|
|
|
|
|
|
|
|
|
Обновляем форум phpBB 2.0.19 до 2.0.20
| |
#1 | |
|
13.04.2006, 02:09
Обновляем форум BBtoNuke с версии 2.0.19 до 2.0.20
Открываем modules/Forums/admin/admin_board.php
Находим (52):
PHP код:
$cookie_name = str_replace('.', '_', $new['cookie_name']); }
Заменяем на:
PHP код:
$new['cookie_name'] = str_replace('.', '_', $new['cookie_name']); } // Attempt to prevent a common mistake with this value, // http:// is the protocol and not part of the server name if ($config_name == 'server_name') { $new['server_name'] = str_replace('http://', '', $new['server_name']); }
Находим(197):
PHP код:
"L_DISABLED" => $lang['Disabled'], "L_ABILITIES_SETTINGS" => $lang['Abilities_settings'], "L_MAX_POLL_OPTIONS" => $lang['Max_poll_options'], "L_FLOOD_INTERVAL" => $lang['Flood_Interval'], "L_FLOOD_INTERVAL_EXPLAIN" => $lang['Flood_Interval_explain'],
Ниже добавляем:
PHP код:
"L_SEARCH_FLOOD_INTERVAL" => $lang['Search_Flood_Interval'], "L_SEARCH_FLOOD_INTERVAL_EXPLAIN" => $lang['Search_Flood_Interval_explain'],
Находим (285):
PHP код:
'AUTOLOGIN_TIME' => (int) $new['max_autologin_time'], "BOARD_EMAIL_FORM_ENABLE" => $board_email_form_yes, "BOARD_EMAIL_FORM_DISABLE" => $board_email_form_no, "MAX_POLL_OPTIONS" => $new['max_poll_options'], "FLOOD_INTERVAL" => $new['flood_interval'],
Ниже добавляем:
PHP код:
"SEARCH_FLOOD_INTERVAL" => $new['search_flood_interval'],
Открываем modules/Forums/admin/admin_db_utilities.php
Находим (507):
PHP код:
unset($schema_vals); unset($schema_fields); unset($schema_insert);
Заменяем на:
PHP код:
$schema_vals = ''; $schema_fields = ''; $schema_insert = '';
Находим (519):
Замените на:
Открываем modules/Forums/admin/admin_forums.php
Найдите (42):
PHP код:
"auth_post" => AUTH_ALL, "auth_reply" => AUTH_ALL,
Замените на:
PHP код:
"auth_post" => AUTH_REG, "auth_reply" => AUTH_REG,
Открываем modules/Forums/admin/admin_groups.php
Найдите (107):
PHP код:
$sql = "SELECT user_id, username FROM " . USERS_TABLE . " WHERE user_id <> " . ANONYMOUS . " ORDER BY username"; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not obtain user info for moderator list', '', __LINE__, __FILE__, $sql); } while ( $row = $db->sql_fetchrow($result) ) { if ( $row['user_id'] == $group_info['group_moderator'] ) { $group_moderator = $row['username']; }
Замените на:
PHP код:
if ($group_info['group_moderator'] != '') { $sql = "SELECT user_id, username FROM " . USERS_TABLE . " WHERE user_id = " . $group_info['group_moderator']; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not obtain user info for moderator list', '', __LINE__, __FILE__, $sql); } if ( !($row = $db->sql_fetchrow($result)) ) { message_die(GENERAL_ERROR, 'Could not obtain user info for moderator list', '', __LINE__, __FILE__, $sql); } $group_moderator = $row['username']; } else { $group_moderator = '';
Найдите (259):
PHP код:
$group_name = isset($HTTP_POST_VARS['group_name']) ? trim($HTTP_POST_VARS['group_name']) : '';
Замените на:
PHP код:
$group_name = isset($HTTP_POST_VARS['group_name']) ? htmlspecialchars(trim($HTTP_POST_VARS['group_name'])) : '';
Открываем modules/Forums/admin/admin_ranks.php
Найдите и удалите (22):
Найдите(25):
PHP код:
{ $file = basename(__FILE__); $module['Users']['Ranks'] = $file; return; }
Ниже добавьте:
Найдите (41):
PHP код:
$mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
Замените на:
PHP код:
$mode = (isset($HTTP_GET_VARS['mode'])) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
Найдите (58):
Ниже добавьте:
PHP код:
// Restrict mode input to valid options $mode = ( in_array($mode, array('add', 'edit', 'save', 'delete')) ) ? $mode : '';
Найдите (214):
PHP код:
} else { $rank_id = 0; } if( $rank_id )
Замените на:
PHP код:
} else { $rank_id = 0; } $confirm = isset($HTTP_POST_VARS['confirm']); if( $rank_id && $confirm )
|
|
|
|
|
|
"Если бы вам удалось надавать под зад человеку, виноватому в большинстве ваших неприятностей - вы бы неделю не смогли сидеть". |
|
|
|
|
|
|
|
|
|
|
|
|
13.04.2006, 02:30
Найдите (245):
PHP код:
else { message_die(GENERAL_MESSAGE, $lang['Must_select_rank']); } } else { // // They didn't feel like giving us any information. Oh, too bad, we'll just display the // list then... // $template->set_filenames(array( "body" => "admin/ranks_list_body.tpl") ); $sql = "SELECT * FROM " . RANKS_TABLE . " ORDER BY rank_min, rank_title"; if( !$result = $db->sql_query($sql) ) { message_die(GENERAL_ERROR, "Couldn't obtain ranks data", "", __LINE__, __FILE__, $sql); } $rank_rows = $db->sql_fetchrowset($result); $rank_count = count($rank_rows); $template->assign_vars(array( "L_RANKS_TITLE" => $lang['Ranks_title'], "L_RANKS_TEXT" => $lang['Ranks_explain'], "L_RANK" => $lang['Rank_title'], "L_RANK_MINIMUM" => $lang['Rank_minimum'], "L_SPECIAL_RANK" => $lang['Special_rank'], "L_EDIT" => $lang['Edit'], "L_DELETE" => $lang['Delete'], "L_ADD_RANK" => $lang['Add_new_rank'], "L_ACTION" => $lang['Action'], "S_RANKS_ACTION" => append_sid("admin_ranks.$phpEx")) ); for( $i = 0; $i < $rank_count; $i++) { $rank = $rank_rows[$i]['rank_title']; $special_rank = $rank_rows[$i]['rank_special']; $rank_id = $rank_rows[$i]['rank_id']; $rank_min = $rank_rows[$i]['rank_min']; if($special_rank) { $rank_min = $rank_max = "-"; } $row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2']; $row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2']; $template->assign_block_vars("ranks", array( "ROW_COLOR" => "#" . $row_color, "ROW_CLASS" => $row_class, "RANK" => $rank, "RANK_MIN" => $rank_min, "SPECIAL_RANK" => ( $special_rank == 1 ) ? $lang['Yes'] : $lang['No'], "U_RANK_EDIT" => append_sid("admin_ranks.$phpEx?mode=edit&id=$rank_id"), "U_RANK_DELETE" => append_sid("admin_ranks.$phpEx?mode=delete&id=$rank_id")) ); } } } else { // // Show the default page // $template->set_filenames(array( "body" => "admin/ranks_list_body.tpl") ); $sql = "SELECT * FROM " . RANKS_TABLE . " ORDER BY rank_min ASC, rank_special ASC"; if( !$result = $db->sql_query($sql) ) { message_die(GENERAL_ERROR, "Couldn't obtain ranks data", "", __LINE__, __FILE__, $sql); } $rank_count = $db->sql_numrows($result); $rank_rows = $db->sql_fetchrowset($result); $template->assign_vars(array( "L_RANKS_TITLE" => $lang['Ranks_title'], "L_RANKS_TEXT" => $lang['Ranks_explain'], "L_RANK" => $lang['Rank_title'], "L_RANK_MINIMUM" => $lang['Rank_minimum'], "L_SPECIAL_RANK" => $lang['Rank_special'], "L_EDIT" => $lang['Edit'], "L_DELETE" => $lang['Delete'], "L_ADD_RANK" => $lang['Add_new_rank'], "L_ACTION" => $lang['Action'], "S_RANKS_ACTION" => append_sid("admin_ranks.$phpEx")) ); for($i = 0; $i < $rank_count; $i++) { $rank = $rank_rows[$i]['rank_title']; $special_rank = $rank_rows[$i]['rank_special']; $rank_id = $rank_rows[$i]['rank_id']; $rank_min = $rank_rows[$i]['rank_min']; if( $special_rank == 1 ) { $rank_min = $rank_max = "-"; } $row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2']; $row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2']; $rank_is_special = ( $special_rank ) ? $lang['Yes'] : $lang['No']; $template->assign_block_vars("ranks", array( "ROW_COLOR" => "#" . $row_color, "ROW_CLASS" => $row_class, "RANK" => $rank, "SPECIAL_RANK" => $rank_is_special, "RANK_MIN" => $rank_min, "U_RANK_EDIT" => append_sid("admin_ranks.$phpEx?mode=edit&id=$rank_id"), "U_RANK_DELETE" => append_sid("admin_ranks.$phpEx?mode=delete&id=$rank_id")) ); }
Замените на:
PHP код:
elseif( $rank_id && !$confirm) { // Present the confirmation screen to the user $template->set_filenames(array( 'body' => 'admin/confirm_body.tpl') ); $hidden_fields = '<input type="hidden" name="mode" value="delete" /><input type="hidden" name="id" value="' . $rank_id . '" />'; $template->assign_vars(array( 'MESSAGE_TITLE' => $lang['Confirm'], 'MESSAGE_TEXT' => $lang['Confirm_delete_rank'], 'L_YES' => $lang['Yes'], 'L_NO' => $lang['No'], 'S_CONFIRM_ACTION' => append_sid("admin_ranks.$phpEx"), 'S_HIDDEN_FIELDS' => $hidden_fields) ); } else { message_die(GENERAL_MESSAGE, $lang['Must_select_rank']); } } $template->pparse("body"); include('./page_footer_admin.'.$phpEx); } // // Show the default page // $template->set_filenames(array( "body" => "admin/ranks_list_body.tpl") ); $sql = "SELECT * FROM " . RANKS_TABLE . " ORDER BY rank_min ASC, rank_special ASC"; if( !$result = $db->sql_query($sql) ) { message_die(GENERAL_ERROR, "Couldn't obtain ranks data", "", __LINE__, __FILE__, $sql); } $rank_count = $db->sql_numrows($result); $rank_rows = $db->sql_fetchrowset($result); $template->assign_vars(array( "L_RANKS_TITLE" => $lang['Ranks_title'], "L_RANKS_TEXT" => $lang['Ranks_explain'], "L_RANK" => $lang['Rank_title'], "L_RANK_MINIMUM" => $lang['Rank_minimum'], "L_SPECIAL_RANK" => $lang['Rank_special'], "L_EDIT" => $lang['Edit'], "L_DELETE" => $lang['Delete'], "L_ADD_RANK" => $lang['Add_new_rank'], "L_ACTION" => $lang['Action'], "S_RANKS_ACTION" => append_sid("admin_ranks.$phpEx")) ); for($i = 0; $i < $rank_count; $i++) { $rank = $rank_rows[$i]['rank_title']; $special_rank = $rank_rows[$i]['rank_special']; $rank_id = $rank_rows[$i]['rank_id']; $rank_min = $rank_rows[$i]['rank_min']; if( $special_rank == 1 ) { $rank_min = $rank_max = "-"; } $row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2']; $row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2']; $rank_is_special = ( $special_rank ) ? $lang['Yes'] : $lang['No']; $template->assign_block_vars("ranks", array( "ROW_COLOR" => "#" . $row_color, "ROW_CLASS" => $row_class, "RANK" => $rank, "SPECIAL_RANK" => $rank_is_special, "RANK_MIN" => $rank_min, "U_RANK_EDIT" => append_sid("admin_ranks.$phpEx?mode=edit&id=$rank_id"), "U_RANK_DELETE" => append_sid("admin_ranks.$phpEx?mode=delete&id=$rank_id")) );
Открываем modules/Forums/admin/admin_smilies.php
Найдите (319):
PHP код:
$sql = "DELETE FROM " . SMILIES_TABLE . " WHERE smilies_id = " . $smiley_id; $result = $db->sql_query($sql); if( !$result ) { message_die(GENERAL_ERROR, "Couldn't delete smiley", "", __LINE__, __FILE__, $sql); } $message = $lang['smiley_del_success'] . "<br /><br />" . sprintf($lang['Click_return_smileadmin'], "<a href=\"" . append_sid("admin_smilies.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>"); message_die(GENERAL_MESSAGE, $message);
Замените на:
PHP код:
$confirm = isset($HTTP_POST_VARS['confirm']); if( $confirm ) { $sql = "DELETE FROM " . SMILIES_TABLE . " WHERE smilies_id = " . $smiley_id; $result = $db->sql_query($sql); if( !$result ) { message_die(GENERAL_ERROR, "Couldn't delete smiley", "", __LINE__, __FILE__, $sql); } $message = $lang['smiley_del_success'] . "<br /><br />" . sprintf($lang['Click_return_smileadmin'], "<a href=\"" . append_sid("admin_smilies.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>"); message_die(GENERAL_MESSAGE, $message); } else { // Present the confirmation screen to the user $template->set_filenames(array( 'body' => 'admin/confirm_body.tpl') ); $hidden_fields = '<input type="hidden" name="mode" value="delete" /><input type="hidden" name="id" value="' . $smiley_id . '" />'; $template->assign_vars(array( 'MESSAGE_TITLE' => $lang['Confirm'], 'MESSAGE_TEXT' => $lang['Confirm_delete_smiley'], 'L_YES' => $lang['Yes'], 'L_NO' => $lang['No'], 'S_CONFIRM_ACTION' => append_sid("admin_smilies.$phpEx"), 'S_HIDDEN_FIELDS' => $hidden_fields) ); $template->pparse('body'); }
|
|
|
|
|
|
"Если бы вам удалось надавать под зад человеку, виноватому в большинстве ваших неприятностей - вы бы неделю не смогли сидеть". |
|
|
|
|
|
|
|
|
|
|
|
|
13.04.2006, 02:38
Найдите (430):
PHP код:
$smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? trim($HTTP_POST_VARS['smile_code']) : trim($HTTP_GET_VARS['smile_code']); $smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? trim($HTTP_POST_VARS['smile_url']) : trim($HTTP_GET_VARS['smile_url']); $smile_url = phpbb_ltrim(basename($smile_url), "'"); $smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? trim($HTTP_POST_VARS['smile_emotion']) : trim($HTTP_GET_VARS['smile_emotion']); $smile_id = ( isset($HTTP_POST_VARS['smile_id']) ) ? intval($HTTP_POST_VARS['smile_id']) : intval($HTTP_GET_VARS['smile_id']);
Замените на:
PHP код:
$smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? trim($HTTP_POST_VARS['smile_code']) : ''; $smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? trim($HTTP_POST_VARS['smile_url']) : ''; $smile_url = phpbb_ltrim(basename($smile_url), "'"); $smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? htmlspecialchars(trim($HTTP_POST_VARS['smile_emotion'])) : ''; $smile_id = ( isset($HTTP_POST_VARS['smile_id']) ) ? intval($HTTP_POST_VARS['smile_id']) : 0; $smile_code = trim($smile_code); $smile_url = trim($smile_url);
Найдите:
PHP код:
$smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? $HTTP_POST_VARS['smile_code'] : $HTTP_GET_VARS['smile_code']; $smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? $HTTP_POST_VARS['smile_url'] : $HTTP_GET_VARS['smile_url']; $smile_url = phpbb_ltrim(basename($smile_url), "'"); $smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion']; $smile_code = trim($smile_code); $smile_url = trim($smile_url); $smile_emotion = trim($smile_emotion);
Замените на:
PHP код:
$smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? $HTTP_POST_VARS['smile_code'] : ''; $smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? $HTTP_POST_VARS['smile_url'] : ''; $smile_url = phpbb_ltrim(basename($smile_url), "'"); $smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? htmlspecialchars(trim($HTTP_POST_VARS['smile_emotion'])) : ''; $smile_code = trim($smile_code); $smile_url = trim($smile_url);
Открываем modules/Forums/admin/admin_users.php
Найдите (254):
PHP код:
$user_style = ( $HTTP_POST_VARS['style'] ) ? intval( $HTTP_POST_VARS['style'] ) : $board_config['default_style']; $user_lang = ( $HTTP_POST_VARS['language'] ) ? $HTTP_POST_VARS['language'] : $board_config['default_lang']; $user_timezone = ( isset( $HTTP_POST_VARS['timezone']) ) ? doubleval( $HTTP_POST_VARS['timezone'] ) : $board_config['board_timezone']; $user_template = ( $HTTP_POST_VARS['template'] ) ? $HTTP_POST_VARS['template'] : $board_config['board_template'];
Замените на:
PHP код:
$user_style = ( isset( $HTTP_POST_VARS['style'] ) ) ? intval( $HTTP_POST_VARS['style'] ) : $board_config['default_style']; $user_lang = ( $HTTP_POST_VARS['language'] ) ? $HTTP_POST_VARS['language'] : $board_config['default_lang']; $user_timezone = ( isset( $HTTP_POST_VARS['timezone']) ) ? doubleval( $HTTP_POST_VARS['timezone'] ) : $board_config['board_timezone'];
Найдите (698):
PHP код:
$message .= $lang['Admin_user_updated']; } else { $error = TRUE; $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Admin_user_fail'];
Замените на:
PHP код:
// We remove all stored login keys since the password has been updated // and change the current one (if applicable) if ( !empty($passwd_sql) ) { session_reset_keys($user_id, $user_ip); } $message .= $lang['Admin_user_updated']; } else { message_die(GENERAL_ERROR, 'Admin_user_fail', '', __LINE__, __FILE__, $sql);
Открываем modules/Forums/admin/admin_words.php
Найдите и удалите (22):
Найдите (24):
PHP код:
{ $file = basename(__FILE__); $module['General']['Word_Censor'] = $file; return; }
Ниже добавьте:
Найдите (39):
PHP код:
$mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
Замените на:
PHP код:
$mode = (isset($HTTP_GET_VARS['mode'])) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
Найдите (56):
Ниже добавьте:
PHP код:
// Restrict mode input to valid options $mode = ( in_array($mode, array('add', 'edit', 'save', 'delete')) ) ? $mode : '';
Найдите (68):
PHP код:
$template->set_filenames(array( "body" => "admin/words_edit_body.tpl") );
Ниже добавьте:
PHP код:
$word_info = array('word' => '', 'replacement' => '');
Найдите (155):
PHP код:
else { $word_id = 0; } if( $word_id )
Замените на:
PHP код:
else { $word_id = 0; } $confirm = isset($HTTP_POST_VARS['confirm']); if( $word_id && $confirm )
Найдите (168):
PHP код:
} $message = $lang['Word_removed'] . "<br /><br />" . sprintf($lang['Click_return_wordadmin'], "<a href=\"" . append_sid("admin_words.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>"); message_die(GENERAL_MESSAGE, $message);
Ниже добавьте:
PHP код:
} elseif( $word_id && !$confirm) { // Present the confirmation screen to the user $template->set_filenames(array( 'body' => 'admin/confirm_body.tpl') ); $hidden_fields = '<input type="hidden" name="mode" value="delete" /><input type="hidden" name="id" value="' . $word_id . '" />'; $template->assign_vars(array( 'MESSAGE_TITLE' => $lang['Confirm'], 'MESSAGE_TEXT' => $lang['Confirm_delete_word'], 'L_YES' => $lang['Yes'], 'L_NO' => $lang['No'], 'S_CONFIRM_ACTION' => append_sid("admin_words.$phpEx"), 'S_HIDDEN_FIELDS' => $hidden_fields) );
Найдите (211):
PHP код:
{ message_die(GENERAL_ERROR, "Could not query words table", $lang['Error'], __LINE__, __FILE__, $sql); } $word_rows = $db->sql_fetchrowset($result);
Ниже добавьте:
PHP код:
$db->sql_freeresult($result);
Открываем modules/Forums/admin/page_header_admin.php
Находим (138):
PHP код:
$template->pparse('header');
Выше добавляем:
PHP код:
// Work around for "current" Apache 2 + PHP module which seems to not // cope with private cache control setting if (!empty($HTTP_SERVER_VARS['SERVER_SOFTWARE']) && strstr($HTTP_SERVER_VARS['SERVER_SOFTWARE'], 'Apache/2')) { header ('Cache-Control: no-cache, pre-check=0, post-check=0'); } else { header ('Cache-Control: private, pre-check=0, post-check=0, max-age=0'); } header ('Expires: 0'); header ('Pragma: no-cache');
Последний раз редактировалось Soniks, 14.04.2006 в 16:39.
|
|
|
|
|
|
"Если бы вам удалось надавать под зад человеку, виноватому в большинстве ваших неприятностей - вы бы неделю не смогли сидеть". |
|
|
|
|
|
|
|
|
|
|
|
|
13.04.2006, 02:59
Открываем modules/Forums/common.php
Находим (169):
PHP код:
$userdata = array(); $theme = array(); $images = array(); $lang = array(); $nav_links = array();
Ниже добавляем:
Открываем db/mssql.php
Находим (292):
PHP код:
$row[$key] = stripslashes($value);
Замените на:
PHP код:
$row[$key] = ($value === ' ') ? '' : stripslashes($value);
Найдите (320):
PHP код:
$rowset[$i][$key] = stripslashes($value);
Замените на:
PHP код:
$rowset[$i][$key] = ($value === ' ') ? '' : stripslashes($value);
Найдите (259):
PHP код:
$result = stripslashes($this->row[$query_id][$field]);
Замените на:
PHP код:
$result = ($this->row[$query_id][$field] === ' ') ? '' : stripslashes($this->row[$query_id][$field]);
Открываем includes/auth.php
Найдите (276):
PHP код:
{ for($k = 0; $k < count($f_access); $k++) { $value = $f_access[$k][$key]; $f_forum_id = $f_access[$k]['forum_id'];
Ниже добавьте:
PHP код:
$u_access[$f_forum_id] = isset($u_access[$f_forum_id]) ? $u_access[$f_forum_id] : array();
Найдите (325):
PHP код:
else { for($k = 0; $k < count($f_access); $k++) { $f_forum_id = $f_access[$k]['forum_id'];
Ниже добавьте:
PHP код:
$u_access[$f_forum_id] = isset($u_access[$f_forum_id]) ? $u_access[$f_forum_id] : array();
Открываем includes/bbcode.php
Найдите (198):
PHP код:
$patterns[] = "#\[img:$uid\]([^?].*?)\[/img:$uid\]#i"; $replacements[] = $bbcode_tpl['img']; // matches a xxxx://www.phpbb.com code.. $patterns[] = "#\[url\]([\w]+?://([\w\#$%&~/.\-;:=,?@\]+]|\[(?!url=))*?)\[/url\]#is"; $replacements[] = $bbcode_tpl['url1']; // www.phpbb.com code.. (no xxxx:// prefix). $patterns[] = "#\[url\]((www|ftp)\.([\w\#$%&~/.\-;:=,?@\]+]|\[(?!url=))*?)\[/url\]#is";
Замените на:
PHP код:
$patterns[] = "#\[img:$uid\]([^?](?:[^\[]+|\[(?!url))*?)\[/img:$uid\]#i"; $replacements[] = $bbcode_tpl['img']; // matches a xxxx://www.phpbb.com code.. $patterns[] = "#\[url\]([\w]+?://([\w\#$%&~/.\-;:=,?@\]+]+|\[(?!url=))*?)\[/url\]#is"; $replacements[] = $bbcode_tpl['url1']; // www.phpbb.com code.. (no xxxx:// prefix). $patterns[] = "#\[url\]((www|ftp)\.([\w\#$%&~/.\-;:=,?@\]+]+|\[(?!url=))*?)\[/url\]#is";
Найдите (237):
Замените на:
Открываем includes/functions.php
Найдите (142):
Ниже добавьте: (изменено)
PHP код:
/** * Our own generator of random values * This uses a constantly changing value as the base for generating the values * The board wide setting is updated once per page if this code is called * With thanks to Anthrax101 for the inspiration on this one * Added in phpBB 2.0.20 */ function dss_rand() { global $db, $board_config, $dss_seeded; $val = $board_config['rand_seed'] . microtime(); $val = md5($val); $board_config['rand_seed'] = md5($board_config['rand_seed'] . $val . 'a'); if($dss_seeded !== true) { $sql = "UPDATE " . CONFIG_TABLE . " SET config_value = '" . $board_config['rand_seed'] . "' WHERE config_name = 'rand_seed'"; if( !$db->sql_query($sql) ) { message_die(GENERAL_ERROR, "Unable to reseed PRNG", "", __LINE__, __FILE__, $sql); } $dss_seeded = true; } return substr($val, 4, 16); }
Найдите (419):
PHP код:
message_die(CRITICAL_ERROR, "Could not get theme data for themes_id [$style]");
Замените на:
PHP код:
// We are trying to setup a style which does not exist in the database // Try to fallback to the board default (if the user had a custom style) // and then any users using this style to the default if it succeeds if ( $style != $board_config['default_style']) { $sql = 'SELECT * FROM ' . THEMES_TABLE . ' WHERE themes_id = ' . $board_config['default_style']; if ( !($result = $db->sql_query($sql)) ) { message_die(CRITICAL_ERROR, 'Could not query database for theme info'); } if ( $row = $db->sql_fetchrow($result) ) { $db->sql_freeresult($result); $sql = 'UPDATE ' . USERS_TABLE . ' SET user_style = ' . $board_config['default_style'] . " WHERE user_style = $style"; if ( !($result = $db->sql_query($sql)) ) { message_die(CRITICAL_ERROR, 'Could not update user theme info'); } } else { message_die(CRITICAL_ERROR, "Could not get theme data for themes_id [$style]"); } } else { message_die(CRITICAL_ERROR, "Could not get theme data for themes_id [$style]"); }
Найдите (725):
PHP код:
$debug_text .= '</br /><br />Line : ' . $err_line . '<br />File : ' . basename($err_file);
Замените на:
PHP код:
$debug_text .= '<br /><br />Line : ' . $err_line . '<br />File : ' . basename($err_file);
Найдите (752):
PHP код:
if ( empty($template) ) { $ThemeSel = get_theme(); if (file_exists("themes/$ThemeSel/forums/".$board_config['board_template']."/index_body.tpl")) { $template = new Template("themes/$ThemeSel/forums/".$board_config['board_template'].""); } else { $template = new Template($phpbb_root_path . 'templates/' . $board_config['board_template']); } } if ( empty($theme) )
Замените на:
PHP код:
if ( empty($template) || empty($theme) )
Последний раз редактировалось Soniks, 28.04.2006 в 01:45.
|
|
|
|
|
|
"Если бы вам удалось надавать под зад человеку, виноватому в большинстве ваших неприятностей - вы бы неделю не смогли сидеть". |
|
|
|
|
|
|
|
|
|
|
|
|
13.04.2006, 21:18
Открываем includes/functions_post.php
Находим (51):
PHP код:
$allowed_html_tags = split(',', $board_config['allow_html_tags']); $end_html = 0; $start_html = 1; $tmp_message = ''; $message = ' ' . $message . ' '; while ($start_html = strpos($message, '<', $start_html)) { $tmp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($message, $end_html + 1, ($start_html - $end_html - 1))); if ($end_html = strpos($message, '>', $start_html)) { $length = $end_html - $start_html + 1; $hold_string = substr($message, $start_html, $length); if (($unclosed_open = strrpos(' ' . $hold_string, '<')) != 1) { $tmp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($hold_string, 0, $unclosed_open - 1)); $hold_string = substr($hold_string, $unclosed_open - 1); } $tagallowed = false; for ($i = 0; $i < sizeof($allowed_html_tags); $i++) { $match_tag = trim($allowed_html_tags[$i]); if (preg_match('#^<\/?' . $match_tag . '[> ]#i', $hold_string)) { $tagallowed = (preg_match('#^<\/?' . $match_tag . ' .*?(style[\t ]*?=|on[\w]+[\t ]*?=)#i', $hold_string)) ? false : true; } } $tmp_message .= ($length && !$tagallowed) ? preg_replace($html_entities_match, $html_entities_replace, $hold_string) : $hold_string; $start_html += $length; } else { $tmp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($message, $start_html, strlen($message))); $start_html = strlen($message); $end_html = $start_html; } } if (!$end_html || ($end_html != strlen($message) && $tmp_message != '')) { $tmp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($message, $end_html + 1)); } $message = ($tmp_message != '') ? trim($tmp_message) : trim($message);
Заменяем на: (изменено)
PHP код:
// If HTML is on, we try to make it safe // This approach is quite agressive and anything that does not look like a valid tag // is going to get converted to HTML entities $message = stripslashes($message); $html_match = '#<[^\w<]*(\w+)((?:"[^"]*"|\'[^\']*\'|[^<>\'"])+)?>#'; $matches = array(); $message_split = preg_split($html_match, $message); preg_match_all($html_match, $message, $matches); $message = ''; foreach ($message_split as $part) { $tag = array(array_shift($matches[0]), array_shift($matches[1]), array_shift($matches[2])); $message .= htmlspecialchars($part) . clean_html($tag); } $message = addslashes($message); $message = str_replace('"', '\"', $message);
Находим (161):
PHP код:
$temp_option_text[$option_id] = htmlspecialchars($option_text);
Заменяем на:
PHP код:
$temp_option_text[intval($option_id)] = htmlspecialchars($option_text);
Находим (824):
PHP код:
include("includes/page_tail_review.php"); } }
Ниже добавьте:
PHP код:
/** * Called from within prepare_message to clean included HTML tags if HTML is * turned on for that post * @param array $tag Matching text from the message to parse */ function clean_html($tag) { global $board_config; if (empty($tag[0])) { return ''; } $allowed_html_tags = preg_split('/, */', strtolower($board_config['allow_html_tags'])); $disallowed_attributes = '/^(?:style|on)/i'; // Check if this is an end tag preg_match('/<[^\w\/]*\/[\W]*(\w+)/', $tag[0], $matches); if (sizeof($matches)) { if (in_array(strtolower($matches[1]), $allowed_html_tags)) { return '</' . $matches[1] . '>'; } else { return htmlspecialchars('</' . $matches[1] . '>'); } } // Check if this is an allowed tag if (in_array(strtolower($tag[1]), $allowed_html_tags)) { $attributes = ''; if (!empty($tag[2])) { preg_match_all('/[\W]*?(\w+)[\W]*?=[\W]*?(["\'])((?:(?!\2).)*)\2/', $tag[2], $test); for ($i = 0; $i < sizeof($test[0]); $i++) { if (preg_match($disallowed_attributes, $test[1][$i])) { continue; } $attributes .= ' ' . $test[1][$i] . '=' . $test[2][$i] . str_replace(array('[', ']'), array('[', ']'), htmlspecialchars($test[3][$i])) . $test[2][$i]; } } if (in_array(strtolower($tag[1]), $allowed_html_tags)) { return '<' . $tag[1] . $attributes . '>'; } else { return htmlspecialchars('<' . $tag[1] . $attributes . '>'); } } // Finally, this is not an allowed tag so strip all the attibutes and escape it else { return htmlspecialchars('<' . $tag[1] . '>'); } }
Открываем modules/Forums/prune.php
Находим (72):
PHP код:
function prune($forum_id, $prune_date, $prune_all = false) { global $db, $lang;
Ниже добавляем:
PHP код:
// Before pruning, lets try to clean up the invalid topic entries $sql = 'SELECT topic_id FROM ' . TOPICS_TABLE . ' WHERE topic_last_post_id = 0'; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not obtain lists of topics to sync', '', __LINE__, __FILE__, $sql); } while( $row = $db->sql_fetchrow($result) ) { sync('topic', $row['topic_id']); } $db->sql_freeresult($result);
Находим (98):
PHP код:
AND ( p.post_id = t.topic_last_post_id OR t.topic_last_post_id = '0' )";
Заменяем на:
PHP код:
AND p.post_id = t.topic_last_post_id";
Открываем modules/Forums/sessions.php
Находим (183):
PHP код:
list($sec, $usec) = explode(' ', microtime()); mt_srand((float) $sec + ((float) $usec * 100000)); $session_id = md5(uniqid(mt_rand(), true));
Заменяем на:
PHP код:
$session_id = md5(dss_rand());
Находим (245):
PHP код:
list($sec, $usec) = explode(' ', microtime()); mt_srand(hexdec(substr($session_id, 0, 8)) + (float) $sec + ((float) $usec * 1000000)); $auto_login_key = uniqid(mt_rand(), true);
Заменяем на:
PHP код:
$auto_login_key = dss_rand() . dss_rand();
Находим (519):
PHP код:
WHERE last_login < ' . (time() - (86400 * (int) $board_config['max_autologin_time'])); $db->sql_query($sql); } return true; }
Ниже добавляем:
PHP код:
/** * Reset all login keys for the specified user * Called on password changes */ function session_reset_keys($user_id, $user_ip) { global $db, $userdata; $key_sql = ($user_id == $userdata['user_id'] && !empty($userdata['session_key'])) ? "AND key_id != '" . md5($userdata['session_key']) . "'" : ''; $sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . ' WHERE user_id = ' . (int) $user_id . " $key_sql"; if ( !$db->sql_query($sql) ) { message_die(CRITICAL_ERROR, 'Error removing auto-login keys', '', __LINE__, __FILE__, $sql); } $where_sql = 'session_user_id = ' . (int) $user_id; $where_sql .= ($user_id == $userdata['user_id']) ? " AND session_id <> '" . $userdata['session_id'] . "'" : ''; $sql = 'DELETE FROM ' . SESSIONS_TABLE . " WHERE $where_sql"; if ( !$db->sql_query($sql) ) { message_die(CRITICAL_ERROR, 'Error removing user session(s)', '', __LINE__, __FILE__, $sql); } if ( !empty($key_sql) ) { $auto_login_key = dss_rand() . dss_rand(); $current_time = time(); $sql = 'UPDATE ' . SESSIONS_KEYS_TABLE . " SET last_ip = '$user_ip', key_id = '" . md5($auto_login_key) . "', last_login = $current_time WHERE key_id = '" . md5($userdata['session_key']) . "'"; if ( !$db->sql_query($sql) ) { message_die(CRITICAL_ERROR, 'Error updating session key', '', __LINE__, __FILE__, $sql); } // And now rebuild the cookie $sessiondata['userid'] = $user_id; $sessiondata['autologinid'] = $autologin_id; $cookiename = $board_config['cookie_name']; $cookiepath = $board_config['cookie_path']; $cookiedomain = $board_config['cookie_domain']; $cookiesecure = $board_config['cookie_secure']; setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure); $userdata['session_key'] = $auto_login_key; unset($sessiondata); unset($auto_login_key); } }
Последний раз редактировалось Soniks, 28.04.2006 в 01:46.
|
|
|
|
|
|
"Если бы вам удалось надавать под зад человеку, виноватому в большинстве ваших неприятностей - вы бы неделю не смогли сидеть". |
|
|
|
|
|
|
|
|
|
|
|
|
13.04.2006, 21:41
Открываем includes/usercp_avatar.php
Находим (103):
PHP код:
if ( !preg_match('#^(http)|(ftp):\/\/#i', $avatar_filename) ) { $avatar_filename = 'http://' . $avatar_filename; }
Ниже добавляем:
PHP код:
$avatar_filename = substr($avatar_filename, 0, 100);
Открываем includes/usercp_register.php
Находим (135):
PHP код:
$signature = str_replace('<br />', "\n", $signature);
Заменяем на:
PHP код:
$signature = (isset($signature)) ? str_replace('<br />', "\n", $signature) : ''; $signature_bbcode_uid = '';
Находим и удаляем (298):
PHP код:
// Only compare one char if the zlib-extension is not loaded if (!@extension_loaded('zlib')) { $row['code'] = substr($row['code'], -1); }
Находим (519):
PHP код:
if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not update users table', '', __LINE__, __FILE__, $sql); }
Ниже добавляем:
PHP код:
// We remove all stored login keys since the password has been updated // and change the current one (if applicable) if ( !empty($passwd_sql) ) { session_reset_keys($user_id, $user_ip); }
Находим (788):
PHP код:
// // If an error occured we need to stripslashes on returned data // $username = stripslashes($username); $email = stripslashes($email);
Ниже добавляем:
Находим (813):
PHP код:
else if ( $mode == 'editprofile' && !isset($HTTP_POST_VARS['avatargallery']) && !isset($HTTP_POST_VARS['submitavatar']) && !isset($HTTP_POST_VARS['cancelavatar']) ) { $user_id = $userdata['user_id']; $username = $userdata['username']; $email = $userdata['user_email'];
Ниже добавляем:
Находим (1011):
PHP код:
$confirm_chars = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '1', '2', '3', '4', '5', '6', '7', '8', '9'); list($usec, $sec) = explode(' ', microtime()); mt_srand($sec * $usec); $max_chars = count($confirm_chars) - 1; $code = ''; for ($i = 0; $i < 6; $i++) { $code .= $confirm_chars[mt_rand(0, $max_chars)]; }
Заменяем на:
PHP код:
// Generate the required confirmation code // NB 0 (zero) could get confused with O (the letter) so we make change it $code = dss_rand(); $code = strtoupper(str_replace('0', 'o', substr($code, 6)));
Находим (1042):
PHP код:
'USERNAME' => $username, 'CUR_PASSWORD' => $cur_password, 'NEW_PASSWORD' => $new_password, 'PASSWORD_CONFIRM' => $password_confirm, 'EMAIL' => $email,
Заменяем на:
PHP код:
'USERNAME' => isset($username) ? $username : '', 'CUR_PASSWORD' => isset($cur_password) ? $cur_password : '', 'NEW_PASSWORD' => isset($new_password) ? $new_password : '', 'PASSWORD_CONFIRM' => isset($password_confirm) ? $password_confirm : '', 'EMAIL' => isset($email) ? $email : '',
Открываем modules/Forums/index.php
Находим (133):
PHP код:
while( $category_rows[] = $db->sql_fetchrow($result) );
Заменяем на:
PHP код:
while ($row = $db->sql_fetchrow($result)) { $category_rows[] = $row; }
Находим (318):
PHP код:
// Okay, let's build the index // for($i = 0; $i < $total_categories; $i++) { $cat_id = $category_rows[$i]['cat_id']; // // Should we display this category/forum set? // $display_forums = false; for($j = 0; $j < $total_forums; $j++) { if ( $is_auth_ary[$forum_data[$j]['forum_id']]['auth_view'] && $forum_data[$j]['cat_id'] == $cat_id ) { $display_forums = true; } } // // Yes, we should, so first dump out the category // title, then, if appropriate the forum list // if ( $display_forums )
Заменяем на:
PHP код:
// Let's decide which categories we should display // $display_categories = array(); for ($i = 0; $i < $total_forums; $i++ ) { if ($is_auth_ary[$forum_data[$i]['forum_id']]['auth_view']) { $display_categories[$forum_data[$i]['cat_id']] = true; } } // // Okay, let's build the index // for($i = 0; $i < $total_categories; $i++) { $cat_id = $category_rows[$i]['cat_id']; // // Yes, we should, so first dump out the category // title, then, if appropriate the forum list // if (isset($display_categories[$cat_id]) && $display_categories[$cat_id])
|
|
|
|
|
|
"Если бы вам удалось надавать под зад человеку, виноватому в большинстве ваших неприятностей - вы бы неделю не смогли сидеть". |
|
|
|
|
|
|
|
|
|
|
|
|
14.04.2006, 14:22
Открываем modules/Forums/language/lang_english/email/group_request.tpl
Находим (6):
Код:
A user has requested to join a group you moderator on {SITENAME}.
Заменяем на:
Код:
A user has requested to join a group you moderate on {SITENAME}.
Открываем modules/Forums/language/lang_english/email/user_activate_passwd.tpl
Находим (12):
Код:
If sucessful you will be able to login using the following password:
Заменяем на:
Код:
If successful you will be able to login using the following password:
Открываем modules/Forums/language/lang_english/lang_admin.php
Находим (339):
PHP код:
$lang['Allow_autologin'] = 'Allow automatic logins'; $lang['Allow_autologin_explain'] = 'Determines whether users are allowed to select to be automatically logged in when visiting the forum'; $lang['Autologin_time'] = 'Automatic login key expiry'; $lang['Autologin_time_explain'] = 'How long a autologin key is valid for in days if the user does not visit the board. Set to zero to disable expiry.';
Ниже добавляем:
PHP код:
// Search Flood Control - added 2.0.20 $lang['Search_Flood_Interval'] = 'Search Flood Interval'; $lang['Search_Flood_Interval_explain'] = 'Number of seconds a user must wait between search requests';
Находим (427):
PHP код:
$lang['smiley_edit_success'] = 'The Smiley was successfully updated'; $lang['smiley_import_success'] = 'The Smiley Pack was imported successfully!'; $lang['smiley_del_success'] = 'The Smiley was successfully removed'; $lang['Click_return_smileadmin'] = 'Click %sHere%s to return to Smiley Administration';
Ниже добавляем:
PHP код:
$lang['Confirm_delete_smiley'] = 'Are you sure you want to delete this Smiley?';
Находим (519):
PHP код:
$lang['Word_updated'] = 'The selected word censor has been successfully updated'; $lang['Word_added'] = 'The word censor has been successfully added'; $lang['Word_removed'] = 'The selected word censor has been successfully removed'; $lang['Click_return_wordadmin'] = 'Click %sHere%s to return to Word Censor Administration';
Ниже добавляем:
PHP код:
$lang['Confirm_delete_word'] = 'Are you sure you want to delete this word censor?';
Находим (559):
PHP код:
$lang['Rank_removed'] = 'The rank was successfully deleted'; $lang['No_update_ranks'] = 'The rank was successfully deleted. However, user accounts using this rank were not updated. You will need to manually reset the rank on these accounts'; $lang['Click_return_rankadmin'] = 'Click %sHere%s to return to Rank Administration';
Ниже добавляем:
PHP код:
$lang['Confirm_delete_rank'] = 'Are you sure you want to delete this rank?';
Открываем modules/Forums/language/lang_russian/lang_admin.php
Находим (327):
PHP код:
$lang['Allow_autologin'] = 'Разрешить автоматическую авторизацию'; $lang['Allow_autologin_explain'] = 'Разрешено ли пользователям выбирать, автоматическую авторизацию, посещая форум'; $lang['Autologin_time'] = 'Истечение Автоматической авторизации'; $lang['Autologin_time_explain'] = 'Сколько дней не посещения форума пользователем, система будет хранить информацию о нем. Наберите нолю, чтобы отключить истечение срока.';
Ниже добавляем:
PHP код:
// Search Flood Control - added 2.0.20 $lang['Search_Flood_Interval'] = 'Поисковой интервал (антифлуд)'; $lang['Search_Flood_Interval_explain'] = 'Количество секунд, которое должен выждать пользователь перед новым поиском';
Находим (413):
PHP код:
$lang['smiley_edit_success'] = 'Смайлик был успешно изменён'; $lang['smiley_import_success'] = 'Набор смайликов был успешно импортирован'; $lang['smiley_del_success'] = 'Смайлик был успешно удалён'; $lang['Click_return_smileadmin'] = '%sВернуться к списку смайликов%s';
Ниже добавляем:
PHP код:
$lang['Confirm_delete_smiley'] = 'Вы уверены, что хотите удалить этот смайл?';
Находим (505):
PHP код:
$lang['Word_updated'] = 'Выбранный автоцензор был успешно изменён'; $lang['Word_added'] = 'Автоцензор был успешно добавлен'; $lang['Word_removed'] = 'Выбранный автоцензор был успешно удалён'; $lang['Click_return_wordadmin'] = '%sВернуться к управлению автоцензором%s';
Ниже добавляем:
PHP код:
$lang['Confirm_delete_word'] = 'Вы уверены, что хотите удалить это автоцензор?';
Находим (545):
PHP код:
$lang['Click_return_rankadmin'] = '%sВернуться к управлению званиями%s';
Ниже добавляем:
PHP код:
$lang['Confirm_delete_rank'] = 'Вы уверены, что хотите удалить это звание?';
Открываем modules/Forums/language/lang_english/lang_main.php
Находим (782):
PHP код:
$lang['No_searchable_forums'] = 'You do not have permissions to search any forum on this site.'; $lang['No_search_match'] = 'No topics or posts met your search criteria'; $lang['Found_search_match'] = 'Search found %d match'; // eg. Search found 1 match $lang['Found_search_matches'] = 'Search found %d matches'; // eg. Search found 24 matches
Ниже добавляем:
PHP код:
$lang['Search_Flood_Error'] = 'You cannot make another search so soon after your last; please try again in a short while.';
Открываем modules/Forums/language/lang_russian/lang_main.php
Находим (764):
PHP код:
$lang['No_searchable_forums'] = 'У вас нет доступа к поиску ни в одном из форумов на сайте'; $lang['No_search_match'] = 'Подходящих тем или сообщений не найдено'; $lang['Found_search_match'] = 'Результатов поиска: %d'; // eg. Search found 1 match $lang['Found_search_matches'] = 'Результатов поиска: %d'; // eg. Search found 24 matches
Ниже добавляем:
PHP код:
$lang['Search_Flood_Error'] = 'Вы не можете еще раз воспользоваться поиском, пожалуйста, попробуйте сделать это чуть позднее.';
Последний раз редактировалось Soniks, 15.04.2006 в 13:43.
|
|
|
|
|
|
"Если бы вам удалось надавать под зад человеку, виноватому в большинстве ваших неприятностей - вы бы неделю не смогли сидеть". |
|
|
|
|
|
|
|
|
|
|
|
|
14.04.2006, 14:52
Открываем modules/Forums/login.php
Находим (91):
PHP код:
$row['user_last_login_try'] >= (time() - ($board_config['login_reset_time'] * 60)) && $row['user_login_tries'] >= $board_config['max_login_attempts'])
Заменяем на:
PHP код:
$row['user_last_login_try'] >= (time() - ($board_config['login_reset_time'] * 60)) && $row['user_login_tries'] >= $board_config['max_login_attempts'] && $userdata['user_level'] != ADMIN)
Находим (116):
PHP код:
else { // Save login tries and last login
Заменяем на: (изменено)
PHP код:
else { // Save login tries and last login, but only store a failed login attempt for an // active user - inactive users can't login even with a correct password if ( $row['user_id'] != ANONYMOUS && $row['user_active'] )
Открываем modules/Members_List/index.php
Находим (247):
PHP код:
$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . $lang['Search_user_posts'] . '" title="' . $lang['Search_user_posts'] . '" border="0" /></a>'; $search = '<a href="' . $temp_url . '">' . $lang['Search_user_posts'] . '</a>';
Заменяем на:
PHP код:
$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $username) . '" title="' . sprintf($lang['Search_user_posts'], $username) . '" border="0" /></a>'; $search = '<a href="' . $temp_url . '">' . sprintf($lang['Search_user_posts'], $username) . '</a>';
Открываем modules/Forums/modcp.php
Находим (234):
PHP код:
$page_title = $lang['Mod_CP']; include("includes/page_header.php"); if ( $confirm ) {
Ниже добавляем:
PHP код:
if ( empty($HTTP_POST_VARS['topic_id_list']) && empty($topic_id) ) { message_die(GENERAL_MESSAGE, $lang['None_selected']); }
Находим (264):
PHP код:
while ($row = $db->sql_fetchrow($result)) { $topic_id_sql .= (($topic_id_sql != '') ? ', ' : '') . intval($row['topic_id']); } $db->sql_freeresult($result);
Ниже добавляем:
PHP код:
if ( $topic_id_sql == '') { message_die(GENERAL_MESSAGE, $lang['None_selected']); }
Находим (750):
PHP код:
while ($row = $db->sql_fetchrow($result)) { $post_id_sql .= (($post_id_sql != '') ? ', ' : '') . intval($row['post_id']); } $db->sql_freeresult($result);
Ниже добавляем:
PHP код:
if ($post_id_sql == '') { message_die(GENERAL_MESSAGE, $lang['None_selected']); }
Находим (1008):
PHP код:
$ip_this_post = ( $rdns_ip_num == $ip_this_post ) ? gethostbyaddr($ip_this_post) : $ip_this_post;
Заменяем на:
PHP код:
$ip_this_post = ( $rdns_ip_num == $ip_this_post ) ? htmlspecialchars(gethostbyaddr($ip_this_post)) : $ip_this_post;
Находим (1053):
PHP код:
$ip = ( $rdns_ip_num == $row['poster_ip'] || $rdns_ip_num == 'all') ? gethostbyaddr($ip) : $ip;
Заменяем на:
PHP код:
$ip = ( $rdns_ip_num == $row['poster_ip'] || $rdns_ip_num == 'all') ? htmlspecialchars(gethostbyaddr($ip)) : $ip;
Открываем modules/Forums/posting.php
Находим (642):
PHP код:
$poll_options[$option_id] = htmlspecialchars(trim(stripslashes($option_text))) ;
Заменяем на:
PHP код:
$poll_options[intval($option_id)] = htmlspecialchars(trim(stripslashes($option_text))) ;
Открываем modules/Private_Messages/index.php
Находим (1251):
PHP код:
$privmsg_subject = trim(strip_tags($HTTP_POST_VARS['subject']));
Заменяем на:
PHP код:
$privmsg_subject = trim(htmlspecialchars($HTTP_POST_VARS['subject']));
Находим (1373):
PHP код:
message_die(GENERAL_ERROR, "Could not insert/update private message sent text.", "", __LINE__, __FILE__, $sql_info);
Заменяем на:
PHP код:
message_die(GENERAL_ERROR, "Could not insert/update private message sent text.", "", __LINE__, __FILE__, $sql);
Находим (1437):
PHP код:
$privmsg_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(strip_tags(stripslashes($HTTP_POST_VARS['subject']))) : '';
Заменяем на:
PHP код:
$privmsg_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(htmlspecialchars(stripslashes($HTTP_POST_VARS ['subject']))) : '';
Находим (1572):
PHP код:
} $privmsg_subject = ( ( !preg_match('/^Re:/', $privmsg['privmsgs_subject']) ) ? 'Re: ' : '' ) . $privmsg['privmsgs_subject'];
Заменяем на: (изменено)
PHP код:
} $orig_word = $replacement_word = array(); obtain_word_list($orig_word, $replacement_word); $privmsg_subject = ( ( !preg_match('/^Re:/', $privmsg['privmsgs_subject']) ) ? 'Re: ' : '' ) . $privmsg['privmsgs_subject']; $privmsg_subject = preg_replace($orig_word, $replacement_word, $privmsg_subject);
Находим (1587):
PHP код:
$privmsg_bbcode_uid = $privmsg['privmsgs_bbcode_uid']; $privmsg_message = preg_replace("/\:(([a-z0-9]:)?)$privmsg_bbcode_uid/si", '', $privmsg_message); $privmsg_message = str_replace('<br />', "\n", $privmsg_message); $privmsg_message = preg_replace('#</textarea>#si', '</textarea>', $privmsg_message);
Ниже добавляем:
PHP код:
$privmsg_message = preg_replace($orig_word, $replacement_word, $privmsg_message);
Находим и удаляем (1816):
PHP код:
$privmsg_subject = preg_replace($html_entities_match, $html_entities_replace, $privmsg_subject); $privmsg_subject = str_replace('"', '"', $privmsg_subject);
Открываем modules/Forums/profile.php
Находим (75):
PHP код:
$chars = array( 'a', 'A', 'b', 'B', 'c', 'C', 'd', 'D', 'e', 'E', 'f', 'F', 'g', 'G', 'h', 'H', 'i', 'I', 'j', 'J', 'k', 'K', 'l', 'L', 'm', 'M', 'n', 'N', 'o', 'O', 'p', 'P', 'q', 'Q', 'r', 'R', 's', 'S', 't', 'T', 'u', 'U', 'v', 'V', 'w', 'W', 'x', 'X', 'y', 'Y', 'z', 'Z', '1', '2', '3', '4', '5', '6', '7', '8', '9', '0'); $max_chars = count($chars) - 1; srand( (double) microtime()*1000000); $rand_str = ''; for($i = 0; $i < 8; $i++) { $rand_str = ( $i == 0 ) ? $chars[rand(0, $max_chars)] : $rand_str . $chars[rand(0, $max_chars)]; } return ( $hash ) ? md5($rand_str) : $rand_str;
Заменяем на: (изменено)
PHP код:
$rand_str = dss_rand(); return ( $hash ) ? md5($rand_str) : substr($rand_str, 0, 8);
Последний раз редактировалось Soniks, 28.04.2006 в 02:10.
|
|
|
|
|
|
"Если бы вам удалось надавать под зад человеку, виноватому в большинстве ваших неприятностей - вы бы неделю не смогли сидеть". |
|
|
|
|
|
|
|
|
|
|
|
|
14.04.2006, 14:59
Открываем modules/Forums/search.php
Находим (161):
PHP код:
$search_results = ''; // // Search ID Limiter, decrease this value if you experience further timeout problems with searching forums $limiter = 5000;
Ниже добавляем:
Находим (169):
PHP код:
// // Cycle through options ... // if ( $search_id == 'newposts' || $search_id == 'egosearch' || $search_id == 'unanswered' || $search_keywords != '' || $search_author != '' ) {
Ниже добавляем:
PHP код:
// // Flood control // $where_sql = ($userdata['user_id'] == ANONYMOUS) ? "se.session_ip = '$user_ip'" : 'se.session_user_id = ' . $userdata['user_id']; $sql = 'SELECT MAX(sr.search_time) AS last_search_time FROM ' . SEARCH_TABLE . ' sr, ' . SESSIONS_TABLE . " se WHERE sr.session_id = se.session_id AND $where_sql"; if ($result = $db->sql_query($sql)) { if ($row = $db->sql_fetchrow($result)) { if (intval($row['last_search_time']) > 0 && ($current_time - intval($row['last_search_time'])) < intval($board_config['search_flood_interval'])) { message_die(GENERAL_MESSAGE, $lang['Search_Flood_Error']); } } }
Находим (231):
PHP код:
if (preg_match('#^[\*%]+$#', trim($search_author)) || preg_match('#^[^\*]{1,2}$#', str_replace(array('*', '%'), '', trim($search_author)))) { $search_author = ''; } $search_author = str_replace('*', '%', trim($search_author));
Заменяем на:
PHP код:
$search_author = str_replace('*', '%', trim($search_author)); if( ( strpos($search_author, '%') !== false ) && ( strlen(str_replace('%', '', $search_author)) < 3 ) ) { $search_author = ''; }
Находим (455):
PHP код:
if (preg_match('#^[\*%]+$#', trim($search_author)) || preg_match('#^[^\*]{1,2}$#', str_replace(array('*', '%'), '', trim($search_author)))) { $search_author = ''; } $search_author = str_replace('*', '%', trim(str_replace("\'", "''", $search_author)));
Заменяем на:
PHP код:
$search_author = str_replace('*', '%', trim($search_author)); if( ( strpos($search_author, '%') !== false ) && ( strlen(str_replace('%', '', $search_author)) < 3 ) ) { $search_author = ''; }
Находим (665):
PHP код:
// Finish building query (for all combinations) // and run it ... // $sql = "SELECT session_id FROM " . SESSIONS_TABLE; if ( $result = $db->sql_query($sql) ) { $delete_search_ids = array(); while( $row = $db->sql_fetchrow($result) ) { $delete_search_ids[] = "'" . $row['session_id'] . "'"; } if ( count($delete_search_ids) ) { $sql = "DELETE FROM " . SEARCH_TABLE . " WHERE session_id NOT IN (" . implode(", ", $delete_search_ids) . ")"; if ( !$result = $db->sql_query($sql) ) { message_die(GENERAL_ERROR, 'Could not delete old search id sessions', '', __LINE__, __FILE__, $sql); } }
Заменяем на:
PHP код:
// Delete old data from the search result table // $sql = 'DELETE FROM ' . SEARCH_TABLE . ' WHERE search_time < ' . ($current_time - (int) $board_config['session_length']); if ( !$result = $db->sql_query($sql) ) { message_die(GENERAL_ERROR, 'Could not delete old search id sessions', '', __LINE__, __FILE__, $sql);
Находим (713):
PHP код:
SET search_id = $search_id, search_array = '" . str_replace("\'", "''", $result_array) . "' WHERE session_id = '" . $userdata['session_id'] . "'"; if ( !($result = $db->sql_query($sql)) || !$db->sql_affectedrows() ) { $sql = "INSERT INTO " . SEARCH_TABLE . " (search_id, session_id, search_array) VALUES('$search_id', '" . $userdata['session_id'] . "', '" . str_replace("\'", "''", $result_array) . "')";
Заменяем на:
PHP код:
SET search_id = $search_id, search_time = $current_time, search_array = '" . str_replace("\'", "''", $result_array) . "' WHERE session_id = '" . $userdata['session_id'] . "'"; if ( !($result = $db->sql_query($sql)) || !$db->sql_affectedrows() ) { $sql = "INSERT INTO " . SEARCH_TABLE . " (search_id, session_id, search_time, search_array) VALUES($search_id, '" . $userdata['session_id'] . "', $current_time, '" . str_replace("\'", "''", $result_array) . "')";
Открываем modules/Forums/templates/subSilver/admin/board_config_body.tpl
Находим (52):
Код HTML:
<td class="row2"><input type="radio" name="board_email_form" value="1" {BOARD_EMAIL_FORM_ENABLE} /> {L_ENABLED} <input type="radio" name="board_email_form" value="0" {BOARD_EMAIL_FORM_DISABLE} /> {L_DISABLED}</td>
</tr>
<tr>
<td class="row1">{L_FLOOD_INTERVAL} <br /><span class="gensmall">{L_FLOOD_INTERVAL_EXPLAIN}</span></td>
<td class="row2"><input class="post" type="text" size="3" maxlength="4" name="flood_interval" value="{FLOOD_INTERVAL}" /></td>
Ниже добавляем:
Код HTML:
</tr>
<tr>
<td class="row1">{L_SEARCH_FLOOD_INTERVAL} <br /><span class="gensmall">{L_SEARCH_FLOOD_INTERVAL_EXPLAIN}</span></td>
<td class="row2"><input class="post" type="text" size="3" maxlength="4" name="search_flood_interval" value="{SEARCH_FLOOD_INTERVAL}" /></td>
Открываем modules/Forums/templates/subSilver/confirm_body.tpl
Находим (10):
Код HTML:
<th class="thHead" height="25" valign="middle"><span class="tableTitle">{MESSAGE_TITLE}</span></th>
Заменяем на:
Код HTML:
<th class="thHead" height="25" valign="middle">{MESSAGE_TITLE}</th>
|
|
|
|
|
|
"Если бы вам удалось надавать под зад человеку, виноватому в большинстве ваших неприятностей - вы бы неделю не смогли сидеть". |
|
|
|
|
|
|
|
|
|
|
|
|
14.04.2006, 15:37
- Скопируйте файл из атача в директорию с php-nuke.
- Выполните SQL-запросы:
Код:
INSERT INTO nuke_bbconfig (config_name, config_value) VALUES ('search_flood_interval', '15')
Код:
INSERT INTO nuke_bbconfig (config_name, config_value) VALUES ('rand_seed', '0')
Код:
DELETE FROM nuke_bbsessions
Код:
DELETE FROM nuke_bbsessions_keys
Код:
ALTER TABLE nuke_bbsearch_results ADD COLUMN search_time int(11) DEFAULT '0' NOT NULL
Код:
UPDATE nuke_bbconfig SET config_value = '.0.20' WHERE config_name = 'version'
не забываем в запросах менять префикс таблиц nuke_ на свой.
На этом все!
|
|
|
|
|
|
"Если бы вам удалось надавать под зад человеку, виноватому в большинстве ваших неприятностей - вы бы неделю не смогли сидеть". |
|
|
|
|
|
|
|
|
Опции темы |
Поиск в этой теме |
|
|
Опции просмотра |
Линейный вид
|
Ваши права в разделе
|
Вы не можете создавать темы
Вы не можете отвечать на сообщения
Вы не можете прикреплять файлы
Вы не можете редактировать сообщения
HTML код Выкл.
|
|
|
Часовой пояс GMT +4, время: 03:03.
|
|
|
|
|
|
|
|
|
|
|
|
|