free_result']($request);
 	}
 
@@ -1149,17 +1192,18 @@ 
 	foreach ($context['available_themes'] as $id_theme => $theme_data)
 	{
 		// Don't try to load the forum or board default theme's data... it doesn't have any!
-		if ($id_theme == 0)
-			continue;
+		if ($id_theme == 0) {
+					continue;
+		}
 
 		// The thumbnail needs the correct path.
 		$settings['images_url'] = &$theme_data['images_url'];
 
-		if (file_exists($theme_data['theme_dir'] . '/languages/Settings.' . $user_info['language'] . '.php'))
-			include($theme_data['theme_dir'] . '/languages/Settings.' . $user_info['language'] . '.php');
-		elseif (file_exists($theme_data['theme_dir'] . '/languages/Settings.' . $language . '.php'))
-			include($theme_data['theme_dir'] . '/languages/Settings.' . $language . '.php');
-		else
+		if (file_exists($theme_data['theme_dir'] . '/languages/Settings.' . $user_info['language'] . '.php')) {
+					include($theme_data['theme_dir'] . '/languages/Settings.' . $user_info['language'] . '.php');
+		} elseif (file_exists($theme_data['theme_dir'] . '/languages/Settings.' . $language . '.php')) {
+					include($theme_data['theme_dir'] . '/languages/Settings.' . $language . '.php');
+		} else
 		{
 			$txt['theme_thumbnail_href'] = $theme_data['images_url'] . '/thumbnail.png';
 			$txt['theme_description'] = '';
@@ -1184,15 +1228,17 @@ 
 					loadLanguage('Settings');
 
 					$context['available_themes'][$id_theme]['variants'] = array();
-					foreach ($settings['theme_variants'] as $variant)
-						$context['available_themes'][$id_theme]['variants'][$variant] = array(
+					foreach ($settings['theme_variants'] as $variant) {
+											$context['available_themes'][$id_theme]['variants'][$variant] = array(
 							'label' => isset($txt['variant_' . $variant]) ? $txt['variant_' . $variant] : $variant,
 							'thumbnail' => !file_exists($theme_data['theme_dir'] . '/images/thumbnail.png') || file_exists($theme_data['theme_dir'] . '/images/thumbnail_' . $variant . '.png') ? $theme_data['images_url'] . '/thumbnail_' . $variant . '.png' : ($theme_data['images_url'] . '/thumbnail.png'),
 						);
+					}
 
 					$context['available_themes'][$id_theme]['selected_variant'] = isset($_GET['vrt']) ? $_GET['vrt'] : (!empty($variant_preferences[$id_theme]) ? $variant_preferences[$id_theme] : (!empty($settings['default_variant']) ? $settings['default_variant'] : $settings['theme_variants'][0]));
-					if (!isset($context['available_themes'][$id_theme]['variants'][$context['available_themes'][$id_theme]['selected_variant']]['thumbnail']))
-						$context['available_themes'][$id_theme]['selected_variant'] = $settings['theme_variants'][0];
+					if (!isset($context['available_themes'][$id_theme]['variants'][$context['available_themes'][$id_theme]['selected_variant']]['thumbnail'])) {
+											$context['available_themes'][$id_theme]['selected_variant'] = $settings['theme_variants'][0];
+					}
 
 					$context['available_themes'][$id_theme]['thumbnail_href'] = $context['available_themes'][$id_theme]['variants'][$context['available_themes'][$id_theme]['selected_variant']]['thumbnail'];
 					// Allow themes to override the text.
@@ -1208,8 +1254,9 @@ 
 	// As long as we're not doing the default theme...
 	if (!isset($_REQUEST['u']) || $_REQUEST['u'] >= 0)
 	{
-		if ($guest_theme != 0)
-			$context['available_themes'][0] = $context['available_themes'][$guest_theme];
+		if ($guest_theme != 0) {
+					$context['available_themes'][0] = $context['available_themes'][$guest_theme];
+		}
 
 		$context['available_themes'][0]['id'] = 0;
 		$context['available_themes'][0]['name'] = $txt['theme_forum_default'];
@@ -1258,14 +1305,16 @@ 
 		$action = $smcFunc['htmlspecialchars'](trim($_GET['do']));
 
 		// Got any info from the specific form?
-		if (!isset($_POST['save_' . $action]))
-			fatal_lang_error('theme_install_no_action', false);
+		if (!isset($_POST['save_' . $action])) {
+					fatal_lang_error('theme_install_no_action', false);
+		}
 
 		validateToken('admin-t-' . $action);
 
 		// Hopefully the themes directory is writable, or we might have a problem.
-		if (!is_writable($themedir))
-			fatal_lang_error('theme_install_write_error', 'critical');
+		if (!is_writable($themedir)) {
+					fatal_lang_error('theme_install_write_error', 'critical');
+		}
 
 		// Call the function and handle the result.
 		$result = $subActions[$action]();
@@ -1280,9 +1329,10 @@ 
 	}
 
 	// Nope, show a nice error.
-	else
-		fatal_lang_error('theme_install_no_action', false);
-}
+	else {
+			fatal_lang_error('theme_install_no_action', false);
+	}
+	}
 
 /**
  * Installs a theme from a theme package.
@@ -1298,8 +1348,9 @@ 
 	$dirtemp = $themedir . '/temp';
 
 	// Make sure the temp dir doesn't already exist
-	if (file_exists($dirtemp))
-		remove_dir($dirtemp);
+	if (file_exists($dirtemp)) {
+			remove_dir($dirtemp);
+	}
 
 	// Create the temp dir.
 	mkdir($dirtemp, 0777);
@@ -1311,17 +1362,20 @@ 
 		smf_chmod($dirtemp, '0755');
 
 		// How about now?
-		if (!is_writable($dirtemp))
-			fatal_lang_error('theme_install_write_error', 'critical');
+		if (!is_writable($dirtemp)) {
+					fatal_lang_error('theme_install_write_error', 'critical');
+		}
 	}
 
 	// This happens when the admin session is gone and the user has to login again.
-	if (!isset($_FILES) || !isset($_FILES['theme_gz']) || empty($_FILES['theme_gz']))
-		redirectexit('action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id']);
+	if (!isset($_FILES) || !isset($_FILES['theme_gz']) || empty($_FILES['theme_gz'])) {
+			redirectexit('action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id']);
+	}
 
 	// Another error check layer, something went wrong with the upload.
-	if (isset($_FILES['theme_gz']['error']) && $_FILES['theme_gz']['error'] != 0)
-		fatal_lang_error('theme_install_error_file_' . $_FILES['theme_gz']['error'], false);
+	if (isset($_FILES['theme_gz']['error']) && $_FILES['theme_gz']['error'] != 0) {
+			fatal_lang_error('theme_install_error_file_' . $_FILES['theme_gz']['error'], false);
+	}
 
 	// Get the theme's name.
 	$name = pathinfo($_FILES['theme_gz']['name'], PATHINFO_FILENAME);
@@ -1352,11 +1406,10 @@ 
 
 		// return all the info.
 		return $context['to_install'];
+	} else {
+			fatal_lang_error('theme_install_error_title', false);
+	}
 	}
-
-	else
-		fatal_lang_error('theme_install_error_title', false);
-}
 
 /**
  * Makes a copy from the default theme, assigns a name for it and installs it.
@@ -1370,15 +1423,17 @@ 
 	global $forum_version;
 
 	// There's gotta be something to work with.
-	if (!isset($_REQUEST['copy']) || empty($_REQUEST['copy']))
-		fatal_lang_error('theme_install_error_title', false);
+	if (!isset($_REQUEST['copy']) || empty($_REQUEST['copy'])) {
+			fatal_lang_error('theme_install_error_title', false);
+	}
 
 	// Get a cleaner version.
 	$name = preg_replace('~[^A-Za-z0-9_\- ]~', '', $_REQUEST['copy']);
 
 	// Is there a theme already named like this?
-	if (file_exists($themedir . '/' . $name))
-		fatal_lang_error('theme_install_already_dir', false);
+	if (file_exists($themedir . '/' . $name)) {
+			fatal_lang_error('theme_install_already_dir', false);
+	}
 
 	// This is a brand new theme so set all possible values.
 	$context['to_install'] = array(
@@ -1398,8 +1453,9 @@ 
 
 	// Buy some time.
 	@set_time_limit(600);
-	if (function_exists('apache_reset_timeout'))
-		@apache_reset_timeout();
+	if (function_exists('apache_reset_timeout')) {
+			@apache_reset_timeout();
+	}
 
 	// Create subdirectories for css and javascript files.
 	mkdir($context['to_install']['theme_dir'] . '/css', 0777);
@@ -1435,12 +1491,13 @@ 
 
 	while ($row = $smcFunc['db_fetch_assoc']($request))
 	{
-		if ($row['variable'] == 'theme_templates')
-			$theme_templates = $row['value'];
-		elseif ($row['variable'] == 'theme_layers')
-			$theme_layers = $row['value'];
-		else
-			continue;
+		if ($row['variable'] == 'theme_templates') {
+					$theme_templates = $row['value'];
+		} elseif ($row['variable'] == 'theme_layers') {
+					$theme_layers = $row['value'];
+		} else {
+					continue;
+		}
 	}
 
 	$smcFunc['db_free_result']($request);
@@ -1499,12 +1556,14 @@ 
 	global $themedir, $themeurl, $context;
 
 	// Cannot use the theme dir as a theme dir.
-	if (!isset($_REQUEST['theme_dir']) || empty($_REQUEST['theme_dir']) || rtrim(realpath($_REQUEST['theme_dir']), '/\\') == realpath($themedir))
-		fatal_lang_error('theme_install_invalid_dir', false);
+	if (!isset($_REQUEST['theme_dir']) || empty($_REQUEST['theme_dir']) || rtrim(realpath($_REQUEST['theme_dir']), '/\\') == realpath($themedir)) {
+			fatal_lang_error('theme_install_invalid_dir', false);
+	}
 
 	// Check is there is "something" on the dir.
-	elseif (!is_dir($_REQUEST['theme_dir']) || !file_exists($_REQUEST['theme_dir'] . '/theme_info.xml'))
-		fatal_lang_error('theme_install_error', false);
+	elseif (!is_dir($_REQUEST['theme_dir']) || !file_exists($_REQUEST['theme_dir'] . '/theme_info.xml')) {
+			fatal_lang_error('theme_install_error', false);
+	}
 
 	$name = basename($_REQUEST['theme_dir']);
 	$name = preg_replace(array('/\s/', '/\.[\.]+/', '/[^\w_\.\-]/'), array('_', '.', ''), $name);
@@ -1548,24 +1607,27 @@ 
 	}
 
 	// Any special layers?
-	if (isset($settings['catch_action']['layers']))
-		$context['template_layers'] = $settings['catch_action']['layers'];
+	if (isset($settings['catch_action']['layers'])) {
+			$context['template_layers'] = $settings['catch_action']['layers'];
+	}
 
 	// Any function to call?
 	if (isset($settings['catch_action']['function']))
 	{
 		$hook = $settings['catch_action']['function'];
 
-		if (!isset($settings['catch_action']['filename']))
-			$settings['catch_action']['filename'] = '';
+		if (!isset($settings['catch_action']['filename'])) {
+					$settings['catch_action']['filename'] = '';
+		}
 
 		add_integration_function('integrate_wrap_action', $hook, false, $settings['catch_action']['filename'], false);
 		call_integration_hook('integrate_wrap_action');
 	}
 	// And finally, the main sub template ;).
-	if (isset($settings['catch_action']['sub_template']))
-		$context['sub_template'] = $settings['catch_action']['sub_template'];
-}
+	if (isset($settings['catch_action']['sub_template'])) {
+			$context['sub_template'] = $settings['catch_action']['sub_template'];
+	}
+	}
 
 /**
  * Set an option via javascript.
@@ -1584,12 +1646,14 @@ 
 	checkSession('get');
 
 	// This good-for-nothing pixel is being used to keep the session alive.
-	if (empty($_GET['var']) || !isset($_GET['val']))
-		redirectexit($settings['images_url'] . '/blank.png');
+	if (empty($_GET['var']) || !isset($_GET['val'])) {
+			redirectexit($settings['images_url'] . '/blank.png');
+	}
 
 	// Sorry, guests can't go any further than this.
-	if ($user_info['is_guest'] || $user_info['id'] == 0)
-		obExit(false);
+	if ($user_info['is_guest'] || $user_info['id'] == 0) {
+			obExit(false);
+	}
 
 	$reservedVars = array(
 		'actual_theme_url',
@@ -1612,8 +1676,9 @@ 
 	);
 
 	// Can't change reserved vars.
-	if (in_array(strtolower($_GET['var']), $reservedVars))
-		redirectexit($settings['images_url'] . '/blank.png');
+	if (in_array(strtolower($_GET['var']), $reservedVars)) {
+			redirectexit($settings['images_url'] . '/blank.png');
+	}
 
 	// Use a specific theme?
 	if (isset($_GET['th']) || isset($_GET['id']))
@@ -1629,8 +1694,9 @@ 
 	{
 		$options['admin_preferences'] = !empty($options['admin_preferences']) ? smf_json_decode($options['admin_preferences'], true) : array();
 		// New thingy...
-		if (isset($_GET['admin_key']) && strlen($_GET['admin_key']) < 5)
-			$options['admin_preferences'][$_GET['admin_key']] = $_GET['val'];
+		if (isset($_GET['admin_key']) && strlen($_GET['admin_key']) < 5) {
+					$options['admin_preferences'][$_GET['admin_key']] = $_GET['val'];
+		}
 
 		// Change the value to be something nice,
 		$_GET['val'] = json_encode($options['admin_preferences']);
@@ -1660,8 +1726,9 @@ 
 	global $context, $scripturl, $boarddir, $smcFunc, $txt;
 
 	// @todo Should this be removed?
-	if (isset($_REQUEST['preview']))
-		die('die() with fire');
+	if (isset($_REQUEST['preview'])) {
+			die('die() with fire');
+	}
 
 	isAllowedTo('admin_forum');
 	loadTemplate('Themes');
@@ -1675,11 +1742,11 @@ 
 		foreach ($context['themes'] as $key => $theme)
 		{
 			// There has to be a Settings template!
-			if (!file_exists($theme['theme_dir'] . '/index.template.php') && !file_exists($theme['theme_dir'] . '/css/index.css'))
-				unset($context['themes'][$key]);
-
-			else
-				$context['themes'][$key]['can_edit_style'] = file_exists($theme['theme_dir'] . '/css/index.css');
+			if (!file_exists($theme['theme_dir'] . '/index.template.php') && !file_exists($theme['theme_dir'] . '/css/index.css')) {
+							unset($context['themes'][$key]);
+			} else {
+							$context['themes'][$key]['can_edit_style'] = file_exists($theme['theme_dir'] . '/css/index.css');
+			}
 		}
 
 		$context['sub_template'] = 'edit_list';
@@ -1694,22 +1761,24 @@ 
 	$context['theme_id'] = $currentTheme['id'];
 	$context['browse_title'] = sprintf($txt['themeadmin_browsing_theme'], $currentTheme['name']);
 
-	if (!file_exists($currentTheme['theme_dir'] . '/index.template.php') && !file_exists($currentTheme['theme_dir'] . '/css/index.css'))
-		fatal_lang_error('theme_edit_missing', false);
+	if (!file_exists($currentTheme['theme_dir'] . '/index.template.php') && !file_exists($currentTheme['theme_dir'] . '/css/index.css')) {
+			fatal_lang_error('theme_edit_missing', false);
+	}
 
 	if (!isset($_REQUEST['filename']))
 	{
 		if (isset($_GET['directory']))
 		{
-			if (substr($_GET['directory'], 0, 1) == '.')
-				$_GET['directory'] = '';
-			else
+			if (substr($_GET['directory'], 0, 1) == '.') {
+							$_GET['directory'] = '';
+			} else
 			{
 				$_GET['directory'] = preg_replace(array('~^[\./\\:\0\n\r]+~', '~[\\\\]~', '~/[\./]+~'), array('', '/', '/'), $_GET['directory']);
 
 				$temp = realpath($currentTheme['theme_dir'] . '/' . $_GET['directory']);
-				if (empty($temp) || substr($temp, 0, strlen(realpath($currentTheme['theme_dir']))) != realpath($currentTheme['theme_dir']))
-					$_GET['directory'] = '';
+				if (empty($temp) || substr($temp, 0, strlen(realpath($currentTheme['theme_dir']))) != realpath($currentTheme['theme_dir'])) {
+									$_GET['directory'] = '';
+				}
 			}
 		}
 
@@ -1728,37 +1797,39 @@ 
 				'href' => $scripturl . '?action=admin;area=theme;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=edit;directory=' . $temp,
 				'size' => '',
 			));
+		} else {
+					$context['theme_files'] = get_file_listing($currentTheme['theme_dir'], '');
 		}
-		else
-			$context['theme_files'] = get_file_listing($currentTheme['theme_dir'], '');
 
 		$context['sub_template'] = 'edit_browse';
 
 		return;
-	}
-	else
+	} else
 	{
-		if (substr($_REQUEST['filename'], 0, 1) == '.')
-			$_REQUEST['filename'] = '';
-		else
+		if (substr($_REQUEST['filename'], 0, 1) == '.') {
+					$_REQUEST['filename'] = '';
+		} else
 		{
 			$_REQUEST['filename'] = preg_replace(array('~^[\./\\:\0\n\r]+~', '~[\\\\]~', '~/[\./]+~'), array('', '/', '/'), $_REQUEST['filename']);
 
 			$temp = realpath($currentTheme['theme_dir'] . '/' . $_REQUEST['filename']);
-			if (empty($temp) || substr($temp, 0, strlen(realpath($currentTheme['theme_dir']))) != realpath($currentTheme['theme_dir']))
-				$_REQUEST['filename'] = '';
+			if (empty($temp) || substr($temp, 0, strlen(realpath($currentTheme['theme_dir']))) != realpath($currentTheme['theme_dir'])) {
+							$_REQUEST['filename'] = '';
+			}
 		}
 
-		if (empty($_REQUEST['filename']))
-			fatal_lang_error('theme_edit_missing', false);
+		if (empty($_REQUEST['filename'])) {
+					fatal_lang_error('theme_edit_missing', false);
+		}
 	}
 
 	if (isset($_POST['save']))
 	{
 		if (checkSession('post', '', false) == '' && validateToken('admin-te-' . md5($_GET['th'] . '-' . $_REQUEST['filename']), 'post', false) == true)
 		{
-			if (is_array($_POST['entire_file']))
-				$_POST['entire_file'] = implode("\n", $_POST['entire_file']);
+			if (is_array($_POST['entire_file'])) {
+							$_POST['entire_file'] = implode("\n", $_POST['entire_file']);
+			}
 
 			$_POST['entire_file'] = rtrim(strtr($_POST['entire_file'], array("\r" => '', '   ' => "\t")));
 
@@ -1770,10 +1841,11 @@ 
 				fclose($fp);
 
 				$error = @file_get_contents($currentTheme['theme_url'] . '/tmp_' . session_id() . '.php');
-				if (preg_match('~ <b>(\d+)</b><br( /)?' . '>$~i', $error) != 0)
-					$error_file = $currentTheme['theme_dir'] . '/tmp_' . session_id() . '.php';
-				else
-					unlink($currentTheme['theme_dir'] . '/tmp_' . session_id() . '.php');
+				if (preg_match('~ <b>(\d+)</b><br( /)?' . '>$~i', $error) != 0) {
+									$error_file = $currentTheme['theme_dir'] . '/tmp_' . session_id() . '.php';
+				} else {
+									unlink($currentTheme['theme_dir'] . '/tmp_' . session_id() . '.php');
+				}
 			}
 
 			if (!isset($error_file))
@@ -1794,10 +1866,11 @@ 
 			$context['sub_template'] = 'edit_file';
 
 			// Recycle the submitted data.
-			if (is_array($_POST['entire_file']))
-				$context['entire_file'] = $smcFunc['htmlspecialchars'](implode("\n", $_POST['entire_file']));
-			else
-				$context['entire_file'] = $smcFunc['htmlspecialchars']($_POST['entire_file']);
+			if (is_array($_POST['entire_file'])) {
+							$context['entire_file'] = $smcFunc['htmlspecialchars'](implode("\n", $_POST['entire_file']));
+			} else {
+							$context['entire_file'] = $smcFunc['htmlspecialchars']($_POST['entire_file']);
+			}
 
 			$context['edit_filename'] = $smcFunc['htmlspecialchars']($_POST['filename']);
 
@@ -1820,17 +1893,17 @@ 
 		$context['sub_template'] = 'edit_style';
 
 		$context['entire_file'] = $smcFunc['htmlspecialchars'](strtr(file_get_contents($currentTheme['theme_dir'] . '/' . $_REQUEST['filename']), array("\t" => '   ')));
-	}
-	elseif (substr($_REQUEST['filename'], -13) == '.template.php')
+	} elseif (substr($_REQUEST['filename'], -13) == '.template.php')
 	{
 		$context['sub_template'] = 'edit_template';
 
-		if (!isset($error_file))
-			$file_data = file($currentTheme['theme_dir'] . '/' . $_REQUEST['filename']);
-		else
+		if (!isset($error_file)) {
+					$file_data = file($currentTheme['theme_dir'] . '/' . $_REQUEST['filename']);
+		} else
 		{
-			if (preg_match('~(<b>.+?</b>:.+?<b>).+?(</b>.+?<b>\d+</b>)<br( /)?' . '>$~i', $error, $match) != 0)
-				$context['parse_error'] = $match[1] . $_REQUEST['filename'] . $match[2];
+			if (preg_match('~(<b>.+?</b>:.+?<b>).+?(</b>.+?<b>\d+</b>)<br( /)?' . '>$~i', $error, $match) != 0) {
+							$context['parse_error'] = $match[1] . $_REQUEST['filename'] . $match[2];
+			}
 			$file_data = file($error_file);
 			unlink($error_file);
 		}
@@ -1844,8 +1917,9 @@ 
 				// Try to format the functions a little nicer...
 				$context['file_parts'][$j]['data'] = trim($context['file_parts'][$j]['data']) . "\n";
 
-				if (empty($context['file_parts'][$j]['lines']))
-					unset($context['file_parts'][$j]);
+				if (empty($context['file_parts'][$j]['lines'])) {
+									unset($context['file_parts'][$j]);
+				}
 				$context['file_parts'][++$j] = array('lines' => 0, 'line' => $i + 1, 'data' => '');
 			}
 
@@ -1854,8 +1928,7 @@ 
 		}
 
 		$context['entire_file'] = $smcFunc['htmlspecialchars'](strtr(implode('', $file_data), array("\t" => '   ')));
-	}
-	else
+	} else
 	{
 		$context['sub_template'] = 'edit_file';
 
@@ -1881,8 +1954,9 @@ 
 
 	$_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
 
-	if (empty($_GET['th']))
-		fatal_lang_error('theme_install_invalid_id');
+	if (empty($_GET['th'])) {
+			fatal_lang_error('theme_install_invalid_id');
+	}
 
 	// Get the theme info.
 	$theme = get_single_theme($_GET['th']);
@@ -1890,25 +1964,24 @@ 
 
 	if (isset($_REQUEST['template']) && preg_match('~[\./\\\\:\0]~', $_REQUEST['template']) == 0)
 	{
-		if (file_exists($settings['default_theme_dir'] . '/' . $_REQUEST['template'] . '.template.php'))
-			$filename = $settings['default_theme_dir'] . '/' . $_REQUEST['template'] . '.template.php';
-
-		else
-			fatal_lang_error('no_access', false);
+		if (file_exists($settings['default_theme_dir'] . '/' . $_REQUEST['template'] . '.template.php')) {
+					$filename = $settings['default_theme_dir'] . '/' . $_REQUEST['template'] . '.template.php';
+		} else {
+					fatal_lang_error('no_access', false);
+		}
 
 		$fp = fopen($theme['theme_dir'] . '/' . $_REQUEST['template'] . '.template.php', 'w');
 		fwrite($fp, file_get_contents($filename));
 		fclose($fp);
 
 		redirectexit('action=admin;area=theme;th=' . $context['theme_id'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=copy');
-	}
-	elseif (isset($_REQUEST['lang_file']) && preg_match('~^[^\./\\\\:\0]\.[^\./\\\\:\0]$~', $_REQUEST['lang_file']) != 0)
+	} elseif (isset($_REQUEST['lang_file']) && preg_match('~^[^\./\\\\:\0]\.[^\./\\\\:\0]$~', $_REQUEST['lang_file']) != 0)
 	{
-		if (file_exists($settings['default_theme_dir'] . '/languages/' . $_REQUEST['template'] . '.php'))
-			$filename = $settings['default_theme_dir'] . '/languages/' . $_REQUEST['template'] . '.php';
-
-		else
-			fatal_lang_error('no_access', false);
+		if (file_exists($settings['default_theme_dir'] . '/languages/' . $_REQUEST['template'] . '.php')) {
+					$filename = $settings['default_theme_dir'] . '/languages/' . $_REQUEST['template'] . '.php';
+		} else {
+					fatal_lang_error('no_access', false);
+		}
 
 		$fp = fopen($theme['theme_dir'] . '/languages/' . $_REQUEST['lang_file'] . '.php', 'w');
 		fwrite($fp, file_get_contents($filename));
@@ -1923,16 +1996,18 @@ 
 	$dir = dir($settings['default_theme_dir']);
 	while ($entry = $dir->read())
 	{
-		if (substr($entry, -13) == '.template.php')
-			$templates[] = substr($entry, 0, -13);
+		if (substr($entry, -13) == '.template.php') {
+					$templates[] = substr($entry, 0, -13);
+		}
 	}
 	$dir->close();
 
 	$dir = dir($settings['default_theme_dir'] . '/languages');
 	while ($entry = $dir->read())
 	{
-		if (preg_match('~^([^\.]+\.[^\.]+)\.php$~', $entry, $matches))
-			$lang_files[] = $matches[1];
+		if (preg_match('~^([^\.]+\.[^\.]+)\.php$~', $entry, $matches)) {
+					$lang_files[] = $matches[1];
+		}
 	}
 	$dir->close();
 
@@ -1940,21 +2015,23 @@ 
 	natcasesort($lang_files);
 
 	$context['available_templates'] = array();
-	foreach ($templates as $template)
-		$context['available_templates'][$template] = array(
+	foreach ($templates as $template) {
+			$context['available_templates'][$template] = array(
 			'filename' => $template . '.template.php',
 			'value' => $template,
 			'already_exists' => false,
 			'can_copy' => is_writable($theme['theme_dir']),
 		);
+	}
 	$context['available_language_files'] = array();
-	foreach ($lang_files as $file)
-		$context['available_language_files'][$file] = array(
+	foreach ($lang_files as $file) {
+			$context['available_language_files'][$file] = array(
 			'filename' => $file . '.php',
 			'value' => $file,
 			'already_exists' => false,
 			'can_copy' => file_exists($theme['theme_dir'] . '/languages') ? is_writable($theme['theme_dir'] . '/languages') : is_writable($theme['theme_dir']),
 		);
+	}
 
 	$dir = dir($theme['theme_dir']);
 	while ($entry = $dir->read())

Sources/Security.php

Braces +263 added lines, -203 removed lines

@@ -14,8 +14,9 @@ 
  * @version 2.1 Beta 3
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  * Check if the user is who he/she says he is
@@ -42,12 +43,14 @@ 
 	$refreshTime = isset($_GET['xml']) ? 4200 : 3600;
 
 	// Is the security option off?
-	if (!empty($modSettings['securityDisable' . ($type != 'admin' ? '_' . $type : '')]))
-		return;
+	if (!empty($modSettings['securityDisable' . ($type != 'admin' ? '_' . $type : '')])) {
+			return;
+	}
 
 	// Or are they already logged in?, Moderator or admin session is need for this area
-	if ((!empty($_SESSION[$type . '_time']) && $_SESSION[$type . '_time'] + $refreshTime >= time()) || (!empty($_SESSION['admin_time']) && $_SESSION['admin_time'] + $refreshTime >= time()))
-		return;
+	if ((!empty($_SESSION[$type . '_time']) && $_SESSION[$type . '_time'] + $refreshTime >= time()) || (!empty($_SESSION['admin_time']) && $_SESSION['admin_time'] + $refreshTime >= time())) {
+			return;
+	}
 
 	require_once($sourcedir . '/Subs-Auth.php');
 
@@ -55,8 +58,9 @@ 
 	if (isset($_POST[$type . '_pass']))
 	{
 		// Check to ensure we're forcing SSL for authentication
-		if (!empty($modSettings['force_ssl']) && empty($maintenance) && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on'))
-			fatal_lang_error('login_ssl_required');
+		if (!empty($modSettings['force_ssl']) && empty($maintenance) && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on')) {
+					fatal_lang_error('login_ssl_required');
+		}
 
 		checkSession();
 
@@ -72,17 +76,19 @@ 
 	}
 
 	// Better be sure to remember the real referer
-	if (empty($_SESSION['request_referer']))
-		$_SESSION['request_referer'] = isset($_SERVER['HTTP_REFERER']) ? @parse_url($_SERVER['HTTP_REFERER']) : array();
-	elseif (empty($_POST))
-		unset($_SESSION['request_referer']);
+	if (empty($_SESSION['request_referer'])) {
+			$_SESSION['request_referer'] = isset($_SERVER['HTTP_REFERER']) ? @parse_url($_SERVER['HTTP_REFERER']) : array();
+	} elseif (empty($_POST)) {
+			unset($_SESSION['request_referer']);
+	}
 
 	// Need to type in a password for that, man.
-	if (!isset($_GET['xml']))
-		adminLogin($type);
-	else
-		return 'session_verify_fail';
-}
+	if (!isset($_GET['xml'])) {
+			adminLogin($type);
+	} else {
+			return 'session_verify_fail';
+	}
+	}
 
 /**
  * Require a user who is logged in. (not a guest.)
@@ -96,25 +102,30 @@ 
 	global $user_info, $txt, $context, $scripturl, $modSettings;
 
 	// Luckily, this person isn't a guest.
-	if (!$user_info['is_guest'])
-		return;
+	if (!$user_info['is_guest']) {
+			return;
+	}
 
 	// Log what they were trying to do didn't work)
-	if (!empty($modSettings['who_enabled']))
-		$_GET['error'] = 'guest_login';
+	if (!empty($modSettings['who_enabled'])) {
+			$_GET['error'] = 'guest_login';
+	}
 	writeLog(true);
 
 	// Just die.
-	if (isset($_REQUEST['xml']))
-		obExit(false);
+	if (isset($_REQUEST['xml'])) {
+			obExit(false);
+	}
 
 	// Attempt to detect if they came from dlattach.
-	if (SMF != 'SSI' && empty($context['theme_loaded']))
-		loadTheme();
+	if (SMF != 'SSI' && empty($context['theme_loaded'])) {
+			loadTheme();
+	}
 
 	// Never redirect to an attachment
-	if (strpos($_SERVER['REQUEST_URL'], 'dlattach') === false)
-		$_SESSION['login_url'] = $_SERVER['REQUEST_URL'];
+	if (strpos($_SERVER['REQUEST_URL'], 'dlattach') === false) {
+			$_SESSION['login_url'] = $_SERVER['REQUEST_URL'];
+	}
 
 	// Load the Login template and language file.
 	loadLanguage('Login');
@@ -124,8 +135,7 @@ 
 	{
 		$_SESSION['login_url'] = $scripturl . '?' . $_SERVER['QUERY_STRING'];
 		redirectexit('action=login');
-	}
-	else
+	} else
 	{
 		loadTemplate('Login');
 		$context['sub_template'] = 'kick_guest';
@@ -155,8 +165,9 @@ 
 	global $sourcedir, $cookiename, $user_settings, $smcFunc;
 
 	// You cannot be banned if you are an admin - doesn't help if you log out.
-	if ($user_info['is_admin'])
-		return;
+	if ($user_info['is_admin']) {
+			return;
+	}
 
 	// Only check the ban every so often. (to reduce load.)
 	if ($forceCheck || !isset($_SESSION['ban']) || empty($modSettings['banLastUpdated']) || ($_SESSION['ban']['last_checked'] < $modSettings['banLastUpdated']) || $_SESSION['ban']['id_member'] != $user_info['id'] || $_SESSION['ban']['ip'] != $user_info['ip'] || $_SESSION['ban']['ip2'] != $user_info['ip2'] || (isset($user_info['email'], $_SESSION['ban']['email']) && $_SESSION['ban']['email'] != $user_info['email']))
@@ -177,8 +188,9 @@ 
 		// Check both IP addresses.
 		foreach (array('ip', 'ip2') as $ip_number)
 		{
-			if ($ip_number == 'ip2' && $user_info['ip2'] == $user_info['ip'])
-				continue;
+			if ($ip_number == 'ip2' && $user_info['ip2'] == $user_info['ip']) {
+							continue;
+			}
 			$ban_query[] = ' {inet:' . $ip_number . '} BETWEEN bi.ip_low and bi.ip_high';
 			$ban_query_vars[$ip_number] = $user_info[$ip_number];
 			// IP was valid, maybe there's also a hostname...
@@ -228,24 +240,28 @@ 
 			// Store every type of ban that applies to you in your session.
 			while ($row = $smcFunc['db_fetch_assoc']($request))
 			{
-				foreach ($restrictions as $restriction)
-					if (!empty($row[$restriction]))
+				foreach ($restrictions as $restriction) {
+									if (!empty($row[$restriction]))
 					{
 						$_SESSION['ban'][$restriction]['reason'] = $row['reason'];
+				}
 						$_SESSION['ban'][$restriction]['ids'][] = $row['id_ban'];
-						if (!isset($_SESSION['ban']['expire_time']) || ($_SESSION['ban']['expire_time'] != 0 && ($row['expire_time'] == 0 || $row['expire_time'] > $_SESSION['ban']['expire_time'])))
-							$_SESSION['ban']['expire_time'] = $row['expire_time'];
+						if (!isset($_SESSION['ban']['expire_time']) || ($_SESSION['ban']['expire_time'] != 0 && ($row['expire_time'] == 0 || $row['expire_time'] > $_SESSION['ban']['expire_time']))) {
+													$_SESSION['ban']['expire_time'] = $row['expire_time'];
+						}
 
-						if (!$user_info['is_guest'] && $restriction == 'cannot_access' && ($row['id_member'] == $user_info['id'] || $row['email_address'] == $user_info['email']))
-							$flag_is_activated = true;
+						if (!$user_info['is_guest'] && $restriction == 'cannot_access' && ($row['id_member'] == $user_info['id'] || $row['email_address'] == $user_info['email'])) {
+													$flag_is_activated = true;
+						}
 					}
 			}
 			$smcFunc['db_free_result']($request);
 		}
 
 		// Mark the cannot_access and cannot_post bans as being 'hit'.
-		if (isset($_SESSION['ban']['cannot_access']) || isset($_SESSION['ban']['cannot_post']) || isset($_SESSION['ban']['cannot_login']))
-			log_ban(array_merge(isset($_SESSION['ban']['cannot_access']) ? $_SESSION['ban']['cannot_access']['ids'] : array(), isset($_SESSION['ban']['cannot_post']) ? $_SESSION['ban']['cannot_post']['ids'] : array(), isset($_SESSION['ban']['cannot_login']) ? $_SESSION['ban']['cannot_login']['ids'] : array()));
+		if (isset($_SESSION['ban']['cannot_access']) || isset($_SESSION['ban']['cannot_post']) || isset($_SESSION['ban']['cannot_login'])) {
+					log_ban(array_merge(isset($_SESSION['ban']['cannot_access']) ? $_SESSION['ban']['cannot_access']['ids'] : array(), isset($_SESSION['ban']['cannot_post']) ? $_SESSION['ban']['cannot_post']['ids'] : array(), isset($_SESSION['ban']['cannot_login']) ? $_SESSION['ban']['cannot_login']['ids'] : array()));
+		}
 
 		// If for whatever reason the is_activated flag seems wrong, do a little work to clear it up.
 		if ($user_info['id'] && (($user_settings['is_activated'] >= 10 && !$flag_is_activated)
@@ -260,8 +276,9 @@ 
 	if (!isset($_SESSION['ban']['cannot_access']) && !empty($_COOKIE[$cookiename . '_']))
 	{
 		$bans = explode(',', $_COOKIE[$cookiename . '_']);
-		foreach ($bans as $key => $value)
-			$bans[$key] = (int) $value;
+		foreach ($bans as $key => $value) {
+					$bans[$key] = (int) $value;
+		}
 		$request = $smcFunc['db_query']('', '
 			SELECT bi.id_ban, bg.reason
 			FROM {db_prefix}ban_items AS bi
@@ -297,14 +314,15 @@ 
 	if (isset($_SESSION['ban']['cannot_access']))
 	{
 		// We don't wanna see you!
-		if (!$user_info['is_guest'])
-			$smcFunc['db_query']('', '
+		if (!$user_info['is_guest']) {
+					$smcFunc['db_query']('', '
 				DELETE FROM {db_prefix}log_online
 				WHERE id_member = {int:current_member}',
 				array(
 					'current_member' => $user_info['id'],
 				)
 			);
+		}
 
 		// 'Log' the user out.  Can't have any funny business... (save the name!)
 		$old_name = isset($user_info['name']) && $user_info['name'] != '' ? $user_info['name'] : $txt['guest_title'];
@@ -390,9 +408,10 @@ 
 	}
 
 	// Fix up the banning permissions.
-	if (isset($user_info['permissions']))
-		banPermissions();
-}
+	if (isset($user_info['permissions'])) {
+			banPermissions();
+	}
+	}
 
 /**
  * Fix permissions according to ban status.
@@ -403,8 +422,9 @@ 
 	global $user_info, $sourcedir, $modSettings, $context;
 
 	// Somehow they got here, at least take away all permissions...
-	if (isset($_SESSION['ban']['cannot_access']))
-		$user_info['permissions'] = array();
+	if (isset($_SESSION['ban']['cannot_access'])) {
+			$user_info['permissions'] = array();
+	}
 	// Okay, well, you can watch, but don't touch a thing.
 	elseif (isset($_SESSION['ban']['cannot_post']) || (!empty($modSettings['warning_mute']) && $modSettings['warning_mute'] <= $user_info['warning']))
 	{
@@ -446,44 +466,45 @@ 
 		call_integration_hook('integrate_warn_permissions', array(&$permission_change));
 		foreach ($permission_change as $old => $new)
 		{
-			if (!in_array($old, $user_info['permissions']))
-				unset($permission_change[$old]);
-			else
-				$user_info['permissions'][] = $new;
+			if (!in_array($old, $user_info['permissions'])) {
+							unset($permission_change[$old]);
+			} else {
+							$user_info['permissions'][] = $new;
+			}
 		}
 		$user_info['permissions'] = array_diff($user_info['permissions'], array_keys($permission_change));
 	}
 
 	// @todo Find a better place to call this? Needs to be after permissions loaded!
 	// Finally, some bits we cache in the session because it saves queries.
-	if (isset($_SESSION['mc']) && $_SESSION['mc']['time'] > $modSettings['settings_updated'] && $_SESSION['mc']['id'] == $user_info['id'])
-		$user_info['mod_cache'] = $_SESSION['mc'];
-	else
+	if (isset($_SESSION['mc']) && $_SESSION['mc']['time'] > $modSettings['settings_updated'] && $_SESSION['mc']['id'] == $user_info['id']) {
+			$user_info['mod_cache'] = $_SESSION['mc'];
+	} else
 	{
 		require_once($sourcedir . '/Subs-Auth.php');
 		rebuildModCache();
 	}
 
 	// Now that we have the mod cache taken care of lets setup a cache for the number of mod reports still open
-	if (!empty($_SESSION['rc']) && $_SESSION['rc']['time'] > $modSettings['last_mod_report_action'] && $_SESSION['rc']['id'] == $user_info['id'])
-		$context['open_mod_reports'] = $_SESSION['rc']['reports'];
-	elseif ($_SESSION['mc']['bq'] != '0=1')
+	if (!empty($_SESSION['rc']) && $_SESSION['rc']['time'] > $modSettings['last_mod_report_action'] && $_SESSION['rc']['id'] == $user_info['id']) {
+			$context['open_mod_reports'] = $_SESSION['rc']['reports'];
+	} elseif ($_SESSION['mc']['bq'] != '0=1')
 	{
 		require_once($sourcedir . '/Subs-ReportedContent.php');
 		recountOpenReports('posts');
+	} else {
+			$context['open_mod_reports'] = 0;
 	}
-	else
-		$context['open_mod_reports'] = 0;
 
-	if (!empty($_SESSION['rc']) && $_SESSION['rc']['time'] > $modSettings['last_mod_report_action'] && $_SESSION['rc']['id'] == $user_info['id'])
-		$context['open_member_reports'] = !empty($_SESSION['rc']['member_reports']) ? $_SESSION['rc']['member_reports'] : 0;
-	elseif (allowedTo('moderate_forum'))
+	if (!empty($_SESSION['rc']) && $_SESSION['rc']['time'] > $modSettings['last_mod_report_action'] && $_SESSION['rc']['id'] == $user_info['id']) {
+			$context['open_member_reports'] = !empty($_SESSION['rc']['member_reports']) ? $_SESSION['rc']['member_reports'] : 0;
+	} elseif (allowedTo('moderate_forum'))
 	{
 		require_once($sourcedir . '/Subs-ReportedContent.php');
 		recountOpenReports('members');
+	} else {
+			$context['open_member_reports'] = 0;
 	}
-	else
-		$context['open_member_reports'] = 0;
 
 }
 
@@ -500,8 +521,9 @@ 
 	global $user_info, $smcFunc;
 
 	// Don't log web accelerators, it's very confusing...
-	if (isset($_SERVER['HTTP_X_MOZ']) && $_SERVER['HTTP_X_MOZ'] == 'prefetch')
-		return;
+	if (isset($_SERVER['HTTP_X_MOZ']) && $_SERVER['HTTP_X_MOZ'] == 'prefetch') {
+			return;
+	}
 
 	$smcFunc['db_insert']('',
 		'{db_prefix}log_banned',
@@ -511,8 +533,8 @@ 
 	);
 
 	// One extra point for these bans.
-	if (!empty($ban_ids))
-		$smcFunc['db_query']('', '
+	if (!empty($ban_ids)) {
+			$smcFunc['db_query']('', '
 			UPDATE {db_prefix}ban_items
 			SET hits = hits + 1
 			WHERE id_ban IN ({array_int:ban_ids})',
@@ -520,7 +542,8 @@ 
 				'ban_ids' => $ban_ids,
 			)
 		);
-}
+	}
+	}
 
 /**
  * Checks if a given email address might be banned.
@@ -536,8 +559,9 @@ 
 	global $txt, $smcFunc;
 
 	// Can't ban an empty email
-	if (empty($email) || trim($email) == '')
-		return;
+	if (empty($email) || trim($email) == '') {
+			return;
+	}
 
 	// Let's start with the bans based on your IP/hostname/memberID...
 	$ban_ids = isset($_SESSION['ban'][$restriction]) ? $_SESSION['ban'][$restriction]['ids'] : array();
@@ -610,16 +634,18 @@ 
 	if ($type == 'post')
 	{
 		$check = isset($_POST[$_SESSION['session_var']]) ? $_POST[$_SESSION['session_var']] : (empty($modSettings['strictSessionCheck']) && isset($_POST['sc']) ? $_POST['sc'] : null);
-		if ($check !== $sc)
-			$error = 'session_timeout';
+		if ($check !== $sc) {
+					$error = 'session_timeout';
+		}
 	}
 
 	// How about $_GET['sesc']?
 	elseif ($type == 'get')
 	{
 		$check = isset($_GET[$_SESSION['session_var']]) ? $_GET[$_SESSION['session_var']] : (empty($modSettings['strictSessionCheck']) && isset($_GET['sesc']) ? $_GET['sesc'] : null);
-		if ($check !== $sc)
-			$error = 'session_verify_fail';
+		if ($check !== $sc) {
+					$error = 'session_verify_fail';
+		}
 	}
 
 	// Or can it be in either?
@@ -627,13 +653,15 @@ 
 	{
 		$check = isset($_GET[$_SESSION['session_var']]) ? $_GET[$_SESSION['session_var']] : (empty($modSettings['strictSessionCheck']) && isset($_GET['sesc']) ? $_GET['sesc'] : (isset($_POST[$_SESSION['session_var']]) ? $_POST[$_SESSION['session_var']] : (empty($modSettings['strictSessionCheck']) && isset($_POST['sc']) ? $_POST['sc'] : null)));
 
-		if ($check !== $sc)
-			$error = 'session_verify_fail';
+		if ($check !== $sc) {
+					$error = 'session_verify_fail';
+		}
 	}
 
 	// Verify that they aren't changing user agents on us - that could be bad.
-	if ((!isset($_SESSION['USER_AGENT']) || $_SESSION['USER_AGENT'] != $_SERVER['HTTP_USER_AGENT']) && empty($modSettings['disableCheckUA']))
-		$error = 'session_verify_fail';
+	if ((!isset($_SESSION['USER_AGENT']) || $_SESSION['USER_AGENT'] != $_SERVER['HTTP_USER_AGENT']) && empty($modSettings['disableCheckUA'])) {
+			$error = 'session_verify_fail';
+	}
 
 	// Make sure a page with session check requirement is not being prefetched.
 	if (isset($_SERVER['HTTP_X_MOZ']) && $_SERVER['HTTP_X_MOZ'] == 'prefetch')
@@ -644,30 +672,35 @@ 
 	}
 
 	// Check the referring site - it should be the same server at least!
-	if (isset($_SESSION['request_referer']))
-		$referrer = $_SESSION['request_referer'];
-	else
-		$referrer = isset($_SERVER['HTTP_REFERER']) ? @parse_url($_SERVER['HTTP_REFERER']) : array();
+	if (isset($_SESSION['request_referer'])) {
+			$referrer = $_SESSION['request_referer'];
+	} else {
+			$referrer = isset($_SERVER['HTTP_REFERER']) ? @parse_url($_SERVER['HTTP_REFERER']) : array();
+	}
 	if (!empty($referrer['host']))
 	{
-		if (strpos($_SERVER['HTTP_HOST'], ':') !== false)
-			$real_host = substr($_SERVER['HTTP_HOST'], 0, strpos($_SERVER['HTTP_HOST'], ':'));
-		else
-			$real_host = $_SERVER['HTTP_HOST'];
+		if (strpos($_SERVER['HTTP_HOST'], ':') !== false) {
+					$real_host = substr($_SERVER['HTTP_HOST'], 0, strpos($_SERVER['HTTP_HOST'], ':'));
+		} else {
+					$real_host = $_SERVER['HTTP_HOST'];
+		}
 
 		$parsed_url = parse_url($boardurl);
 
 		// Are global cookies on?  If so, let's check them ;).
 		if (!empty($modSettings['globalCookies']))
 		{
-			if (preg_match('~(?:[^\.]+\.)?([^\.]{3,}\..+)\z~i', $parsed_url['host'], $parts) == 1)
-				$parsed_url['host'] = $parts[1];
+			if (preg_match('~(?:[^\.]+\.)?([^\.]{3,}\..+)\z~i', $parsed_url['host'], $parts) == 1) {
+							$parsed_url['host'] = $parts[1];
+			}
 
-			if (preg_match('~(?:[^\.]+\.)?([^\.]{3,}\..+)\z~i', $referrer['host'], $parts) == 1)
-				$referrer['host'] = $parts[1];
+			if (preg_match('~(?:[^\.]+\.)?([^\.]{3,}\..+)\z~i', $referrer['host'], $parts) == 1) {
+							$referrer['host'] = $parts[1];
+			}
 
-			if (preg_match('~(?:[^\.]+\.)?([^\.]{3,}\..+)\z~i', $real_host, $parts) == 1)
-				$real_host = $parts[1];
+			if (preg_match('~(?:[^\.]+\.)?([^\.]{3,}\..+)\z~i', $real_host, $parts) == 1) {
+							$real_host = $parts[1];
+			}
 		}
 
 		// Okay: referrer must either match parsed_url or real_host.
@@ -685,12 +718,14 @@ 
 		$log_error = true;
 	}
 
-	if (strtolower($_SERVER['HTTP_USER_AGENT']) == 'hacker')
-		fatal_error('Sound the alarm!  It\'s a hacker!  Close the castle gates!!', false);
+	if (strtolower($_SERVER['HTTP_USER_AGENT']) == 'hacker') {
+			fatal_error('Sound the alarm!  It\'s a hacker!  Close the castle gates!!', false);
+	}
 
 	// Everything is ok, return an empty string.
-	if (!isset($error))
-		return '';
+	if (!isset($error)) {
+			return '';
+	}
 	// A session error occurred, show the error.
 	elseif ($is_fatal)
 	{
@@ -699,13 +734,14 @@ 
 			ob_end_clean();
 			header('HTTP/1.1 403 Forbidden - Session timeout');
 			die;
+		} else {
+					fatal_lang_error($error, isset($log_error) ? 'user' : false);
 		}
-		else
-			fatal_lang_error($error, isset($log_error) ? 'user' : false);
 	}
 	// A session error occurred, return the error to the calling function.
-	else
-		return $error;
+	else {
+			return $error;
+	}
 
 	// We really should never fall through here, for very important reasons.  Let's make sure.
 	trigger_error('Hacking attempt...', E_USER_ERROR);
@@ -721,10 +757,9 @@ 
 {
 	global $modSettings;
 
-	if (isset($_GET['confirm']) && isset($_SESSION['confirm_' . $action]) && md5($_GET['confirm'] . $_SERVER['HTTP_USER_AGENT']) == $_SESSION['confirm_' . $action])
-		return true;
-
-	else
+	if (isset($_GET['confirm']) && isset($_SESSION['confirm_' . $action]) && md5($_GET['confirm'] . $_SERVER['HTTP_USER_AGENT']) == $_SESSION['confirm_' . $action]) {
+			return true;
+	} else
 	{
 		$token = md5(mt_rand() . session_id() . (string) microtime() . $modSettings['rand_seed']);
 		$_SESSION['confirm_' . $action] = md5($token . $_SERVER['HTTP_USER_AGENT']);
@@ -775,9 +810,9 @@ 
 			$return = $_SESSION['token'][$type . '-' . $action][3];
 			unset($_SESSION['token'][$type . '-' . $action]);
 			return $return;
+		} else {
+					return '';
 		}
-		else
-			return '';
 	}
 
 	// This nasty piece of code validates a token.
@@ -808,12 +843,14 @@ 
 		fatal_lang_error('token_verify_fail', false);
 	}
 	// Remove this token as its useless
-	else
-		unset($_SESSION['token'][$type . '-' . $action]);
+	else {
+			unset($_SESSION['token'][$type . '-' . $action]);
+	}
 
 	// Randomly check if we should remove some older tokens.
-	if (mt_rand(0, 138) == 23)
-		cleanTokens();
+	if (mt_rand(0, 138) == 23) {
+			cleanTokens();
+	}
 
 	return false;
 }
@@ -828,14 +865,16 @@ 
 function cleanTokens($complete = false)
 {
 	// We appreciate cleaning up after yourselves.
-	if (!isset($_SESSION['token']))
-		return;
+	if (!isset($_SESSION['token'])) {
+			return;
+	}
 
 	// Clean up tokens, trying to give enough time still.
-	foreach ($_SESSION['token'] as $key => $data)
-		if ($data[2] + 10800 < time() || $complete)
+	foreach ($_SESSION['token'] as $key => $data) {
+			if ($data[2] + 10800 < time() || $complete)
 			unset($_SESSION['token'][$key]);
-}
+	}
+	}
 
 /**
  * Check whether a form has been submitted twice.
@@ -853,37 +892,40 @@ 
 {
 	global $context;
 
-	if (!isset($_SESSION['forms']))
-		$_SESSION['forms'] = array();
+	if (!isset($_SESSION['forms'])) {
+			$_SESSION['forms'] = array();
+	}
 
 	// Register a form number and store it in the session stack. (use this on the page that has the form.)
 	if ($action == 'register')
 	{
 		$context['form_sequence_number'] = 0;
-		while (empty($context['form_sequence_number']) || in_array($context['form_sequence_number'], $_SESSION['forms']))
-			$context['form_sequence_number'] = mt_rand(1, 16000000);
+		while (empty($context['form_sequence_number']) || in_array($context['form_sequence_number'], $_SESSION['forms'])) {
+					$context['form_sequence_number'] = mt_rand(1, 16000000);
+		}
 	}
 	// Check whether the submitted number can be found in the session.
 	elseif ($action == 'check')
 	{
-		if (!isset($_REQUEST['seqnum']))
-			return true;
-		elseif (!in_array($_REQUEST['seqnum'], $_SESSION['forms']))
+		if (!isset($_REQUEST['seqnum'])) {
+					return true;
+		} elseif (!in_array($_REQUEST['seqnum'], $_SESSION['forms']))
 		{
 			$_SESSION['forms'][] = (int) $_REQUEST['seqnum'];
 			return true;
+		} elseif ($is_fatal) {
+					fatal_lang_error('error_form_already_submitted', false);
+		} else {
+					return false;
 		}
-		elseif ($is_fatal)
-			fatal_lang_error('error_form_already_submitted', false);
-		else
-			return false;
 	}
 	// Don't check, just free the stack number.
-	elseif ($action == 'free' && isset($_REQUEST['seqnum']) && in_array($_REQUEST['seqnum'], $_SESSION['forms']))
-		$_SESSION['forms'] = array_diff($_SESSION['forms'], array($_REQUEST['seqnum']));
-	elseif ($action != 'free')
-		trigger_error('checkSubmitOnce(): Invalid action \'' . $action . '\'', E_USER_WARNING);
-}
+	elseif ($action == 'free' && isset($_REQUEST['seqnum']) && in_array($_REQUEST['seqnum'], $_SESSION['forms'])) {
+			$_SESSION['forms'] = array_diff($_SESSION['forms'], array($_REQUEST['seqnum']));
+	} elseif ($action != 'free') {
+			trigger_error('checkSubmitOnce(): Invalid action \'' . $action . '\'', E_USER_WARNING);
+	}
+	}
 
 /**
  * Check the user's permissions.
@@ -900,16 +942,19 @@ 
 	global $user_info, $smcFunc;
 
 	// You're always allowed to do nothing. (unless you're a working man, MR. LAZY :P!)
-	if (empty($permission))
-		return true;
+	if (empty($permission)) {
+			return true;
+	}
 
 	// You're never allowed to do something if your data hasn't been loaded yet!
-	if (empty($user_info))
-		return false;
+	if (empty($user_info)) {
+			return false;
+	}
 
 	// Administrators are supermen :P.
-	if ($user_info['is_admin'])
-		return true;
+	if ($user_info['is_admin']) {
+			return true;
+	}
 
 	// Let's ensure this is an array.
 	$permission = (array) $permission;
@@ -917,14 +962,16 @@ 
 	// Are we checking the _current_ board, or some other boards?
 	if ($boards === null)
 	{
-		if (count(array_intersect($permission, $user_info['permissions'])) != 0)
-			return true;
+		if (count(array_intersect($permission, $user_info['permissions'])) != 0) {
+					return true;
+		}
 		// You aren't allowed, by default.
-		else
-			return false;
+		else {
+					return false;
+		}
+	} elseif (!is_array($boards)) {
+			$boards = array($boards);
 	}
-	elseif (!is_array($boards))
-		$boards = array($boards);
 
 	$request = $smcFunc['db_query']('', '
 		SELECT MIN(bp.add_deny) AS add_deny
@@ -947,12 +994,14 @@ 
 	);
 
 	// Make sure they can do it on all of the boards.
-	if ($smcFunc['db_num_rows']($request) != count($boards))
-		return false;
+	if ($smcFunc['db_num_rows']($request) != count($boards)) {
+			return false;
+	}
 
 	$result = true;
-	while ($row = $smcFunc['db_fetch_assoc']($request))
-		$result &= !empty($row['add_deny']);
+	while ($row = $smcFunc['db_fetch_assoc']($request)) {
+			$result &= !empty($row['add_deny']);
+	}
 	$smcFunc['db_free_result']($request);
 
 	// If the query returned 1, they can do it... otherwise, they can't.
@@ -1017,9 +1066,10 @@ 
 
 	// If you're doing something on behalf of some "heavy" permissions, validate your session.
 	// (take out the heavy permissions, and if you can't do anything but those, you need a validated session.)
-	if (!allowedTo(array_diff($permission, $heavy_permissions), $boards))
-		validateSession();
-}
+	if (!allowedTo(array_diff($permission, $heavy_permissions), $boards)) {
+			validateSession();
+	}
+	}
 
 /**
  * Return the boards a user has a certain (board) permission on. (array(0) if all.)
@@ -1038,8 +1088,9 @@ 
 	global $user_info, $smcFunc;
 
 	// Arrays are nice, most of the time.
-	if (!is_array($permissions))
-		$permissions = array($permissions);
+	if (!is_array($permissions)) {
+			$permissions = array($permissions);
+	}
 
 	/*
 	 * Set $simple to true to use this function as it were in SMF 2.0.x.
@@ -1051,13 +1102,14 @@ 
 	// Administrators are all powerful, sorry.
 	if ($user_info['is_admin'])
 	{
-		if ($simple)
-			return array(0);
-		else
+		if ($simple) {
+					return array(0);
+		} else
 		{
 			$boards = array();
-			foreach ($permissions as $permission)
-				$boards[$permission] = array(0);
+			foreach ($permissions as $permission) {
+							$boards[$permission] = array(0);
+			}
 
 			return $boards;
 		}
@@ -1089,31 +1141,32 @@ 
 	{
 		if ($simple)
 		{
-			if (empty($row['add_deny']))
-				$deny_boards[] = $row['id_board'];
-			else
-				$boards[] = $row['id_board'];
-		}
-		else
+			if (empty($row['add_deny'])) {
+							$deny_boards[] = $row['id_board'];
+			} else {
+							$boards[] = $row['id_board'];
+			}
+		} else
 		{
-			if (empty($row['add_deny']))
-				$deny_boards[$row['permission']][] = $row['id_board'];
-			else
-				$boards[$row['permission']][] = $row['id_board'];
+			if (empty($row['add_deny'])) {
+							$deny_boards[$row['permission']][] = $row['id_board'];
+			} else {
+							$boards[$row['permission']][] = $row['id_board'];
+			}
 		}
 	}
 	$smcFunc['db_free_result']($request);
 
-	if ($simple)
-		$boards = array_unique(array_values(array_diff($boards, $deny_boards)));
-	else
+	if ($simple) {
+			$boards = array_unique(array_values(array_diff($boards, $deny_boards)));
+	} else
 	{
 		foreach ($permissions as $permission)
 		{
 			// never had it to start with
-			if (empty($boards[$permission]))
-				$boards[$permission] = array();
-			else
+			if (empty($boards[$permission])) {
+							$boards[$permission] = array();
+			} else
 			{
 				// Or it may have been removed
 				$deny_boards[$permission] = isset($deny_boards[$permission]) ? $deny_boards[$permission] : array();
@@ -1149,10 +1202,11 @@ 
 
 
 	// Moderators are free...
-	if (!allowedTo('moderate_board'))
-		$timeLimit = isset($timeOverrides[$error_type]) ? $timeOverrides[$error_type] : $modSettings['spamWaitTime'];
-	else
-		$timeLimit = 2;
+	if (!allowedTo('moderate_board')) {
+			$timeLimit = isset($timeOverrides[$error_type]) ? $timeOverrides[$error_type] : $modSettings['spamWaitTime'];
+	} else {
+			$timeLimit = 2;
+	}
 
 	call_integration_hook('integrate_spam_protection', array(&$timeOverrides, &$timeLimit));
 
@@ -1179,8 +1233,9 @@ 
 	if ($smcFunc['db_affected_rows']() != 1)
 	{
 		// Spammer!  You only have to wait a *few* seconds!
-		if (!$only_return_result)
-			fatal_lang_error($error_type . '_WaitTime_broken', false, array($timeLimit));
+		if (!$only_return_result) {
+					fatal_lang_error($error_type . '_WaitTime_broken', false, array($timeLimit));
+		}
 
 		return true;
 	}
@@ -1198,11 +1253,13 @@ 
  */
 function secureDirectory($path, $attachments = false)
 {
-	if (empty($path))
-		return 'empty_path';
+	if (empty($path)) {
+			return 'empty_path';
+	}
 
-	if (!is_writable($path))
-		return 'path_not_writable';
+	if (!is_writable($path)) {
+			return 'path_not_writable';
+	}
 
 	$directoryname = basename($path);
 
@@ -1214,9 +1271,9 @@ 
 
 RemoveHandler .php .php3 .phtml .cgi .fcgi .pl .fpl .shtml';
 
-	if (file_exists($path . '/.htaccess'))
-		$errors[] = 'htaccess_exists';
-	else
+	if (file_exists($path . '/.htaccess')) {
+			$errors[] = 'htaccess_exists';
+	} else
 	{
 		$fh = @fopen($path . '/.htaccess', 'w');
 		if ($fh) {
@@ -1228,9 +1285,9 @@ 
 		$errors[] = 'htaccess_cannot_create_file';
 	}
 
-	if (file_exists($path . '/index.php'))
-		$errors[] = 'index-php_exists';
-	else
+	if (file_exists($path . '/index.php')) {
+			$errors[] = 'index-php_exists';
+	} else
 	{
 		$fh = @fopen($path . '/index.php', 'w');
 		if ($fh) {
@@ -1257,11 +1314,12 @@ 
 		$errors[] = 'index-php_cannot_create_file';
 	}
 
-	if (!empty($errors))
-		return $errors;
-	else
-		return true;
-}
+	if (!empty($errors)) {
+			return $errors;
+	} else {
+			return true;
+	}
+	}
 
 /**
 * This sets the X-Frame-Options header.
@@ -1274,14 +1332,16 @@ 
 	global $modSettings;
 
 	$option = 'SAMEORIGIN';
-	if (is_null($override) && !empty($modSettings['frame_security']))
-		$option = $modSettings['frame_security'];
-	elseif (in_array($override, array('SAMEORIGIN', 'DENY')))
-		$option = $override;
+	if (is_null($override) && !empty($modSettings['frame_security'])) {
+			$option = $modSettings['frame_security'];
+	} elseif (in_array($override, array('SAMEORIGIN', 'DENY'))) {
+			$option = $override;
+	}
 
 	// Don't bother setting the header if we have disabled it.
-	if ($option == 'DISABLE')
-		return;
+	if ($option == 'DISABLE') {
+			return;
+	}
 
 	// Finally set it.
 	header('X-Frame-Options: ' . $option);

Sources/PostModeration.php

Braces +100 added lines, -79 removed lines

@@ -13,8 +13,9 @@ 
  * @version 2.1 Beta 3
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  * This is a handling function for all things post moderation.
@@ -39,8 +40,9 @@ 
 	);
 
 	// Pick something valid...
-	if (!isset($_REQUEST['sa']) || !isset($subActions[$_REQUEST['sa']]))
-		$_REQUEST['sa'] = 'replies';
+	if (!isset($_REQUEST['sa']) || !isset($subActions[$_REQUEST['sa']])) {
+			$_REQUEST['sa'] = 'replies';
+	}
 
 	call_integration_hook('integrate_post_moderation', array(&$subActions));
 
@@ -68,13 +70,15 @@ 
 		$approve_boards = $approve_boards == array(0) ? $filter_board : array_intersect($approve_boards, $filter_board);
 	}
 
-	if ($approve_boards == array(0))
-		$approve_query = '';
-	elseif (!empty($approve_boards))
-		$approve_query = ' AND m.id_board IN (' . implode(',', $approve_boards) . ')';
+	if ($approve_boards == array(0)) {
+			$approve_query = '';
+	} elseif (!empty($approve_boards)) {
+			$approve_query = ' AND m.id_board IN (' . implode(',', $approve_boards) . ')';
+	}
 	// Nada, zip, etc...
-	else
-		$approve_query = ' AND 1=0';
+	else {
+			$approve_query = ' AND 1=0';
+	}
 
 	// We also need to know where we can delete topics and/or replies to.
 	if ($context['current_view'] == 'topics')
@@ -82,8 +86,7 @@ 
 		$delete_own_boards = boardsAllowedTo('remove_own');
 		$delete_any_boards = boardsAllowedTo('remove_any');
 		$delete_own_replies = array();
-	}
-	else
+	} else
 	{
 		$delete_own_boards = boardsAllowedTo('delete_own');
 		$delete_any_boards = boardsAllowedTo('delete_any');
@@ -92,21 +95,25 @@ 
 
 	$toAction = array();
 	// Check if we have something to do?
-	if (isset($_GET['approve']))
-		$toAction[] = (int) $_GET['approve'];
+	if (isset($_GET['approve'])) {
+			$toAction[] = (int) $_GET['approve'];
+	}
 	// Just a deletion?
-	elseif (isset($_GET['delete']))
-		$toAction[] = (int) $_GET['delete'];
+	elseif (isset($_GET['delete'])) {
+			$toAction[] = (int) $_GET['delete'];
+	}
 	// Lots of approvals?
-	elseif (isset($_POST['item']))
-		foreach ($_POST['item'] as $item)
+	elseif (isset($_POST['item'])) {
+			foreach ($_POST['item'] as $item)
 			$toAction[] = (int) $item;
+	}
 
 	// What are we actually doing.
-	if (isset($_GET['approve']) || (isset($_POST['do']) && $_POST['do'] == 'approve'))
-		$curAction = 'approve';
-	elseif (isset($_GET['delete']) || (isset($_POST['do']) && $_POST['do'] == 'delete'))
-		$curAction = 'delete';
+	if (isset($_GET['approve']) || (isset($_POST['do']) && $_POST['do'] == 'approve')) {
+			$curAction = 'approve';
+	} elseif (isset($_GET['delete']) || (isset($_POST['do']) && $_POST['do'] == 'delete')) {
+			$curAction = 'delete';
+	}
 
 	// Right, so we have something to do?
 	if (!empty($toAction) && isset($curAction))
@@ -135,8 +142,9 @@ 
 		while ($row = $smcFunc['db_fetch_assoc']($request))
 		{
 			// If it's not within what our view is ignore it...
-			if (($row['id_msg'] == $row['id_first_msg'] && $context['current_view'] != 'topics') || ($row['id_msg'] != $row['id_first_msg'] && $context['current_view'] != 'replies'))
-				continue;
+			if (($row['id_msg'] == $row['id_first_msg'] && $context['current_view'] != 'topics') || ($row['id_msg'] != $row['id_first_msg'] && $context['current_view'] != 'replies')) {
+							continue;
+			}
 
 			$can_add = false;
 			// If we're approving this is simple.
@@ -148,18 +156,22 @@ 
 			elseif ($curAction == 'delete')
 			{
 				// Own post is easy!
-				if ($row['id_member'] == $user_info['id'] && ($delete_own_boards == array(0) || in_array($row['id_board'], $delete_own_boards)))
-					$can_add = true;
+				if ($row['id_member'] == $user_info['id'] && ($delete_own_boards == array(0) || in_array($row['id_board'], $delete_own_boards))) {
+									$can_add = true;
+				}
 				// Is it a reply to their own topic?
-				elseif ($row['id_member'] == $row['id_member_started'] && $row['id_msg'] != $row['id_first_msg'] && ($delete_own_replies == array(0) || in_array($row['id_board'], $delete_own_replies)))
-					$can_add = true;
+				elseif ($row['id_member'] == $row['id_member_started'] && $row['id_msg'] != $row['id_first_msg'] && ($delete_own_replies == array(0) || in_array($row['id_board'], $delete_own_replies))) {
+									$can_add = true;
+				}
 				// Someone elses?
-				elseif ($row['id_member'] != $user_info['id'] && ($delete_any_boards == array(0) || in_array($row['id_board'], $delete_any_boards)))
-					$can_add = true;
+				elseif ($row['id_member'] != $user_info['id'] && ($delete_any_boards == array(0) || in_array($row['id_board'], $delete_any_boards))) {
+									$can_add = true;
+				}
 			}
 
-			if ($can_add)
-				$anItem = $context['current_view'] == 'topics' ? $row['id_topic'] : $row['id_msg'];
+			if ($can_add) {
+							$anItem = $context['current_view'] == 'topics' ? $row['id_topic'] : $row['id_msg'];
+			}
 			$toAction[] = $anItem;
 
 			// All clear. What have we got now, what, what?
@@ -177,8 +189,7 @@ 
 			if ($curAction == 'approve')
 			{
 				approveMessages($toAction, $details, $context['current_view']);
-			}
-			else
+			} else
 			{
 				removeMessages($toAction, $details, $context['current_view']);
 			}
@@ -265,16 +276,19 @@ 
 	for ($i = 1; $row = $smcFunc['db_fetch_assoc']($request); $i++)
 	{
 		// Can delete is complicated, let's solve it first... is it their own post?
-		if ($row['id_member'] == $user_info['id'] && ($delete_own_boards == array(0) || in_array($row['id_board'], $delete_own_boards)))
-			$can_delete = true;
+		if ($row['id_member'] == $user_info['id'] && ($delete_own_boards == array(0) || in_array($row['id_board'], $delete_own_boards))) {
+					$can_delete = true;
+		}
 		// Is it a reply to their own topic?
-		elseif ($row['id_member'] == $row['id_member_started'] && $row['id_msg'] != $row['id_first_msg'] && ($delete_own_replies == array(0) || in_array($row['id_board'], $delete_own_replies)))
-			$can_delete = true;
+		elseif ($row['id_member'] == $row['id_member_started'] && $row['id_msg'] != $row['id_first_msg'] && ($delete_own_replies == array(0) || in_array($row['id_board'], $delete_own_replies))) {
+					$can_delete = true;
+		}
 		// Someone elses?
-		elseif ($row['id_member'] != $user_info['id'] && ($delete_any_boards == array(0) || in_array($row['id_board'], $delete_any_boards)))
-			$can_delete = true;
-		else
-			$can_delete = false;
+		elseif ($row['id_member'] != $user_info['id'] && ($delete_any_boards == array(0) || in_array($row['id_board'], $delete_any_boards))) {
+					$can_delete = true;
+		} else {
+					$can_delete = false;
+		}
 
 		$context['unapproved_items'][] = array(
 			'id' => $row['id_msg'],
@@ -323,28 +337,31 @@ 
 	// Once again, permissions are king!
 	$approve_boards = boardsAllowedTo('approve_posts');
 
-	if ($approve_boards == array(0))
-		$approve_query = '';
-	elseif (!empty($approve_boards))
-		$approve_query = ' AND m.id_board IN (' . implode(',', $approve_boards) . ')';
-	else
-		$approve_query = ' AND 1=0';
+	if ($approve_boards == array(0)) {
+			$approve_query = '';
+	} elseif (!empty($approve_boards)) {
+			$approve_query = ' AND m.id_board IN (' . implode(',', $approve_boards) . ')';
+	} else {
+			$approve_query = ' AND 1=0';
+	}
 
 	// Get together the array of things to act on, if any.
 	$attachments = array();
-	if (isset($_GET['approve']))
-		$attachments[] = (int) $_GET['approve'];
-	elseif (isset($_GET['delete']))
-		$attachments[] = (int) $_GET['delete'];
-	elseif (isset($_POST['item']))
-		foreach ($_POST['item'] as $item)
+	if (isset($_GET['approve'])) {
+			$attachments[] = (int) $_GET['approve'];
+	} elseif (isset($_GET['delete'])) {
+			$attachments[] = (int) $_GET['delete'];
+	} elseif (isset($_POST['item'])) {
+			foreach ($_POST['item'] as $item)
 			$attachments[] = (int) $item;
+	}
 
 	// Are we approving or deleting?
-	if (isset($_GET['approve']) || (isset($_POST['do']) && $_POST['do'] == 'approve'))
-		$curAction = 'approve';
-	elseif (isset($_GET['delete']) || (isset($_POST['do']) && $_POST['do'] == 'delete'))
-		$curAction = 'delete';
+	if (isset($_GET['approve']) || (isset($_POST['do']) && $_POST['do'] == 'approve')) {
+			$curAction = 'approve';
+	} elseif (isset($_GET['delete']) || (isset($_POST['do']) && $_POST['do'] == 'delete')) {
+			$curAction = 'delete';
+	}
 
 	// Something to do, let's do it!
 	if (!empty($attachments) && isset($curAction))
@@ -372,17 +389,19 @@ 
 			)
 		);
 		$attachments = array();
-		while ($row = $smcFunc['db_fetch_assoc']($request))
-			$attachments[] = $row['id_attach'];
+		while ($row = $smcFunc['db_fetch_assoc']($request)) {
+					$attachments[] = $row['id_attach'];
+		}
 		$smcFunc['db_free_result']($request);
 
 		// Assuming it wasn't all like, proper illegal, we can do the approving.
 		if (!empty($attachments))
 		{
-			if ($curAction == 'approve')
-				ApproveAttachments($attachments);
-			else
-				removeAttachments(array('id_attach' => $attachments, 'do_logging' => true));
+			if ($curAction == 'approve') {
+							ApproveAttachments($attachments);
+			} else {
+							removeAttachments(array('id_attach' => $attachments, 'do_logging' => true));
+			}
 		}
 	}
 
@@ -682,15 +701,16 @@ 
 	{
 		approveTopics($topic, !$approved);
 
-		if ($starter != $user_info['id'])
-			logAction(($approved ? 'un' : '') . 'approve_topic', array('topic' => $topic, 'subject' => $subject, 'member' => $starter, 'board' => $board));
-	}
-	else
+		if ($starter != $user_info['id']) {
+					logAction(($approved ? 'un' : '') . 'approve_topic', array('topic' => $topic, 'subject' => $subject, 'member' => $starter, 'board' => $board));
+		}
+	} else
 	{
 		approvePosts($_REQUEST['msg'], !$approved);
 
-		if ($poster != $user_info['id'])
-			logAction(($approved ? 'un' : '') . 'approve', array('topic' => $topic, 'subject' => $subject, 'member' => $poster, 'board' => $board));
+		if ($poster != $user_info['id']) {
+					logAction(($approved ? 'un' : '') . 'approve', array('topic' => $topic, 'subject' => $subject, 'member' => $poster, 'board' => $board));
+		}
 	}
 
 	redirectexit('topic=' . $topic . '.msg' . $_REQUEST['msg'] . '#msg' . $_REQUEST['msg']);
@@ -716,8 +736,7 @@ 
 		{
 			logAction('approve_topic', array('topic' => $topic, 'subject' => $messageDetails[$topic]['subject'], 'member' => $messageDetails[$topic]['member'], 'board' => $messageDetails[$topic]['board']));
 		}
-	}
-	else
+	} else
 	{
 		approvePosts($messages);
 		// and tell the world about it again
@@ -745,8 +764,9 @@ 
 		)
 	);
 	$msgs = array();
-	while ($row = $smcFunc['db_fetch_row']($request))
-		$msgs[] = $row[0];
+	while ($row = $smcFunc['db_fetch_row']($request)) {
+			$msgs[] = $row[0];
+	}
 	$smcFunc['db_free_result']($request);
 
 	if (!empty($msgs))
@@ -765,8 +785,9 @@ 
 		)
 	);
 	$attaches = array();
-	while ($row = $smcFunc['db_fetch_row']($request))
-		$attaches[] = $row[0];
+	while ($row = $smcFunc['db_fetch_row']($request)) {
+			$attaches[] = $row[0];
+	}
 	$smcFunc['db_free_result']($request);
 
 	if (!empty($attaches))
@@ -794,12 +815,12 @@ 
 	{
 		removeTopics($messages);
 		// and tell the world about it
-		foreach ($messages as $topic)
-			// Note, only log topic ID in native form if it's not gone forever.
+		foreach ($messages as $topic) {
+					// Note, only log topic ID in native form if it's not gone forever.
 			logAction('remove', array(
 				(empty($modSettings['recycle_enable']) || $modSettings['recycle_board'] != $messageDetails[$topic]['board'] ? 'topic' : 'old_topic_id') => $topic, 'subject' => $messageDetails[$topic]['subject'], 'member' => $messageDetails[$topic]['member'], 'board' => $messageDetails[$topic]['board']));
-	}
-	else
+		}
+	} else
 	{
 		foreach ($messages as $post)
 		{