|
|
|
 |
 |
|
 |
|
|
|
Обновляем форум phpBB 2.0.19 до 2.0.20
|  |
#1 |  |
|
13.04.2006, 02:09
Обновляем форум BBtoNuke с версии 2.0.19 до 2.0.20
Открываем modules/Forums/admin/admin_board.php
Находим (52):
PHP код:
$cookie_name = str_replace('.', '_', $new['cookie_name']);
}
Заменяем на:
PHP код:
$new['cookie_name'] = str_replace('.', '_', $new['cookie_name']);
}
// Attempt to prevent a common mistake with this value,
// http:// is the protocol and not part of the server name
if ($config_name == 'server_name')
{
$new['server_name'] = str_replace('http://', '', $new['server_name']);
}
Находим(197):
PHP код:
"L_DISABLED" => $lang['Disabled'],
"L_ABILITIES_SETTINGS" => $lang['Abilities_settings'],
"L_MAX_POLL_OPTIONS" => $lang['Max_poll_options'],
"L_FLOOD_INTERVAL" => $lang['Flood_Interval'],
"L_FLOOD_INTERVAL_EXPLAIN" => $lang['Flood_Interval_explain'],
Ниже добавляем:
PHP код:
"L_SEARCH_FLOOD_INTERVAL" => $lang['Search_Flood_Interval'],
"L_SEARCH_FLOOD_INTERVAL_EXPLAIN" => $lang['Search_Flood_Interval_explain'],
Находим (285):
PHP код:
'AUTOLOGIN_TIME' => (int) $new['max_autologin_time'],
"BOARD_EMAIL_FORM_ENABLE" => $board_email_form_yes,
"BOARD_EMAIL_FORM_DISABLE" => $board_email_form_no,
"MAX_POLL_OPTIONS" => $new['max_poll_options'],
"FLOOD_INTERVAL" => $new['flood_interval'],
Ниже добавляем:
PHP код:
"SEARCH_FLOOD_INTERVAL" => $new['search_flood_interval'],
Открываем modules/Forums/admin/admin_db_utilities.php
Находим (507):
PHP код:
unset($schema_vals);
unset($schema_fields);
unset($schema_insert);
Заменяем на:
PHP код:
$schema_vals = '';
$schema_fields = '';
$schema_insert = '';
Находим (519):
Замените на:
Открываем modules/Forums/admin/admin_forums.php
Найдите (42):
PHP код:
"auth_post" => AUTH_ALL,
"auth_reply" => AUTH_ALL,
Замените на:
PHP код:
"auth_post" => AUTH_REG,
"auth_reply" => AUTH_REG,
Открываем modules/Forums/admin/admin_groups.php
Найдите (107):
PHP код:
$sql = "SELECT user_id, username
FROM " . USERS_TABLE . "
WHERE user_id <> " . ANONYMOUS . "
ORDER BY username";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain user info for moderator list', '', __LINE__, __FILE__, $sql);
}
while ( $row = $db->sql_fetchrow($result) )
{
if ( $row['user_id'] == $group_info['group_moderator'] )
{
$group_moderator = $row['username'];
}
Замените на:
PHP код:
if ($group_info['group_moderator'] != '')
{
$sql = "SELECT user_id, username
FROM " . USERS_TABLE . "
WHERE user_id = " . $group_info['group_moderator'];
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain user info for moderator list', '', __LINE__, __FILE__, $sql);
}
if ( !($row = $db->sql_fetchrow($result)) )
{
message_die(GENERAL_ERROR, 'Could not obtain user info for moderator list', '', __LINE__, __FILE__, $sql);
}
$group_moderator = $row['username'];
}
else
{
$group_moderator = '';
Найдите (259):
PHP код:
$group_name = isset($HTTP_POST_VARS['group_name']) ? trim($HTTP_POST_VARS['group_name']) : '';
Замените на:
PHP код:
$group_name = isset($HTTP_POST_VARS['group_name']) ? htmlspecialchars(trim($HTTP_POST_VARS['group_name'])) : '';
Открываем modules/Forums/admin/admin_ranks.php
Найдите и удалите (22):
Найдите(25):
PHP код:
{
$file = basename(__FILE__);
$module['Users']['Ranks'] = $file;
return;
}
Ниже добавьте:
Найдите (41):
PHP код:
$mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
Замените на:
PHP код:
$mode = (isset($HTTP_GET_VARS['mode'])) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
Найдите (58):
Ниже добавьте:
PHP код:
// Restrict mode input to valid options
$mode = ( in_array($mode, array('add', 'edit', 'save', 'delete')) ) ? $mode : '';
Найдите (214):
PHP код:
}
else
{
$rank_id = 0;
}
if( $rank_id )
Замените на:
PHP код:
}
else
{
$rank_id = 0;
}
$confirm = isset($HTTP_POST_VARS['confirm']);
if( $rank_id && $confirm )
|
|
|
|
|
|
"Если бы вам удалось надавать под зад человеку, виноватому в большинстве ваших неприятностей - вы бы неделю не смогли сидеть". |
|
|
|
|
|
|
 |
|
 |
|
 |
|
13.04.2006, 02:30
Найдите (245):
PHP код:
else
{
message_die(GENERAL_MESSAGE, $lang['Must_select_rank']);
}
}
else
{
//
// They didn't feel like giving us any information. Oh, too bad, we'll just display the
// list then...
//
$template->set_filenames(array(
"body" => "admin/ranks_list_body.tpl")
);
$sql = "SELECT * FROM " . RANKS_TABLE . "
ORDER BY rank_min, rank_title";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't obtain ranks data", "", __LINE__, __FILE__, $sql);
}
$rank_rows = $db->sql_fetchrowset($result);
$rank_count = count($rank_rows);
$template->assign_vars(array(
"L_RANKS_TITLE" => $lang['Ranks_title'],
"L_RANKS_TEXT" => $lang['Ranks_explain'],
"L_RANK" => $lang['Rank_title'],
"L_RANK_MINIMUM" => $lang['Rank_minimum'],
"L_SPECIAL_RANK" => $lang['Special_rank'],
"L_EDIT" => $lang['Edit'],
"L_DELETE" => $lang['Delete'],
"L_ADD_RANK" => $lang['Add_new_rank'],
"L_ACTION" => $lang['Action'],
"S_RANKS_ACTION" => append_sid("admin_ranks.$phpEx"))
);
for( $i = 0; $i < $rank_count; $i++)
{
$rank = $rank_rows[$i]['rank_title'];
$special_rank = $rank_rows[$i]['rank_special'];
$rank_id = $rank_rows[$i]['rank_id'];
$rank_min = $rank_rows[$i]['rank_min'];
if($special_rank)
{
$rank_min = $rank_max = "-";
}
$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
$template->assign_block_vars("ranks", array(
"ROW_COLOR" => "#" . $row_color,
"ROW_CLASS" => $row_class,
"RANK" => $rank,
"RANK_MIN" => $rank_min,
"SPECIAL_RANK" => ( $special_rank == 1 ) ? $lang['Yes'] : $lang['No'],
"U_RANK_EDIT" => append_sid("admin_ranks.$phpEx?mode=edit&id=$rank_id"),
"U_RANK_DELETE" => append_sid("admin_ranks.$phpEx?mode=delete&id=$rank_id"))
);
}
}
}
else
{
//
// Show the default page
//
$template->set_filenames(array(
"body" => "admin/ranks_list_body.tpl")
);
$sql = "SELECT * FROM " . RANKS_TABLE . "
ORDER BY rank_min ASC, rank_special ASC";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't obtain ranks data", "", __LINE__, __FILE__, $sql);
}
$rank_count = $db->sql_numrows($result);
$rank_rows = $db->sql_fetchrowset($result);
$template->assign_vars(array(
"L_RANKS_TITLE" => $lang['Ranks_title'],
"L_RANKS_TEXT" => $lang['Ranks_explain'],
"L_RANK" => $lang['Rank_title'],
"L_RANK_MINIMUM" => $lang['Rank_minimum'],
"L_SPECIAL_RANK" => $lang['Rank_special'],
"L_EDIT" => $lang['Edit'],
"L_DELETE" => $lang['Delete'],
"L_ADD_RANK" => $lang['Add_new_rank'],
"L_ACTION" => $lang['Action'],
"S_RANKS_ACTION" => append_sid("admin_ranks.$phpEx"))
);
for($i = 0; $i < $rank_count; $i++)
{
$rank = $rank_rows[$i]['rank_title'];
$special_rank = $rank_rows[$i]['rank_special'];
$rank_id = $rank_rows[$i]['rank_id'];
$rank_min = $rank_rows[$i]['rank_min'];
if( $special_rank == 1 )
{
$rank_min = $rank_max = "-";
}
$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
$rank_is_special = ( $special_rank ) ? $lang['Yes'] : $lang['No'];
$template->assign_block_vars("ranks", array(
"ROW_COLOR" => "#" . $row_color,
"ROW_CLASS" => $row_class,
"RANK" => $rank,
"SPECIAL_RANK" => $rank_is_special,
"RANK_MIN" => $rank_min,
"U_RANK_EDIT" => append_sid("admin_ranks.$phpEx?mode=edit&id=$rank_id"),
"U_RANK_DELETE" => append_sid("admin_ranks.$phpEx?mode=delete&id=$rank_id"))
);
}
Замените на:
PHP код:
elseif( $rank_id && !$confirm)
{
// Present the confirmation screen to the user
$template->set_filenames(array(
'body' => 'admin/confirm_body.tpl')
);
$hidden_fields = '<input type="hidden" name="mode" value="delete" /><input type="hidden" name="id" value="' . $rank_id . '" />';
$template->assign_vars(array(
'MESSAGE_TITLE' => $lang['Confirm'],
'MESSAGE_TEXT' => $lang['Confirm_delete_rank'],
'L_YES' => $lang['Yes'],
'L_NO' => $lang['No'],
'S_CONFIRM_ACTION' => append_sid("admin_ranks.$phpEx"),
'S_HIDDEN_FIELDS' => $hidden_fields)
);
}
else
{
message_die(GENERAL_MESSAGE, $lang['Must_select_rank']);
}
}
$template->pparse("body");
include('./page_footer_admin.'.$phpEx);
}
//
// Show the default page
//
$template->set_filenames(array(
"body" => "admin/ranks_list_body.tpl")
);
$sql = "SELECT * FROM " . RANKS_TABLE . "
ORDER BY rank_min ASC, rank_special ASC";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't obtain ranks data", "", __LINE__, __FILE__, $sql);
}
$rank_count = $db->sql_numrows($result);
$rank_rows = $db->sql_fetchrowset($result);
$template->assign_vars(array(
"L_RANKS_TITLE" => $lang['Ranks_title'],
"L_RANKS_TEXT" => $lang['Ranks_explain'],
"L_RANK" => $lang['Rank_title'],
"L_RANK_MINIMUM" => $lang['Rank_minimum'],
"L_SPECIAL_RANK" => $lang['Rank_special'],
"L_EDIT" => $lang['Edit'],
"L_DELETE" => $lang['Delete'],
"L_ADD_RANK" => $lang['Add_new_rank'],
"L_ACTION" => $lang['Action'],
"S_RANKS_ACTION" => append_sid("admin_ranks.$phpEx"))
);
for($i = 0; $i < $rank_count; $i++)
{
$rank = $rank_rows[$i]['rank_title'];
$special_rank = $rank_rows[$i]['rank_special'];
$rank_id = $rank_rows[$i]['rank_id'];
$rank_min = $rank_rows[$i]['rank_min'];
if( $special_rank == 1 )
{
$rank_min = $rank_max = "-";
}
$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
$rank_is_special = ( $special_rank ) ? $lang['Yes'] : $lang['No'];
$template->assign_block_vars("ranks", array(
"ROW_COLOR" => "#" . $row_color,
"ROW_CLASS" => $row_class,
"RANK" => $rank,
"SPECIAL_RANK" => $rank_is_special,
"RANK_MIN" => $rank_min,
"U_RANK_EDIT" => append_sid("admin_ranks.$phpEx?mode=edit&id=$rank_id"),
"U_RANK_DELETE" => append_sid("admin_ranks.$phpEx?mode=delete&id=$rank_id"))
);
Открываем modules/Forums/admin/admin_smilies.php
Найдите (319):
PHP код:
$sql = "DELETE FROM " . SMILIES_TABLE . "
WHERE smilies_id = " . $smiley_id;
$result = $db->sql_query($sql);
if( !$result )
{
message_die(GENERAL_ERROR, "Couldn't delete smiley", "", __LINE__, __FILE__, $sql);
}
$message = $lang['smiley_del_success'] . "<br /><br />" . sprintf($lang['Click_return_smileadmin'], "<a href=\"" . append_sid("admin_smilies.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
Замените на:
PHP код:
$confirm = isset($HTTP_POST_VARS['confirm']);
if( $confirm )
{
$sql = "DELETE FROM " . SMILIES_TABLE . "
WHERE smilies_id = " . $smiley_id;
$result = $db->sql_query($sql);
if( !$result )
{
message_die(GENERAL_ERROR, "Couldn't delete smiley", "", __LINE__, __FILE__, $sql);
}
$message = $lang['smiley_del_success'] . "<br /><br />" . sprintf($lang['Click_return_smileadmin'], "<a href=\"" . append_sid("admin_smilies.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
}
else
{
// Present the confirmation screen to the user
$template->set_filenames(array(
'body' => 'admin/confirm_body.tpl')
);
$hidden_fields = '<input type="hidden" name="mode" value="delete" /><input type="hidden" name="id" value="' . $smiley_id . '" />';
$template->assign_vars(array(
'MESSAGE_TITLE' => $lang['Confirm'],
'MESSAGE_TEXT' => $lang['Confirm_delete_smiley'],
'L_YES' => $lang['Yes'],
'L_NO' => $lang['No'],
'S_CONFIRM_ACTION' => append_sid("admin_smilies.$phpEx"),
'S_HIDDEN_FIELDS' => $hidden_fields)
);
$template->pparse('body');
}
|
|
|
|
|
|
"Если бы вам удалось надавать под зад человеку, виноватому в большинстве ваших неприятностей - вы бы неделю не смогли сидеть". |
|
|
|
|
|
|
|
|
|
|
|
|
13.04.2006, 02:38
Найдите (430):
PHP код:
$smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? trim($HTTP_POST_VARS['smile_code']) : trim($HTTP_GET_VARS['smile_code']);
$smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? trim($HTTP_POST_VARS['smile_url']) : trim($HTTP_GET_VARS['smile_url']);
$smile_url = phpbb_ltrim(basename($smile_url), "'");
$smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? trim($HTTP_POST_VARS['smile_emotion']) : trim($HTTP_GET_VARS['smile_emotion']);
$smile_id = ( isset($HTTP_POST_VARS['smile_id']) ) ? intval($HTTP_POST_VARS['smile_id']) : intval($HTTP_GET_VARS['smile_id']);
Замените на:
PHP код:
$smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? trim($HTTP_POST_VARS['smile_code']) : '';
$smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? trim($HTTP_POST_VARS['smile_url']) : '';
$smile_url = phpbb_ltrim(basename($smile_url), "'");
$smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? htmlspecialchars(trim($HTTP_POST_VARS['smile_emotion'])) : '';
$smile_id = ( isset($HTTP_POST_VARS['smile_id']) ) ? intval($HTTP_POST_VARS['smile_id']) : 0;
$smile_code = trim($smile_code);
$smile_url = trim($smile_url);
Найдите:
PHP код:
$smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? $HTTP_POST_VARS['smile_code'] : $HTTP_GET_VARS['smile_code'];
$smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? $HTTP_POST_VARS['smile_url'] : $HTTP_GET_VARS['smile_url'];
$smile_url = phpbb_ltrim(basename($smile_url), "'");
$smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion'];
$smile_code = trim($smile_code);
$smile_url = trim($smile_url);
$smile_emotion = trim($smile_emotion);
Замените на:
PHP код:
$smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? $HTTP_POST_VARS['smile_code'] : '';
$smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? $HTTP_POST_VARS['smile_url'] : '';
$smile_url = phpbb_ltrim(basename($smile_url), "'");
$smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? htmlspecialchars(trim($HTTP_POST_VARS['smile_emotion'])) : '';
$smile_code = trim($smile_code);
$smile_url = trim($smile_url);
Открываем modules/Forums/admin/admin_users.php
Найдите (254):
PHP код:
$user_style = ( $HTTP_POST_VARS['style'] ) ? intval( $HTTP_POST_VARS['style'] ) : $board_config['default_style'];
$user_lang = ( $HTTP_POST_VARS['language'] ) ? $HTTP_POST_VARS['language'] : $board_config['default_lang'];
$user_timezone = ( isset( $HTTP_POST_VARS['timezone']) ) ? doubleval( $HTTP_POST_VARS['timezone'] ) : $board_config['board_timezone'];
$user_template = ( $HTTP_POST_VARS['template'] ) ? $HTTP_POST_VARS['template'] : $board_config['board_template'];
Замените на:
PHP код:
$user_style = ( isset( $HTTP_POST_VARS['style'] ) ) ? intval( $HTTP_POST_VARS['style'] ) : $board_config['default_style'];
$user_lang = ( $HTTP_POST_VARS['language'] ) ? $HTTP_POST_VARS['language'] : $board_config['default_lang'];
$user_timezone = ( isset( $HTTP_POST_VARS['timezone']) ) ? doubleval( $HTTP_POST_VARS['timezone'] ) : $board_config['board_timezone'];
Найдите (698):
PHP код:
$message .= $lang['Admin_user_updated'];
}
else
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Admin_user_fail'];
Замените на:
PHP код:
// We remove all stored login keys since the password has been updated
// and change the current one (if applicable)
if ( !empty($passwd_sql) )
{
session_reset_keys($user_id, $user_ip);
}
$message .= $lang['Admin_user_updated'];
}
else
{
message_die(GENERAL_ERROR, 'Admin_user_fail', '', __LINE__, __FILE__, $sql);
Открываем modules/Forums/admin/admin_words.php
Найдите и удалите (22):
Найдите (24):
PHP код:
{
$file = basename(__FILE__);
$module['General']['Word_Censor'] = $file;
return;
}
Ниже добавьте:
Найдите (39):
PHP код:
$mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
Замените на:
PHP код:
$mode = (isset($HTTP_GET_VARS['mode'])) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
Найдите (56):
Ниже добавьте:
PHP код:
// Restrict mode input to valid options
$mode = ( in_array($mode, array('add', 'edit', 'save', 'delete')) ) ? $mode : '';
Найдите (68):
PHP код:
$template->set_filenames(array(
"body" => "admin/words_edit_body.tpl")
);
Ниже добавьте:
PHP код:
$word_info = array('word' => '', 'replacement' => '');
Найдите (155):
PHP код:
else
{
$word_id = 0;
}
if( $word_id )
Замените на:
PHP код:
else
{
$word_id = 0;
}
$confirm = isset($HTTP_POST_VARS['confirm']);
if( $word_id && $confirm )
Найдите (168):
PHP код:
}
$message = $lang['Word_removed'] . "<br /><br />" . sprintf($lang['Click_return_wordadmin'], "<a href=\"" . append_sid("admin_words.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
Ниже добавьте:
PHP код:
}
elseif( $word_id && !$confirm)
{
// Present the confirmation screen to the user
$template->set_filenames(array(
'body' => 'admin/confirm_body.tpl')
);
$hidden_fields = '<input type="hidden" name="mode" value="delete" /><input type="hidden" name="id" value="' . $word_id . '" />';
$template->assign_vars(array(
'MESSAGE_TITLE' => $lang['Confirm'],
'MESSAGE_TEXT' => $lang['Confirm_delete_word'],
'L_YES' => $lang['Yes'],
'L_NO' => $lang['No'],
'S_CONFIRM_ACTION' => append_sid("admin_words.$phpEx"),
'S_HIDDEN_FIELDS' => $hidden_fields)
);
Найдите (211):
PHP код:
{
message_die(GENERAL_ERROR, "Could not query words table", $lang['Error'], __LINE__, __FILE__, $sql);
}
$word_rows = $db->sql_fetchrowset($result);
Ниже добавьте:
PHP код:
$db->sql_freeresult($result);
Открываем modules/Forums/admin/page_header_admin.php
Находим (138):
PHP код:
$template->pparse('header');
Выше добавляем:
PHP код:
// Work around for "current" Apache 2 + PHP module which seems to not
// cope with private cache control setting
if (!empty($HTTP_SERVER_VARS['SERVER_SOFTWARE']) && strstr($HTTP_SERVER_VARS['SERVER_SOFTWARE'], 'Apache/2'))
{
header ('Cache-Control: no-cache, pre-check=0, post-check=0');
}
else
{
header ('Cache-Control: private, pre-check=0, post-check=0, max-age=0');
}
header ('Expires: 0');
header ('Pragma: no-cache');
Последний раз редактировалось Soniks, 14.04.2006 в 16:39.
|
|
|
|
|
|
"Если бы вам удалось надавать под зад человеку, виноватому в большинстве ваших неприятностей - вы бы неделю не смогли сидеть". |
|
|
|
|
|
|
|
|
|
|
|
|
13.04.2006, 02:59
Открываем modules/Forums/common.php
Находим (169):
PHP код:
$userdata = array();
$theme = array();
$images = array();
$lang = array();
$nav_links = array();
Ниже добавляем:
Открываем db/mssql.php
Находим (292):
PHP код:
$row[$key] = stripslashes($value);
Замените на:
PHP код:
$row[$key] = ($value === ' ') ? '' : stripslashes($value);
Найдите (320):
PHP код:
$rowset[$i][$key] = stripslashes($value);
Замените на:
PHP код:
$rowset[$i][$key] = ($value === ' ') ? '' : stripslashes($value);
Найдите (259):
PHP код:
$result = stripslashes($this->row[$query_id][$field]);
Замените на:
PHP код:
$result = ($this->row[$query_id][$field] === ' ') ? '' : stripslashes($this->row[$query_id][$field]);
Открываем includes/auth.php
Найдите (276):
PHP код:
{
for($k = 0; $k < count($f_access); $k++)
{
$value = $f_access[$k][$key];
$f_forum_id = $f_access[$k]['forum_id'];
Ниже добавьте:
PHP код:
$u_access[$f_forum_id] = isset($u_access[$f_forum_id]) ? $u_access[$f_forum_id] : array();
Найдите (325):
PHP код:
else
{
for($k = 0; $k < count($f_access); $k++)
{
$f_forum_id = $f_access[$k]['forum_id'];
Ниже добавьте:
PHP код:
$u_access[$f_forum_id] = isset($u_access[$f_forum_id]) ? $u_access[$f_forum_id] : array();
Открываем includes/bbcode.php
Найдите (198):
PHP код:
$patterns[] = "#\[img:$uid\]([^?].*?)\[/img:$uid\]#i";
$replacements[] = $bbcode_tpl['img'];
// matches a xxxx://www.phpbb.com code..
$patterns[] = "#\[url\]([\w]+?://([\w\#$%&~/.\-;:=,?@\]+]|\[(?!url=))*?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url1'];
// www.phpbb.com code.. (no xxxx:// prefix).
$patterns[] = "#\[url\]((www|ftp)\.([\w\#$%&~/.\-;:=,?@\]+]|\[(?!url=))*?)\[/url\]#is";
Замените на:
PHP код:
$patterns[] = "#\[img:$uid\]([^?](?:[^\[]+|\[(?!url))*?)\[/img:$uid\]#i";
$replacements[] = $bbcode_tpl['img'];
// matches a xxxx://www.phpbb.com code..
$patterns[] = "#\[url\]([\w]+?://([\w\#$%&~/.\-;:=,?@\]+]+|\[(?!url=))*?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url1'];
// www.phpbb.com code.. (no xxxx:// prefix).
$patterns[] = "#\[url\]((www|ftp)\.([\w\#$%&~/.\-;:=,?@\]+]+|\[(?!url=))*?)\[/url\]#is";
Найдите (237):
Замените на:
Открываем includes/functions.php
Найдите (142):
Ниже добавьте: (изменено)
PHP код:
/**
* Our own generator of random values
* This uses a constantly changing value as the base for generating the values
* The board wide setting is updated once per page if this code is called
* With thanks to Anthrax101 for the inspiration on this one
* Added in phpBB 2.0.20
*/
function dss_rand()
{
global $db, $board_config, $dss_seeded;
$val = $board_config['rand_seed'] . microtime();
$val = md5($val);
$board_config['rand_seed'] = md5($board_config['rand_seed'] . $val . 'a');
if($dss_seeded !== true)
{
$sql = "UPDATE " . CONFIG_TABLE . " SET
config_value = '" . $board_config['rand_seed'] . "'
WHERE config_name = 'rand_seed'";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Unable to reseed PRNG", "", __LINE__, __FILE__, $sql);
}
$dss_seeded = true;
}
return substr($val, 4, 16);
}
Найдите (419):
PHP код:
message_die(CRITICAL_ERROR, "Could not get theme data for themes_id [$style]");
Замените на:
PHP код:
// We are trying to setup a style which does not exist in the database
// Try to fallback to the board default (if the user had a custom style)
// and then any users using this style to the default if it succeeds
if ( $style != $board_config['default_style'])
{
$sql = 'SELECT *
FROM ' . THEMES_TABLE . '
WHERE themes_id = ' . $board_config['default_style'];
if ( !($result = $db->sql_query($sql)) )
{
message_die(CRITICAL_ERROR, 'Could not query database for theme info');
}
if ( $row = $db->sql_fetchrow($result) )
{
$db->sql_freeresult($result);
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_style = ' . $board_config['default_style'] . "
WHERE user_style = $style";
if ( !($result = $db->sql_query($sql)) )
{
message_die(CRITICAL_ERROR, 'Could not update user theme info');
}
}
else
{
message_die(CRITICAL_ERROR, "Could not get theme data for themes_id [$style]");
}
}
else
{
message_die(CRITICAL_ERROR, "Could not get theme data for themes_id [$style]");
}
Найдите (725):
PHP код:
$debug_text .= '</br /><br />Line : ' . $err_line . '<br />File : ' . basename($err_file);
Замените на:
PHP код:
$debug_text .= '<br /><br />Line : ' . $err_line . '<br />File : ' . basename($err_file);
Найдите (752):
PHP код:
if ( empty($template) )
{
$ThemeSel = get_theme();
if (file_exists("themes/$ThemeSel/forums/".$board_config['board_template']."/index_body.tpl")) {
$template = new Template("themes/$ThemeSel/forums/".$board_config['board_template']."");
} else {
$template = new Template($phpbb_root_path . 'templates/' . $board_config['board_template']);
}
}
if ( empty($theme) )
Замените на:
PHP код:
if ( empty($template) || empty($theme) )
Последний раз редактировалось Soniks, 28.04.2006 в 01:45.
|
|
|
|
|
|
"Если бы вам удалось надавать под зад человеку, виноватому в большинстве ваших неприятностей - вы бы неделю не смогли сидеть". |
|
|
|
|
|
|
|
|
|
|
|
|
13.04.2006, 21:18
Открываем includes/functions_post.php
Находим (51):
PHP код:
$allowed_html_tags = split(',', $board_config['allow_html_tags']);
$end_html = 0;
$start_html = 1;
$tmp_message = '';
$message = ' ' . $message . ' ';
while ($start_html = strpos($message, '<', $start_html))
{
$tmp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($message, $end_html + 1, ($start_html - $end_html - 1)));
if ($end_html = strpos($message, '>', $start_html))
{
$length = $end_html - $start_html + 1;
$hold_string = substr($message, $start_html, $length);
if (($unclosed_open = strrpos(' ' . $hold_string, '<')) != 1)
{
$tmp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($hold_string, 0, $unclosed_open - 1));
$hold_string = substr($hold_string, $unclosed_open - 1);
}
$tagallowed = false;
for ($i = 0; $i < sizeof($allowed_html_tags); $i++)
{
$match_tag = trim($allowed_html_tags[$i]);
if (preg_match('#^<\/?' . $match_tag . '[> ]#i', $hold_string))
{
$tagallowed = (preg_match('#^<\/?' . $match_tag . ' .*?(style[\t ]*?=|on[\w]+[\t ]*?=)#i', $hold_string)) ? false : true;
}
}
$tmp_message .= ($length && !$tagallowed) ? preg_replace($html_entities_match, $html_entities_replace, $hold_string) : $hold_string;
$start_html += $length;
}
else
{
$tmp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($message, $start_html, strlen($message)));
$start_html = strlen($message);
$end_html = $start_html;
}
}
if (!$end_html || ($end_html != strlen($message) && $tmp_message != ''))
{
$tmp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($message, $end_html + 1));
}
$message = ($tmp_message != '') ? trim($tmp_message) : trim($message);
Заменяем на: (изменено)
PHP код:
// If HTML is on, we try to make it safe
// This approach is quite agressive and anything that does not look like a valid tag
// is going to get converted to HTML entities
$message = stripslashes($message);
$html_match = '#<[^\w<]*(\w+)((?:"[^"]*"|\'[^\']*\'|[^<>\'"])+)?>#';
$matches = array();
$message_split = preg_split($html_match, $message);
preg_match_all($html_match, $message, $matches);
$message = '';
foreach ($message_split as $part)
{
$tag = array(array_shift($matches[0]), array_shift($matches[1]), array_shift($matches[2]));
$message .= htmlspecialchars($part) . clean_html($tag);
}
$message = addslashes($message);
$message = str_replace('"', '\"', $message);
Находим (161):
PHP код:
$temp_option_text[$option_id] = htmlspecialchars($option_text);
Заменяем на:
PHP код:
$temp_option_text[intval($option_id)] = htmlspecialchars($option_text);
Находим (824):
PHP код:
include("includes/page_tail_review.php");
}
}
Ниже добавьте:
PHP код:
/**
* Called from within prepare_message to clean included HTML tags if HTML is
* turned on for that post
* @param array $tag Matching text from the message to parse
*/
function clean_html($tag)
{
global $board_config;
if (empty($tag[0]))
{
return '';
}
$allowed_html_tags = preg_split('/, */', strtolower($board_config['allow_html_tags']));
$disallowed_attributes = '/^(?:style|on)/i';
// Check if this is an end tag
preg_match('/<[^\w\/]*\/[\W]*(\w+)/', $tag[0], $matches);
if (sizeof($matches))
{
if (in_array(strtolower($matches[1]), $allowed_html_tags))
{
return '</' . $matches[1] . '>';
}
else
{
return htmlspecialchars('</' . $matches[1] . '>');
}
}
// Check if this is an allowed tag
if (in_array(strtolower($tag[1]), $allowed_html_tags))
{
$attributes = '';
if (!empty($tag[2]))
{
preg_match_all('/[\W]*?(\w+)[\W]*?=[\W]*?(["\'])((?:(?!\2).)*)\2/', $tag[2], $test);
for ($i = 0; $i < sizeof($test[0]); $i++)
{
if (preg_match($disallowed_attributes, $test[1][$i]))
{
continue;
}
$attributes .= ' ' . $test[1][$i] . '=' . $test[2][$i] . str_replace(array('[', ']'), array('[', ']'), htmlspecialchars($test[3][$i])) . $test[2][$i];
}
}
if (in_array(strtolower($tag[1]), $allowed_html_tags))
{
return '<' . $tag[1] . $attributes . '>';
}
else
{
return htmlspecialchars('<' . $tag[1] . $attributes . '>');
}
}
// Finally, this is not an allowed tag so strip all the attibutes and escape it
else
{
return htmlspecialchars('<' . $tag[1] . '>');
}
}
Открываем modules/Forums/prune.php
Находим (72):
PHP код:
function prune($forum_id, $prune_date, $prune_all = false)
{
global $db, $lang;
Ниже добавляем:
PHP код:
// Before pruning, lets try to clean up the invalid topic entries
$sql = 'SELECT topic_id FROM ' . TOPICS_TABLE . '
WHERE topic_last_post_id = 0';
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain lists of topics to sync', '', __LINE__, __FILE__, $sql);
}
while( $row = $db->sql_fetchrow($result) )
{
sync('topic', $row['topic_id']);
}
$db->sql_freeresult($result);
Находим (98):
PHP код:
AND ( p.post_id = t.topic_last_post_id
OR t.topic_last_post_id = '0' )";
Заменяем на:
PHP код:
AND p.post_id = t.topic_last_post_id";
Открываем modules/Forums/sessions.php
Находим (183):
PHP код:
list($sec, $usec) = explode(' ', microtime());
mt_srand((float) $sec + ((float) $usec * 100000));
$session_id = md5(uniqid(mt_rand(), true));
Заменяем на:
PHP код:
$session_id = md5(dss_rand());
Находим (245):
PHP код:
list($sec, $usec) = explode(' ', microtime());
mt_srand(hexdec(substr($session_id, 0, 8)) + (float) $sec + ((float) $usec * 1000000));
$auto_login_key = uniqid(mt_rand(), true);
Заменяем на:
PHP код:
$auto_login_key = dss_rand() . dss_rand();
Находим (519):
PHP код:
WHERE last_login < ' . (time() - (86400 * (int) $board_config['max_autologin_time']));
$db->sql_query($sql);
}
return true;
}
Ниже добавляем:
PHP код:
/**
* Reset all login keys for the specified user
* Called on password changes
*/
function session_reset_keys($user_id, $user_ip)
{
global $db, $userdata;
$key_sql = ($user_id == $userdata['user_id'] && !empty($userdata['session_key'])) ? "AND key_id != '" . md5($userdata['session_key']) . "'" : '';
$sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . '
WHERE user_id = ' . (int) $user_id . "
$key_sql";
if ( !$db->sql_query($sql) )
{
message_die(CRITICAL_ERROR, 'Error removing auto-login keys', '', __LINE__, __FILE__, $sql);
}
$where_sql = 'session_user_id = ' . (int) $user_id;
$where_sql .= ($user_id == $userdata['user_id']) ? " AND session_id <> '" . $userdata['session_id'] . "'" : '';
$sql = 'DELETE FROM ' . SESSIONS_TABLE . "
WHERE $where_sql";
if ( !$db->sql_query($sql) )
{
message_die(CRITICAL_ERROR, 'Error removing user session(s)', '', __LINE__, __FILE__, $sql);
}
if ( !empty($key_sql) )
{
$auto_login_key = dss_rand() . dss_rand();
$current_time = time();
$sql = 'UPDATE ' . SESSIONS_KEYS_TABLE . "
SET last_ip = '$user_ip', key_id = '" . md5($auto_login_key) . "', last_login = $current_time
WHERE key_id = '" . md5($userdata['session_key']) . "'";
if ( !$db->sql_query($sql) )
{
message_die(CRITICAL_ERROR, 'Error updating session key', '', __LINE__, __FILE__, $sql);
}
// And now rebuild the cookie
$sessiondata['userid'] = $user_id;
$sessiondata['autologinid'] = $autologin_id;
$cookiename = $board_config['cookie_name'];
$cookiepath = $board_config['cookie_path'];
$cookiedomain = $board_config['cookie_domain'];
$cookiesecure = $board_config['cookie_secure'];
setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure);
$userdata['session_key'] = $auto_login_key;
unset($sessiondata);
unset($auto_login_key);
}
}
Последний раз редактировалось Soniks, 28.04.2006 в 01:46.
|
|
|
|
|
|
"Если бы вам удалось надавать под зад человеку, виноватому в большинстве ваших неприятностей - вы бы неделю не смогли сидеть". |
|
|
|
|
|
|
|
|
|
|
|
|
13.04.2006, 21:41
Открываем includes/usercp_avatar.php
Находим (103):
PHP код:
if ( !preg_match('#^(http)|(ftp):\/\/#i', $avatar_filename) )
{
$avatar_filename = 'http://' . $avatar_filename;
}
Ниже добавляем:
PHP код:
$avatar_filename = substr($avatar_filename, 0, 100);
Открываем includes/usercp_register.php
Находим (135):
PHP код:
$signature = str_replace('<br />', "\n", $signature);
Заменяем на:
PHP код:
$signature = (isset($signature)) ? str_replace('<br />', "\n", $signature) : '';
$signature_bbcode_uid = '';
Находим и удаляем (298):
PHP код:
// Only compare one char if the zlib-extension is not loaded
if (!@extension_loaded('zlib'))
{
$row['code'] = substr($row['code'], -1);
}
Находим (519):
PHP код:
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not update users table', '', __LINE__, __FILE__, $sql);
}
Ниже добавляем:
PHP код:
// We remove all stored login keys since the password has been updated
// and change the current one (if applicable)
if ( !empty($passwd_sql) )
{
session_reset_keys($user_id, $user_ip);
}
Находим (788):
PHP код:
//
// If an error occured we need to stripslashes on returned data
//
$username = stripslashes($username);
$email = stripslashes($email);
Ниже добавляем:
Находим (813):
PHP код:
else if ( $mode == 'editprofile' && !isset($HTTP_POST_VARS['avatargallery']) && !isset($HTTP_POST_VARS['submitavatar']) && !isset($HTTP_POST_VARS['cancelavatar']) )
{
$user_id = $userdata['user_id'];
$username = $userdata['username'];
$email = $userdata['user_email'];
Ниже добавляем:
Находим (1011):
PHP код:
$confirm_chars = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '1', '2', '3', '4', '5', '6', '7', '8', '9');
list($usec, $sec) = explode(' ', microtime());
mt_srand($sec * $usec);
$max_chars = count($confirm_chars) - 1;
$code = '';
for ($i = 0; $i < 6; $i++)
{
$code .= $confirm_chars[mt_rand(0, $max_chars)];
}
Заменяем на:
PHP код:
// Generate the required confirmation code
// NB 0 (zero) could get confused with O (the letter) so we make change it
$code = dss_rand();
$code = strtoupper(str_replace('0', 'o', substr($code, 6)));
Находим (1042):
PHP код:
'USERNAME' => $username,
'CUR_PASSWORD' => $cur_password,
'NEW_PASSWORD' => $new_password,
'PASSWORD_CONFIRM' => $password_confirm,
'EMAIL' => $email,
Заменяем на:
PHP код:
'USERNAME' => isset($username) ? $username : '',
'CUR_PASSWORD' => isset($cur_password) ? $cur_password : '',
'NEW_PASSWORD' => isset($new_password) ? $new_password : '',
'PASSWORD_CONFIRM' => isset($password_confirm) ? $password_confirm : '',
'EMAIL' => isset($email) ? $email : '',
Открываем modules/Forums/index.php
Находим (133):
PHP код:
while( $category_rows[] = $db->sql_fetchrow($result) );
Заменяем на:
PHP код:
while ($row = $db->sql_fetchrow($result))
{
$category_rows[] = $row;
}
Находим (318):
PHP код:
// Okay, let's build the index
//
for($i = 0; $i < $total_categories; $i++)
{
$cat_id = $category_rows[$i]['cat_id'];
//
// Should we display this category/forum set?
//
$display_forums = false;
for($j = 0; $j < $total_forums; $j++)
{
if ( $is_auth_ary[$forum_data[$j]['forum_id']]['auth_view'] && $forum_data[$j]['cat_id'] == $cat_id )
{
$display_forums = true;
}
}
//
// Yes, we should, so first dump out the category
// title, then, if appropriate the forum list
//
if ( $display_forums )
Заменяем на:
PHP код:
// Let's decide which categories we should display
//
$display_categories = array();
for ($i = 0; $i < $total_forums; $i++ )
{
if ($is_auth_ary[$forum_data[$i]['forum_id']]['auth_view'])
{
$display_categories[$forum_data[$i]['cat_id']] = true;
}
}
//
// Okay, let's build the index
//
for($i = 0; $i < $total_categories; $i++)
{
$cat_id = $category_rows[$i]['cat_id'];
//
// Yes, we should, so first dump out the category
// title, then, if appropriate the forum list
//
if (isset($display_categories[$cat_id]) && $display_categories[$cat_id])
|
|
|
|
|
|
"Если бы вам удалось надавать под зад человеку, виноватому в большинстве ваших неприятностей - вы бы неделю не смогли сидеть". |
|
|
|
|
|
|
|
|
|
|
|
|
14.04.2006, 14:22
Открываем modules/Forums/language/lang_english/email/group_request.tpl
Находим (6):
Код:
A user has requested to join a group you moderator on {SITENAME}.
Заменяем на:
Код:
A user has requested to join a group you moderate on {SITENAME}.
Открываем modules/Forums/language/lang_english/email/user_activate_passwd.tpl
Находим (12):
Код:
If sucessful you will be able to login using the following password:
Заменяем на:
Код:
If successful you will be able to login using the following password:
Открываем modules/Forums/language/lang_english/lang_admin.php
Находим (339):
PHP код:
$lang['Allow_autologin'] = 'Allow automatic logins';
$lang['Allow_autologin_explain'] = 'Determines whether users are allowed to select to be automatically logged in when visiting the forum';
$lang['Autologin_time'] = 'Automatic login key expiry';
$lang['Autologin_time_explain'] = 'How long a autologin key is valid for in days if the user does not visit the board. Set to zero to disable expiry.';
Ниже добавляем:
PHP код:
// Search Flood Control - added 2.0.20
$lang['Search_Flood_Interval'] = 'Search Flood Interval';
$lang['Search_Flood_Interval_explain'] = 'Number of seconds a user must wait between search requests';
Находим (427):
PHP код:
$lang['smiley_edit_success'] = 'The Smiley was successfully updated';
$lang['smiley_import_success'] = 'The Smiley Pack was imported successfully!';
$lang['smiley_del_success'] = 'The Smiley was successfully removed';
$lang['Click_return_smileadmin'] = 'Click %sHere%s to return to Smiley Administration';
Ниже добавляем:
PHP код:
$lang['Confirm_delete_smiley'] = 'Are you sure you want to delete this Smiley?';
Находим (519):
PHP код:
$lang['Word_updated'] = 'The selected word censor has been successfully updated';
$lang['Word_added'] = 'The word censor has been successfully added';
$lang['Word_removed'] = 'The selected word censor has been successfully removed';
$lang['Click_return_wordadmin'] = 'Click %sHere%s to return to Word Censor Administration';
Ниже добавляем:
PHP код:
$lang['Confirm_delete_word'] = 'Are you sure you want to delete this word censor?';
Находим (559):
PHP код:
$lang['Rank_removed'] = 'The rank was successfully deleted';
$lang['No_update_ranks'] = 'The rank was successfully deleted. However, user accounts using this rank were not updated. You will need to manually reset the rank on these accounts';
$lang['Click_return_rankadmin'] = 'Click %sHere%s to return to Rank Administration';
Ниже добавляем:
PHP код:
$lang['Confirm_delete_rank'] = 'Are you sure you want to delete this rank?';
Открываем modules/Forums/language/lang_russian/lang_admin.php
Находим (327):
PHP код:
$lang['Allow_autologin'] = 'Разрешить автоматическую авторизацию';
$lang['Allow_autologin_explain'] = 'Разрешено ли пользователям выбирать, автоматическую авторизацию, посещая форум';
$lang['Autologin_time'] = 'Истечение Автоматической авторизации';
$lang['Autologin_time_explain'] = 'Сколько дней не посещения форума пользователем, система будет хранить информацию о нем. Наберите нолю, чтобы отключить истечение срока.';
Ниже добавляем:
PHP код:
// Search Flood Control - added 2.0.20
$lang['Search_Flood_Interval'] = 'Поисковой интервал (антифлуд)';
$lang['Search_Flood_Interval_explain'] = 'Количество секунд, которое должен выждать пользователь перед новым поиском';
Находим (413):
PHP код:
$lang['smiley_edit_success'] = 'Смайлик был успешно изменён';
$lang['smiley_import_success'] = 'Набор смайликов был успешно импортирован';
$lang['smiley_del_success'] = 'Смайлик был успешно удалён';
$lang['Click_return_smileadmin'] = '%sВернуться к списку смайликов%s';
Ниже добавляем:
PHP код:
$lang['Confirm_delete_smiley'] = 'Вы уверены, что хотите удалить этот смайл?';
Находим (505):
PHP код:
$lang['Word_updated'] = 'Выбранный автоцензор был успешно изменён';
$lang['Word_added'] = 'Автоцензор был успешно добавлен';
$lang['Word_removed'] = 'Выбранный автоцензор был успешно удалён';
$lang['Click_return_wordadmin'] = '%sВернуться к управлению автоцензором%s';
Ниже добавляем:
PHP код:
$lang['Confirm_delete_word'] = 'Вы уверены, что хотите удалить это автоцензор?';
Находим (545):
PHP код:
$lang['Click_return_rankadmin'] = '%sВернуться к управлению званиями%s';
Ниже добавляем:
PHP код:
$lang['Confirm_delete_rank'] = 'Вы уверены, что хотите удалить это звание?';
Открываем modules/Forums/language/lang_english/lang_main.php
Находим (782):
PHP код:
$lang['No_searchable_forums'] = 'You do not have permissions to search any forum on this site.';
$lang['No_search_match'] = 'No topics or posts met your search criteria';
$lang['Found_search_match'] = 'Search found %d match'; // eg. Search found 1 match
$lang['Found_search_matches'] = 'Search found %d matches'; // eg. Search found 24 matches
Ниже добавляем:
PHP код:
$lang['Search_Flood_Error'] = 'You cannot make another search so soon after your last; please try again in a short while.';
Открываем modules/Forums/language/lang_russian/lang_main.php
Находим (764):
PHP код:
$lang['No_searchable_forums'] = 'У вас нет доступа к поиску ни в одном из форумов на сайте';
$lang['No_search_match'] = 'Подходящих тем или сообщений не найдено';
$lang['Found_search_match'] = 'Результатов поиска: %d'; // eg. Search found 1 match
$lang['Found_search_matches'] = 'Результатов поиска: %d'; // eg. Search found 24 matches
Ниже добавляем:
PHP код:
$lang['Search_Flood_Error'] = 'Вы не можете еще раз воспользоваться поиском, пожалуйста, попробуйте сделать это чуть позднее.';
Последний раз редактировалось Soniks, 15.04.2006 в 13:43.
|
|
|
|
|
|
"Если бы вам удалось надавать под зад человеку, виноватому в большинстве ваших неприятностей - вы бы неделю не смогли сидеть". |
|
|
|
|
|
|
|
|
|
|
|
|
14.04.2006, 14:52
Открываем modules/Forums/login.php
Находим (91):
PHP код:
$row['user_last_login_try'] >= (time() - ($board_config['login_reset_time'] * 60)) && $row['user_login_tries'] >= $board_config['max_login_attempts'])
Заменяем на:
PHP код:
$row['user_last_login_try'] >= (time() - ($board_config['login_reset_time'] * 60)) && $row['user_login_tries'] >= $board_config['max_login_attempts'] && $userdata['user_level'] != ADMIN)
Находим (116):
PHP код:
else
{
// Save login tries and last login
Заменяем на: (изменено)
PHP код:
else
{
// Save login tries and last login, but only store a failed login attempt for an
// active user - inactive users can't login even with a correct password
if ( $row['user_id'] != ANONYMOUS && $row['user_active'] )
Открываем modules/Members_List/index.php
Находим (247):
PHP код:
$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . $lang['Search_user_posts'] . '" title="' . $lang['Search_user_posts'] . '" border="0" /></a>';
$search = '<a href="' . $temp_url . '">' . $lang['Search_user_posts'] . '</a>';
Заменяем на:
PHP код:
$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $username) . '" title="' . sprintf($lang['Search_user_posts'], $username) . '" border="0" /></a>';
$search = '<a href="' . $temp_url . '">' . sprintf($lang['Search_user_posts'], $username) . '</a>';
Открываем modules/Forums/modcp.php
Находим (234):
PHP код:
$page_title = $lang['Mod_CP'];
include("includes/page_header.php");
if ( $confirm )
{
Ниже добавляем:
PHP код:
if ( empty($HTTP_POST_VARS['topic_id_list']) && empty($topic_id) )
{
message_die(GENERAL_MESSAGE, $lang['None_selected']);
}
Находим (264):
PHP код:
while ($row = $db->sql_fetchrow($result))
{
$topic_id_sql .= (($topic_id_sql != '') ? ', ' : '') . intval($row['topic_id']);
}
$db->sql_freeresult($result);
Ниже добавляем:
PHP код:
if ( $topic_id_sql == '')
{
message_die(GENERAL_MESSAGE, $lang['None_selected']);
}
Находим (750):
PHP код:
while ($row = $db->sql_fetchrow($result))
{
$post_id_sql .= (($post_id_sql != '') ? ', ' : '') . intval($row['post_id']);
}
$db->sql_freeresult($result);
Ниже добавляем:
PHP код:
if ($post_id_sql == '')
{
message_die(GENERAL_MESSAGE, $lang['None_selected']);
}
Находим (1008):
PHP код:
$ip_this_post = ( $rdns_ip_num == $ip_this_post ) ? gethostbyaddr($ip_this_post) : $ip_this_post;
Заменяем на:
PHP код:
$ip_this_post = ( $rdns_ip_num == $ip_this_post ) ? htmlspecialchars(gethostbyaddr($ip_this_post)) : $ip_this_post;
Находим (1053):
PHP код:
$ip = ( $rdns_ip_num == $row['poster_ip'] || $rdns_ip_num == 'all') ? gethostbyaddr($ip) : $ip;
Заменяем на:
PHP код:
$ip = ( $rdns_ip_num == $row['poster_ip'] || $rdns_ip_num == 'all') ? htmlspecialchars(gethostbyaddr($ip)) : $ip;
Открываем modules/Forums/posting.php
Находим (642):
PHP код:
$poll_options[$option_id] = htmlspecialchars(trim(stripslashes($option_text))) ;
Заменяем на:
PHP код:
$poll_options[intval($option_id)] = htmlspecialchars(trim(stripslashes($option_text))) ;
Открываем modules/Private_Messages/index.php
Находим (1251):
PHP код:
$privmsg_subject = trim(strip_tags($HTTP_POST_VARS['subject']));
Заменяем на:
PHP код:
$privmsg_subject = trim(htmlspecialchars($HTTP_POST_VARS['subject']));
Находим (1373):
PHP код:
message_die(GENERAL_ERROR, "Could not insert/update private message sent text.", "", __LINE__, __FILE__, $sql_info);
Заменяем на:
PHP код:
message_die(GENERAL_ERROR, "Could not insert/update private message sent text.", "", __LINE__, __FILE__, $sql);
Находим (1437):
PHP код:
$privmsg_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(strip_tags(stripslashes($HTTP_POST_VARS['subject']))) : '';
Заменяем на:
PHP код:
$privmsg_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(htmlspecialchars(stripslashes($HTTP_POST_VARS ['subject']))) : '';
Находим (1572):
PHP код:
}
$privmsg_subject = ( ( !preg_match('/^Re:/', $privmsg['privmsgs_subject']) ) ? 'Re: ' : '' ) . $privmsg['privmsgs_subject'];
Заменяем на: (изменено)
PHP код:
}
$orig_word = $replacement_word = array();
obtain_word_list($orig_word, $replacement_word);
$privmsg_subject = ( ( !preg_match('/^Re:/', $privmsg['privmsgs_subject']) ) ? 'Re: ' : '' ) . $privmsg['privmsgs_subject'];
$privmsg_subject = preg_replace($orig_word, $replacement_word, $privmsg_subject);
Находим (1587):
PHP код:
$privmsg_bbcode_uid = $privmsg['privmsgs_bbcode_uid'];
$privmsg_message = preg_replace("/\:(([a-z0-9]:)?)$privmsg_bbcode_uid/si", '', $privmsg_message);
$privmsg_message = str_replace('<br />', "\n", $privmsg_message);
$privmsg_message = preg_replace('#</textarea>#si', '</textarea>', $privmsg_message);
Ниже добавляем:
PHP код:
$privmsg_message = preg_replace($orig_word, $replacement_word, $privmsg_message);
Находим и удаляем (1816):
PHP код:
$privmsg_subject = preg_replace($html_entities_match, $html_entities_replace, $privmsg_subject);
$privmsg_subject = str_replace('"', '"', $privmsg_subject);
Открываем modules/Forums/profile.php
Находим (75):
PHP код:
$chars = array( 'a', 'A', 'b', 'B', 'c', 'C', 'd', 'D', 'e', 'E', 'f', 'F', 'g', 'G', 'h', 'H', 'i', 'I', 'j', 'J', 'k', 'K', 'l', 'L', 'm', 'M', 'n', 'N', 'o', 'O', 'p', 'P', 'q', 'Q', 'r', 'R', 's', 'S', 't', 'T', 'u', 'U', 'v', 'V', 'w', 'W', 'x', 'X', 'y', 'Y', 'z', 'Z', '1', '2', '3', '4', '5', '6', '7', '8', '9', '0');
$max_chars = count($chars) - 1;
srand( (double) microtime()*1000000);
$rand_str = '';
for($i = 0; $i < 8; $i++)
{
$rand_str = ( $i == 0 ) ? $chars[rand(0, $max_chars)] : $rand_str . $chars[rand(0, $max_chars)];
}
return ( $hash ) ? md5($rand_str) : $rand_str;
Заменяем на: (изменено)
PHP код:
$rand_str = dss_rand();
return ( $hash ) ? md5($rand_str) : substr($rand_str, 0, 8);
Последний раз редактировалось Soniks, 28.04.2006 в 02:10.
|
|
|
|
|
|
"Если бы вам удалось надавать под зад человеку, виноватому в большинстве ваших неприятностей - вы бы неделю не смогли сидеть". |
|
|
|
|
|
|
|
|
|
|
|
|
14.04.2006, 14:59
Открываем modules/Forums/search.php
Находим (161):
PHP код:
$search_results = '';
//
// Search ID Limiter, decrease this value if you experience further timeout problems with searching forums
$limiter = 5000;
Ниже добавляем:
Находим (169):
PHP код:
//
// Cycle through options ...
//
if ( $search_id == 'newposts' || $search_id == 'egosearch' || $search_id == 'unanswered' || $search_keywords != '' || $search_author != '' )
{
Ниже добавляем:
PHP код:
//
// Flood control
//
$where_sql = ($userdata['user_id'] == ANONYMOUS) ? "se.session_ip = '$user_ip'" : 'se.session_user_id = ' . $userdata['user_id'];
$sql = 'SELECT MAX(sr.search_time) AS last_search_time
FROM ' . SEARCH_TABLE . ' sr, ' . SESSIONS_TABLE . " se
WHERE sr.session_id = se.session_id
AND $where_sql";
if ($result = $db->sql_query($sql))
{
if ($row = $db->sql_fetchrow($result))
{
if (intval($row['last_search_time']) > 0 && ($current_time - intval($row['last_search_time'])) < intval($board_config['search_flood_interval']))
{
message_die(GENERAL_MESSAGE, $lang['Search_Flood_Error']);
}
}
}
Находим (231):
PHP код:
if (preg_match('#^[\*%]+$#', trim($search_author)) || preg_match('#^[^\*]{1,2}$#', str_replace(array('*', '%'), '', trim($search_author))))
{
$search_author = '';
}
$search_author = str_replace('*', '%', trim($search_author));
Заменяем на:
PHP код:
$search_author = str_replace('*', '%', trim($search_author));
if( ( strpos($search_author, '%') !== false ) && ( strlen(str_replace('%', '', $search_author)) < 3 ) )
{
$search_author = '';
}
Находим (455):
PHP код:
if (preg_match('#^[\*%]+$#', trim($search_author)) || preg_match('#^[^\*]{1,2}$#', str_replace(array('*', '%'), '', trim($search_author))))
{
$search_author = '';
}
$search_author = str_replace('*', '%', trim(str_replace("\'", "''", $search_author)));
Заменяем на:
PHP код:
$search_author = str_replace('*', '%', trim($search_author));
if( ( strpos($search_author, '%') !== false ) && ( strlen(str_replace('%', '', $search_author)) < 3 ) )
{
$search_author = '';
}
Находим (665):
PHP код:
// Finish building query (for all combinations)
// and run it ...
//
$sql = "SELECT session_id
FROM " . SESSIONS_TABLE;
if ( $result = $db->sql_query($sql) )
{
$delete_search_ids = array();
while( $row = $db->sql_fetchrow($result) )
{
$delete_search_ids[] = "'" . $row['session_id'] . "'";
}
if ( count($delete_search_ids) )
{
$sql = "DELETE FROM " . SEARCH_TABLE . "
WHERE session_id NOT IN (" . implode(", ", $delete_search_ids) . ")";
if ( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete old search id sessions', '', __LINE__, __FILE__, $sql);
}
}
Заменяем на:
PHP код:
// Delete old data from the search result table
//
$sql = 'DELETE FROM ' . SEARCH_TABLE . '
WHERE search_time < ' . ($current_time - (int) $board_config['session_length']);
if ( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete old search id sessions', '', __LINE__, __FILE__, $sql);
Находим (713):
PHP код:
SET search_id = $search_id, search_array = '" . str_replace("\'", "''", $result_array) . "'
WHERE session_id = '" . $userdata['session_id'] . "'";
if ( !($result = $db->sql_query($sql)) || !$db->sql_affectedrows() )
{
$sql = "INSERT INTO " . SEARCH_TABLE . " (search_id, session_id, search_array)
VALUES('$search_id', '" . $userdata['session_id'] . "', '" . str_replace("\'", "''", $result_array) . "')";
Заменяем на:
PHP код:
SET search_id = $search_id, search_time = $current_time, search_array = '" . str_replace("\'", "''", $result_array) . "'
WHERE session_id = '" . $userdata['session_id'] . "'";
if ( !($result = $db->sql_query($sql)) || !$db->sql_affectedrows() )
{
$sql = "INSERT INTO " . SEARCH_TABLE . " (search_id, session_id, search_time, search_array)
VALUES($search_id, '" . $userdata['session_id'] . "', $current_time, '" . str_replace("\'", "''", $result_array) . "')";
Открываем modules/Forums/templates/subSilver/admin/board_config_body.tpl
Находим (52):
Код HTML:
<td class="row2"><input type="radio" name="board_email_form" value="1" {BOARD_EMAIL_FORM_ENABLE} /> {L_ENABLED} <input type="radio" name="board_email_form" value="0" {BOARD_EMAIL_FORM_DISABLE} /> {L_DISABLED}</td>
</tr>
<tr>
<td class="row1">{L_FLOOD_INTERVAL} <br /><span class="gensmall">{L_FLOOD_INTERVAL_EXPLAIN}</span></td>
<td class="row2"><input class="post" type="text" size="3" maxlength="4" name="flood_interval" value="{FLOOD_INTERVAL}" /></td>
Ниже добавляем:
Код HTML:
</tr>
<tr>
<td class="row1">{L_SEARCH_FLOOD_INTERVAL} <br /><span class="gensmall">{L_SEARCH_FLOOD_INTERVAL_EXPLAIN}</span></td>
<td class="row2"><input class="post" type="text" size="3" maxlength="4" name="search_flood_interval" value="{SEARCH_FLOOD_INTERVAL}" /></td>
Открываем modules/Forums/templates/subSilver/confirm_body.tpl
Находим (10):
Код HTML:
<th class="thHead" height="25" valign="middle"><span class="tableTitle">{MESSAGE_TITLE}</span></th>
Заменяем на:
Код HTML:
<th class="thHead" height="25" valign="middle">{MESSAGE_TITLE}</th>
|
|
|
|
|
|
"Если бы вам удалось надавать под зад человеку, виноватому в большинстве ваших неприятностей - вы бы неделю не смогли сидеть". |
|
|
|
|
|
|
|
|
|
|
|
|
14.04.2006, 15:37
- Скопируйте файл из атача в директорию с php-nuke.
- Выполните SQL-запросы:
Код:
INSERT INTO nuke_bbconfig (config_name, config_value) VALUES ('search_flood_interval', '15')
Код:
INSERT INTO nuke_bbconfig (config_name, config_value) VALUES ('rand_seed', '0')
Код:
DELETE FROM nuke_bbsessions
Код:
DELETE FROM nuke_bbsessions_keys
Код:
ALTER TABLE nuke_bbsearch_results ADD COLUMN search_time int(11) DEFAULT '0' NOT NULL
Код:
UPDATE nuke_bbconfig SET config_value = '.0.20' WHERE config_name = 'version'
не забываем в запросах менять префикс таблиц nuke_ на свой.
На этом все! |
|
|
|
|
|
"Если бы вам удалось надавать под зад человеку, виноватому в большинстве ваших неприятностей - вы бы неделю не смогли сидеть". |
|
|
|
|
|
|
|
|
| Опции темы |
Поиск в этой теме |
|
|
|
| Опции просмотра |
 Линейный вид
|
Ваши права в разделе
|
Вы не можете создавать темы
Вы не можете отвечать на сообщения
Вы не можете прикреплять файлы
Вы не можете редактировать сообщения
HTML код Выкл.
|
|
|
Часовой пояс GMT +4, время: 20:07.
|
 |
|
 |
|
 |
 |
|
 |
 |
|
|
|
