|
02.11.2005, 22:31
Часть 3
Открываем includes/functions_admin.php
Находим (76):
PHP код:
$sql = "SELECT forum_id, forum_name
FROM " . FORUMS_TABLE . "
ORDER BY cat_id, forum_order";
Заменяем на:
PHP код:
$sql = 'SELECT f.forum_id, f.forum_name
FROM ' . CATEGORIES_TABLE . ' c, ' . FORUMS_TABLE . ' f
WHERE f.cat_id = c.cat_id
ORDER BY c.cat_order, f.forum_order';
Находим (187):
PHP код:
$sql = ( $row['total_posts'] ) ? "UPDATE " . TOPICS_TABLE . " SET topic_replies = " . ( $row['total_posts'] - 1 ) . ", topic_first_post_id = " . $row['first_post'] . ", topic_last_post_id = " . $row['last_post'] . " WHERE topic_id = '$id'" : "DELETE FROM " . TOPICS_TABLE . " WHERE topic_id = '$id'";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update topic', '', __LINE__, __FILE__, $sql);
}
Заменяем на:
PHP код:
if ($row['total_posts'])
{
// Correct the details of this topic
$sql = 'UPDATE ' . TOPICS_TABLE . '
SET topic_replies = ' . ($row['total_posts'] - 1) . ', topic_first_post_id = ' . $row['first_post'] . ', topic_last_post_id = ' . $row['last_post'] . "
WHERE topic_id = $id";
if (!$db->sql_query($sql))
{
message_die(GENERAL_ERROR, 'Could not update topic', '', __LINE__, __FILE__, $sql);
}
}
else
{
// There are no replies to this topic
// Check if it is a move stub
$sql = 'SELECT topic_moved_id
FROM ' . TOPICS_TABLE . "
WHERE topic_id = $id";
if (!($result = $db->sql_query($sql)))
{
message_die(GENERAL_ERROR, 'Could not get topic ID', '', __LINE__, __FILE__, $sql);
}
if ($row = $db->sql_fetchrow($result))
{
if (!$row['topic_moved_id'])
{
$sql = 'DELETE FROM ' . TOPICS_TABLE . " WHERE topic_id = $id";
if (!$db->sql_query($sql))
{
message_die(GENERAL_ERROR, 'Could not remove topic', '', __LINE__, __FILE__, $sql);
}
}
}
$db->sql_freeresult($result);
}
Открываем includes/functions_post.php
Находим (216):
PHP код:
function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id, &$topic_type, &$bbcode_on, &$html_on, &$smilies_on, &$attach_sig, &$bbcode_uid, &$post_username, &$post_subject, &$post_message, &$poll_title, &$poll_options, &$poll_length)
Заменяем на:
PHP код:
function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id, &$topic_type, &$bbcode_on, &$html_on, &$smilies_on, &$attach_sig, &$bbcode_uid, $post_username, $post_subject, $post_message, $poll_title, &$poll_options, &$poll_length)
Находим (579):
PHP код:
if ($mode == 'delete')
{
$delete_sql = (!$post_data['first_post'] && !$post_data['last_post']) ? " AND user_id = " . $userdata['user_id'] : '';
$sql = "DELETE FROM " . TOPICS_WATCH_TABLE . " WHERE topic_id = '$topic_id'" . $delete_sql;
if (!$db->sql_query($sql))
{
message_die(GENERAL_ERROR, 'Could not change topic notify data', '', __LINE__, __FILE__, $sql);
}
}
else
Заменяем на:
Находим (760):
PHP код:
$page_title = $lang['Emoticons'] . " - $topic_title";
Заменяем на:
PHP код:
$page_title = $lang['Emoticons'];
Открываем includes/functions_search.php
Находим (95):
PHP код:
function split_words(&$entry, $mode = 'post')
Заменяем на:
PHP код:
function split_words($entry, $mode = 'post')
Открываем includes/functions_validate.php
Находим (41):
PHP код:
$sql = "SELECT username
FROM " . USERS_TABLE . "
WHERE LOWER(username) = '" . strtolower($username) . "'";
if ($result = $db->sql_query($sql))
{
if ($row = $db->sql_fetchrow($result))
Заменяем на:
PHP код:
$sql = "SELECT username
FROM " . USERS_TABLE . "
WHERE LOWER(username) = '" . strtolower($username) . "'";
if ($result = $db->sql_query($sql))
{
while ($row = $db->sql_fetchrow($result))
Находим (78):
PHP код:
if (preg_match("#\b(" . str_replace("\*", ".*?", phpbb_preg_quote($row['disallow_username'], '#')) . ")\b#i", $username))
Заменяем на:
PHP код:
if (preg_match("#\b(" . str_replace("\*", ".*?", preg_quote($row['disallow_username'], '#')) . ")\b#i", $username))
Находим (97):
PHP код:
if (preg_match("#\b(" . str_replace("\*", ".*?", phpbb_preg_quote($row['word'], '#')) . ")\b#i", $username))
Заменяем на:
PHP код:
if (preg_match("#\b(" . str_replace("\*", ".*?", preg_quote($row['word'], '#')) . ")\b#i", $username))
Открываем includes/page_header.php
Находим (472):
PHP код:
$template->assign_block_vars('switch_user_logged_out', array());
Ниже добавляем:
PHP код:
//
// Allow autologin?
//
if (!isset($board_config['allow_autologin']) || $board_config['allow_autologin'] )
{
$template->assign_block_vars('switch_allow_autologin', array());
$template->assign_block_vars('switch_user_logged_out.switch_a llow_autologin', array());
}
Открываем includes/page_tail.php
Находим (28):
PHP код:
//
// Show the overall footer.
//
Выше добавляем:
PHP код:
global $do_gzip_compress;
Ноходим (40):
PHP код:
'TRANSLATION_INFO' => ( isset($lang['TRANSLATION_INFO']) ) ? $lang['TRANSLATION_INFO'] : '',
Заменяем на:
PHP код:
'TRANSLATION_INFO' => (isset($lang['TRANSLATION_INFO'])) ? $lang['TRANSLATION_INFO'] : ((isset($lang['TRANSLATION'])) ? $lang['TRANSLATION'] : ''),
Часть 4
Открываем includes/sessions.php
Находим (62):
PHP код:
$last_visit = 0;
$current_time = time();
$expiry_time = $current_time - $board_config['session_length'];
//
// Try and pull the last time stored in a cookie, if it exists
//
$sql = "SELECT *
FROM " . USERS_TABLE . "
WHERE user_id = '$user_id'";
if ( !($result = $db->sql_query($sql)) )
{
message_die(CRITICAL_ERROR, 'Could not obtain lastvisit data from user table', '', __LINE__, __FILE__, $sql);
}
$userdata = $db->sql_fetchrow($result);
if ( $user_id != ANONYMOUS )
{
$auto_login_key = $userdata['user_password'];
if ( $auto_create )
{
if ( isset($sessiondata['autologinid']) && $userdata['user_active'] )
{
// We have to login automagically
if( $sessiondata['autologinid'] === $auto_login_key )
{
// autologinid matches password
$login = 1;
$enable_autologin = 1;
}
else
{
// No match; don't login, set as anonymous user
$login = 0;
$enable_autologin = 0;
$user_id = $userdata['user_id'] = ANONYMOUS;
$sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . ANONYMOUS;
$result = $db->sql_query($sql);
$userdata = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
}
}
else
{
// Autologin is not set. Don't login, set as anonymous user
$login = 0;
$enable_autologin = 0;
$user_id = $userdata['user_id'] = ANONYMOUS;
$sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . ANONYMOUS;
$result = $db->sql_query($sql);
$userdata = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
}
}
else
{
$login = 1;
}
}
else
{
$login = 0;
$enable_autologin = 0;
}
//
// Initial ban check against user id, IP and email address
//
Заменяем на:
PHP код:
$last_visit = 0;
$current_time = time();
//
// Are auto-logins allowed?
// If allow_autologin is not set or is true then they are
// (same behaviour as old 2.0.x session code)
//
if (isset($board_config['allow_autologin']) && !$board_config['allow_autologin'])
{
$enable_autologin = $sessiondata['autologinid'] = false;
}
//
// First off attempt to join with the autologin value if we have one
// If not, just use the user_id value
//
$userdata = array();
if ($user_id != ANONYMOUS)
{
if (isset($sessiondata['autologinid']) && (string) $sessiondata['autologinid'] != '' && $user_id)
{
$sql = 'SELECT u.*
FROM ' . USERS_TABLE . ' u, ' . SESSIONS_KEYS_TABLE . ' k
WHERE u.user_id = ' . (int) $user_id . "
AND u.user_active = 1
AND k.user_id = u.user_id
AND k.key_id = '" . md5($sessiondata['autologinid']) . "'";
if (!($result = $db->sql_query($sql)))
{
message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch', '', __LINE__, __FILE__, $sql);
}
$userdata = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$enable_autologin = $login = 1;
}
else if (!$auto_create)
{
$sessiondata['autologinid'] = '';
$sessiondata['userid'] = $user_id;
$sql = 'SELECT *
FROM ' . USERS_TABLE . '
WHERE user_id = ' . (int) $user_id . '
AND user_active = 1';
if (!($result = $db->sql_query($sql)))
{
message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch', '', __LINE__, __FILE__, $sql);
}
$userdata = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$login = 1;
}
}
//
// At this point either $userdata should be populated or
// one of the below is true
// * Key didn't match one in the DB
// * User does not exist
// * User is inactive
//
if (!sizeof($userdata) || !is_array($userdata) || !$userdata)
{
$sessiondata['autologinid'] = '';
$sessiondata['userid'] = $user_id = ANONYMOUS;
$enable_autologin = $login = 0;
$sql = 'SELECT *
FROM ' . USERS_TABLE . '
WHERE user_id = ' . (int) $user_id;
if (!($result = $db->sql_query($sql)))
{
message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch', '', __LINE__, __FILE__, $sql);
}
$userdata = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
}
//
// Initial ban check against user id, IP and email address
//
Находим (228):
PHP код:
{// ( $userdata['user_session_time'] > $expiry_time && $auto_create ) ? $userdata['user_lastvisit'] : (
Заменяем на:
Находим (245):
PHP код:
$sessiondata['autologinid'] = (!$admin) ? (( $enable_autologin && $sessionmethod == SESSION_METHOD_COOKIE ) ? $auto_login_key : '') : $sessiondata['autologinid'];
Заменяем на:
PHP код:
//
// Regenerate the auto-login key
//
if ($enable_autologin)
{
list($sec, $usec) = explode(' ', microtime());
mt_srand(hexdec(substr($session_id, 0, 8)) + (float) $sec + ((float) $usec * 1000000));
$auto_login_key = uniqid(mt_rand(), true);
if (isset($sessiondata['autologinid']) && (string) $sessiondata['autologinid'] != '')
{
$sql = 'UPDATE ' . SESSIONS_KEYS_TABLE . "
SET last_ip = '$user_ip', key_id = '" . md5($auto_login_key) . "', last_login = $current_time
WHERE key_id = '" . md5($sessiondata['autologinid']) . "'";
}
else
{
$sql = 'INSERT INTO ' . SESSIONS_KEYS_TABLE . "(key_id, user_id, last_ip, last_login)
VALUES ('" . md5($auto_login_key) . "', $user_id, '$user_ip', $current_time)";
}
if ( !$db->sql_query($sql) )
{
message_die(CRITICAL_ERROR, 'Error updating session key', '', __LINE__, __FILE__, $sql);
}
$sessiondata['autologinid'] = $auto_login_key;
unset($auto_login_key);
}
else
{
$sessiondata['autologinid'] = '';
}
// $sessiondata['autologinid'] = (!$admin) ? (( $enable_autologin && $sessionmethod == SESSION_METHOD_COOKIE ) ? $auto_login_key : '') : $sessiondata['autologinid'];
Найдите (291):
PHP код:
$userdata['session_admin'] = $admin;
Ниже добавьте:
PHP код:
$userdata['session_key'] = $sessiondata['autologinid'];
Найдите (404):
PHP код:
//
// Delete expired sessions
//
$expiry_time = $current_time - $board_config['session_length'];
$sql = "DELETE FROM " . SESSIONS_TABLE . "
WHERE session_time < '$expiry_time'
AND session_id <> '$session_id'";
if ( !$db->sql_query($sql) )
{
message_die(CRITICAL_ERROR, 'Error clearing sessions table', '', __LINE__, __FILE__, $sql);
}
Замените на:
PHP код:
session_clean($userdata['session_id']);
Находим (432):
PHP код:
//
// session_end closes out a session
// deleting the corresponding entry
// in the sessions table
//
function session_end($session_id, $user_id)
{
global $db, $lang, $board_config, $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $SID;
Заменяем на:
PHP код:
/**
* Terminates the specified session
* It will delete the entry in the sessions table for this session,
* remove the corresponding auto-login key and reset the cookies
*/
function session_end($session_id, $user_id)
{
global $db, $lang, $board_config, $userdata, $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $SID;
Находим и удаляем (448):
PHP код:
//
// Pull cookiedata or grab the URI propagated sid
//
if ( isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) )
{
$session_id = isset( $HTTP_COOKIE_VARS[$cookiename . '_sid'] ) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : '';
$sessionmethod = SESSION_METHOD_COOKIE;
}
else
{
$session_id = ( isset($HTTP_GET_VARS['sid']) ) ? $HTTP_GET_VARS['sid'] : '';
$sessionmethod = SESSION_METHOD_GET;
}
Находим (456):
PHP код:
$sql = "DELETE FROM " . SESSIONS_TABLE . "
Заменяем на:
PHP код:
$sql = 'DELETE FROM ' . SESSIONS_TABLE . "
Находим (461):
PHP код:
message_die(CRITICAL_ERROR, 'Error removing user session', '', __LINE__, __FILE__, $sql);
}
Ниже добавляем:
PHP код:
//
// Remove this auto-login entry (if applicable)
//
if ( isset($userdata['session_key']) && $userdata['session_key'] != '' )
{
$autologin_key = md5($userdata['session_key']);
$sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . '
WHERE user_id = ' . (int) $user_id . "
AND key_id = '$autologin_key'";
if ( !$db->sql_query($sql) )
{
message_die(CRITICAL_ERROR, 'Error removing auto-login key', '', __LINE__, __FILE__, $sql);
}
}
//
// We expect that message_die will be called after this function,
// but just in case it isn't, reset $userdata to the details for a guest
//
$sql = 'SELECT *
FROM ' . USERS_TABLE . '
WHERE user_id = ' . ANONYMOUS;
if ( !($result = $db->sql_query($sql)) )
{
message_die(CRITICAL_ERROR, 'Error obtaining user details', '', __LINE__, __FILE__, $sql);
}
if ( !($userdata = $db->sql_fetchrow($result)) )
{
message_die(CRITICAL_ERROR, 'Error obtaining user details', '', __LINE__, __FILE__, $sql);
}
$db->sql_freeresult($result);
Находим (503):
PHP код:
//
// Append $SID to a url. Borrowed from phplib and modified. This is an
Выше добавляем:
PHP код:
/**
* Removes expired sessions and auto-login keys from the database
*/
function session_clean($session_id)
{
global $board_config, $db;
//
// Delete expired sessions
//
$sql = 'DELETE FROM ' . SESSIONS_TABLE . '
WHERE session_time < ' . (time() - (int) $board_config['session_length']) . "
AND session_id <> '$session_id'";
if ( !$db->sql_query($sql) )
{
message_die(CRITICAL_ERROR, 'Error clearing sessions table', '', __LINE__, __FILE__, $sql);
}
//
// Delete expired auto-login keys
// If max_autologin_time is not set then keys will never be deleted
// (same behaviour as old 2.0.x session code)
//
if (!empty($board_config['max_autologin_time']) && $board_config['max_autologin_time'] > 0)
{
$sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . '
WHERE last_login < ' . (time() - (86400 * (int) $board_config['max_autologin_time']));
$db->sql_query($sql);
}
return true;
}
Находим (600):
PHP код:
if ( !empty($SID) && !preg_match('#sid=#', $url) )
{
$url .= ( ( strpos($url, '?') != false ) ? ( ( $non_html_amp ) ? '&' : '&' ) : '?' ) . $SID;
}
Заменяем на:
PHP код:
if ( !empty($SID) && !preg_match('#sid=#', $url) )
{
$url .= ( ( strpos($url, '?') !== false ) ? ( ( $non_html_amp ) ? '&' : '&' ) : '?' ) . $SID;
}
|
|