diff options
| author |   Meik Sievertsen <acydburn@phpbb.com> | 2006-12-16 13:11:28 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2006-12-16 13:11:28 +0000 |
| commit | 688d57f99ce0019feb6c271d28e3d01779fc8b58 (patch) | |
| tree | f5aa11b6f7bf19be6cf26cc6c80c24553bd8ddb6 | |
| parent | - new members of moderator groups should always become moderators [Bug #382] (diff) | |
| download | phpbb-688d57f99ce0019feb6c271d28e3d01779fc8b58.tar.gz phpbb-688d57f99ce0019feb6c271d28e3d01779fc8b58.tar.bz2 phpbb-688d57f99ce0019feb6c271d28e3d01779fc8b58.zip | |
some changes for the new version
- it would be nice if anyone able would be testing these changes on their installations and report bugs as soon as possible (also do not hestitate to PM the developers. ;)).
- the changelog is ommitted for now - it will get checked in later.
git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@6772 89ea8834-ac86-4346-8a33-228a782c2dd0
| -rw-r--r-- | phpBB/admin/admin_board.php | 10 | ||||
| -rw-r--r-- | phpBB/docs/INSTALL.html | 4 | ||||
| -rw-r--r-- | phpBB/groupcp.php | 1 | ||||
| -rw-r--r-- | phpBB/includes/functions.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/usercp_email.php | 242 | ||||
| -rw-r--r-- | phpBB/includes/usercp_register.php | 9 | ||||
| -rw-r--r-- | phpBB/install/schemas/ms_access_primer.zip | bin | 53566 -> 53579 bytes | |||
| -rw-r--r-- | phpBB/install/schemas/mssql_basic.sql | 2 | ||||
| -rw-r--r-- | phpBB/install/schemas/mysql_basic.sql | 2 | ||||
| -rw-r--r-- | phpBB/install/schemas/postgres_basic.sql | 2 | ||||
| -rw-r--r-- | phpBB/install/update_to_latest.php | 4 | ||||
| -rw-r--r-- | phpBB/language/lang_english/lang_main.php | 2 | ||||
| -rw-r--r-- | phpBB/login.php | 4 | ||||
| -rw-r--r-- | phpBB/memberlist.php | 1 | ||||
| -rw-r--r-- | phpBB/modcp.php | 1 | ||||
| -rw-r--r-- | phpBB/posting.php | 14 | ||||
| -rw-r--r-- | phpBB/privmsg.php | 17 | ||||
| -rw-r--r-- | phpBB/search.php | 1 | ||||
| -rw-r--r-- | phpBB/viewforum.php | 1 | ||||
| -rw-r--r-- | phpBB/viewtopic.php | 1 |
20 files changed, 189 insertions, 131 deletions
diff --git a/phpBB/admin/admin_board.php b/phpBB/admin/admin_board.php index 3b63f6ea17..4b10039506 100644 --- a/phpBB/admin/admin_board.php +++ b/phpBB/admin/admin_board.php @@ -59,6 +59,16 @@ else $new['server_name'] = str_replace('http://', '', $new['server_name']); } + // Attempt to prevent a mistake with this value. + if ($config_name == 'avatar_path') + { + $new['avatar_path'] = trim($new['avatar_path']); + if (strstr($new['avatar_path'], "\0") || !is_dir($phpbb_root_path . $new['avatar_path']) || !is_writable($phpbb_root_path . $new['avatar_path'])) + { + $new['avatar_path'] = $default_config['avatar_path']; + } + } + if( isset($HTTP_POST_VARS['submit']) ) { $sql = "UPDATE " . CONFIG_TABLE . " SET diff --git a/phpBB/docs/INSTALL.html b/phpBB/docs/INSTALL.html index 573b0ac834..51a8f937c8 100644 --- a/phpBB/docs/INSTALL.html +++ b/phpBB/docs/INSTALL.html @@ -194,7 +194,7 @@ p,ul,td {font-size:10pt;} <a name="upgradeSTABLE_files"></a><h3 class="h3">7.ii. Changed files only</h3> -<p>This package contains a number of archives, each contains the files changed from a given release to the latest version. You should select the appropriate archive for your current version, e.g. if you currently have 2.0.20 you should select the phpBB-2.0.20_to_2.0.21.zip/tar.gz file.</p> +<p>This package contains a number of archives, each contains the files changed from a given release to the latest version. You should select the appropriate archive for your current version, e.g. if you currently have 2.0.21 you should select the phpBB-2.0.21_to_2.0.22.zip/tar.gz file.</p> <p>The directory structure has been preserved enabling you (if you wish) to simply upload the contents of the archive to the appropriate location on your server, i.e. simply overwrite the existing files with the new versions. Do not forget that if you have installed any Mods these files will overwrite the originals possibly destroying them in the process. You will need to re-add Mods to any affected file before uploading.</p> @@ -204,7 +204,7 @@ p,ul,td {font-size:10pt;} <p>The patch file is probably the best solution for those with many Mods or other changes who do not want to re-add them back to all the changed files. To use this you will need command line access to a standard UNIX type <b>patch</b> application.</p> -<p>A number of patch files are provided to allow you to upgrade from previous stable releases. Select the correct patch, e.g. if your current version is 2.0.20 you need the phpBB-2.0.20_to_2.0.21.patch. Place the correct patch in the parent directory containing the phpBB 2 core files (i.e. index.php, viewforum.php, etc.). With this done you should run the following command: <b>patch -cl -d [PHPBB DIRECTORY] -p1 < [PATCH NAME]</b> (where PHPBB DIRECTORY is the directory name your phpBB Installation resides in, for example phpBB2, and where PATCH NAME is the relevant filename of the selected patch file). This should complete quickly, hopefully without any HUNK FAILED comments.</p> +<p>A number of patch files are provided to allow you to upgrade from previous stable releases. Select the correct patch, e.g. if your current version is 2.0.21 you need the phpBB-2.0.21_to_2.0.22.patch. Place the correct patch in the parent directory containing the phpBB 2 core files (i.e. index.php, viewforum.php, etc.). With this done you should run the following command: <b>patch -cl -d [PHPBB DIRECTORY] -p1 < [PATCH NAME]</b> (where PHPBB DIRECTORY is the directory name your phpBB Installation resides in, for example phpBB2, and where PATCH NAME is the relevant filename of the selected patch file). This should complete quickly, hopefully without any HUNK FAILED comments.</p> <p>If you do get failures you should look at using the <a href="#upgradeSTABLE_files">Changed files only</a> package to replace the files which failed to patch, please note that you will need to manually re-add any Mods to these particular files. Alternatively if you know how you can examine the .rej files to determine what failed where and make manual adjustments to the relevant source.</p> diff --git a/phpBB/groupcp.php b/phpBB/groupcp.php index f81b93dc6b..cdf62749be 100644 --- a/phpBB/groupcp.php +++ b/phpBB/groupcp.php @@ -148,6 +148,7 @@ $confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : 0; $cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : 0; $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0; +$start = ($start < 0) ? 0 : $start; // // Default var values diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 5fc5a27bc9..2fa045cc4f 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -917,7 +917,7 @@ function redirect($url) $db->sql_close(); } - if (strstr(urldecode($url), "\n") || strstr(urldecode($url), "\r")) + if (strstr(urldecode($url), "\n") || strstr(urldecode($url), "\r") || strstr(urldecode($url), ';url')) { message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.'); } diff --git a/phpBB/includes/usercp_email.php b/phpBB/includes/usercp_email.php index afe21ef59d..79001b54f3 100644 --- a/phpBB/includes/usercp_email.php +++ b/phpBB/includes/usercp_email.php @@ -52,84 +52,67 @@ $sql = "SELECT username, user_email, user_viewemail, user_lang WHERE user_id = $user_id"; if ( $result = $db->sql_query($sql) ) { - $row = $db->sql_fetchrow($result); - - $username = $row['username']; - $user_email = $row['user_email']; - $user_lang = $row['user_lang']; - - if ( $row['user_viewemail'] || $userdata['user_level'] == ADMIN ) + if ( $row = $db->sql_fetchrow($result) ) { - if ( time() - $userdata['user_emailtime'] < $board_config['flood_interval'] ) - { - message_die(GENERAL_MESSAGE, $lang['Flood_email_limit']); - } - if ( isset($HTTP_POST_VARS['submit']) ) + $username = $row['username']; + $user_email = $row['user_email']; + $user_lang = $row['user_lang']; + + if ( $row['user_viewemail'] || $userdata['user_level'] == ADMIN ) { - $error = FALSE; - - if ( !empty($HTTP_POST_VARS['subject']) ) - { - $subject = trim(stripslashes($HTTP_POST_VARS['subject'])); - } - else + if ( time() - $userdata['user_emailtime'] < $board_config['flood_interval'] ) { - $error = TRUE; - $error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Empty_subject_email'] : $lang['Empty_subject_email']; + message_die(GENERAL_MESSAGE, $lang['Flood_email_limit']); } - - if ( !empty($HTTP_POST_VARS['message']) ) - { - $message = trim(stripslashes($HTTP_POST_VARS['message'])); - } - else - { - $error = TRUE; - $error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Empty_message_email'] : $lang['Empty_message_email']; - } - - if ( !$error ) + + if ( isset($HTTP_POST_VARS['submit']) ) { - $sql = "UPDATE " . USERS_TABLE . " - SET user_emailtime = " . time() . " - WHERE user_id = " . $userdata['user_id']; - if ( $result = $db->sql_query($sql) ) + $error = FALSE; + + if ( !empty($HTTP_POST_VARS['subject']) ) { - include($phpbb_root_path . 'includes/emailer.'.$phpEx); - $emailer = new emailer($board_config['smtp_delivery']); - - $emailer->from($userdata['user_email']); - $emailer->replyto($userdata['user_email']); - - $email_headers = 'X-AntiAbuse: Board servername - ' . $server_name . "\n"; - $email_headers .= 'X-AntiAbuse: User_id - ' . $userdata['user_id'] . "\n"; - $email_headers .= 'X-AntiAbuse: Username - ' . $userdata['username'] . "\n"; - $email_headers .= 'X-AntiAbuse: User IP - ' . decode_ip($user_ip) . "\n"; - - $emailer->use_template('profile_send_email', $user_lang); - $emailer->email_address($user_email); - $emailer->set_subject($subject); - $emailer->extra_headers($email_headers); - - $emailer->assign_vars(array( - 'SITENAME' => $board_config['sitename'], - 'BOARD_EMAIL' => $board_config['board_email'], - 'FROM_USERNAME' => $userdata['username'], - 'TO_USERNAME' => $username, - 'MESSAGE' => $message) - ); - $emailer->send(); - $emailer->reset(); - - if ( !empty($HTTP_POST_VARS['cc_email']) ) + $subject = trim(stripslashes($HTTP_POST_VARS['subject'])); + } + else + { + $error = TRUE; + $error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Empty_subject_email'] : $lang['Empty_subject_email']; + } + + if ( !empty($HTTP_POST_VARS['message']) ) + { + $message = trim(stripslashes($HTTP_POST_VARS['message'])); + } + else + { + $error = TRUE; + $error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Empty_message_email'] : $lang['Empty_message_email']; + } + + if ( !$error ) + { + $sql = "UPDATE " . USERS_TABLE . " + SET user_emailtime = " . time() . " + WHERE user_id = " . $userdata['user_id']; + if ( $result = $db->sql_query($sql) ) { + include($phpbb_root_path . 'includes/emailer.'.$phpEx); + $emailer = new emailer($board_config['smtp_delivery']); + $emailer->from($userdata['user_email']); $emailer->replyto($userdata['user_email']); - $emailer->use_template('profile_send_email'); - $emailer->email_address($userdata['user_email']); + + $email_headers = 'X-AntiAbuse: Board servername - ' . $server_name . "\n"; + $email_headers .= 'X-AntiAbuse: User_id - ' . $userdata['user_id'] . "\n"; + $email_headers .= 'X-AntiAbuse: Username - ' . $userdata['username'] . "\n"; + $email_headers .= 'X-AntiAbuse: User IP - ' . decode_ip($user_ip) . "\n"; + + $emailer->use_template('profile_send_email', $user_lang); + $emailer->email_address($user_email); $emailer->set_subject($subject); - + $emailer->extra_headers($email_headers); + $emailer->assign_vars(array( 'SITENAME' => $board_config['sitename'], 'BOARD_EMAIL' => $board_config['board_email'], @@ -139,72 +122,95 @@ if ( $result = $db->sql_query($sql) ) ); $emailer->send(); $emailer->reset(); + + if ( !empty($HTTP_POST_VARS['cc_email']) ) + { + $emailer->from($userdata['user_email']); + $emailer->replyto($userdata['user_email']); + $emailer->use_template('profile_send_email'); + $emailer->email_address($userdata['user_email']); + $emailer->set_subject($subject); + + $emailer->assign_vars(array( + 'SITENAME' => $board_config['sitename'], + 'BOARD_EMAIL' => $board_config['board_email'], + 'FROM_USERNAME' => $userdata['username'], + 'TO_USERNAME' => $username, + 'MESSAGE' => $message) + ); + $emailer->send(); + $emailer->reset(); + } + + $template->assign_vars(array( + 'META' => '<meta http-equiv="refresh" content="5;url=' . append_sid("index.$phpEx") . '">') + ); + + $message = $lang['Email_sent'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>'); + + message_die(GENERAL_MESSAGE, $message); + } + else + { + message_die(GENERAL_ERROR, 'Could not update last email time', '', __LINE__, __FILE__, $sql); } - - $template->assign_vars(array( - 'META' => '<meta http-equiv="refresh" content="5;url=' . append_sid("index.$phpEx") . '">') - ); - - $message = $lang['Email_sent'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>'); - - message_die(GENERAL_MESSAGE, $message); - } - else - { - message_die(GENERAL_ERROR, 'Could not update last email time', '', __LINE__, __FILE__, $sql); } } - } - - include($phpbb_root_path . 'includes/page_header.'.$phpEx); - - $template->set_filenames(array( - 'body' => 'profile_send_email.tpl') - ); - make_jumpbox('viewforum.'.$phpEx); - - if ( $error ) - { + + include($phpbb_root_path . 'includes/page_header.'.$phpEx); + $template->set_filenames(array( - 'reg_header' => 'error_body.tpl') + 'body' => 'profile_send_email.tpl') ); + make_jumpbox('viewforum.'.$phpEx); + + if ( $error ) + { + $template->set_filenames(array( + 'reg_header' => 'error_body.tpl') + ); + $template->assign_vars(array( + 'ERROR_MESSAGE' => $error_msg) + ); + $template->assign_var_from_handle('ERROR_BOX', 'reg_header'); + } + $template->assign_vars(array( - 'ERROR_MESSAGE' => $error_msg) + 'USERNAME' => $username, + + 'S_HIDDEN_FIELDS' => '', + 'S_POST_ACTION' => append_sid("profile.$phpEx?mode=email&" . POST_USERS_URL . "=$user_id"), + + 'L_SEND_EMAIL_MSG' => $lang['Send_email_msg'], + 'L_RECIPIENT' => $lang['Recipient'], + 'L_SUBJECT' => $lang['Subject'], + 'L_MESSAGE_BODY' => $lang['Message_body'], + 'L_MESSAGE_BODY_DESC' => $lang['Email_message_desc'], + 'L_EMPTY_SUBJECT_EMAIL' => $lang['Empty_subject_email'], + 'L_EMPTY_MESSAGE_EMAIL' => $lang['Empty_message_email'], + 'L_OPTIONS' => $lang['Options'], + 'L_CC_EMAIL' => $lang['CC_email'], + 'L_SPELLCHECK' => $lang['Spellcheck'], + 'L_SEND_EMAIL' => $lang['Send_email']) ); - $template->assign_var_from_handle('ERROR_BOX', 'reg_header'); + + $template->pparse('body'); + + include($phpbb_root_path . 'includes/page_tail.'.$phpEx); + } + else + { + message_die(GENERAL_MESSAGE, $lang['User_prevent_email']); } - - $template->assign_vars(array( - 'USERNAME' => $username, - - 'S_HIDDEN_FIELDS' => '', - 'S_POST_ACTION' => append_sid("profile.$phpEx?mode=email&" . POST_USERS_URL . "=$user_id"), - - 'L_SEND_EMAIL_MSG' => $lang['Send_email_msg'], - 'L_RECIPIENT' => $lang['Recipient'], - 'L_SUBJECT' => $lang['Subject'], - 'L_MESSAGE_BODY' => $lang['Message_body'], - 'L_MESSAGE_BODY_DESC' => $lang['Email_message_desc'], - 'L_EMPTY_SUBJECT_EMAIL' => $lang['Empty_subject_email'], - 'L_EMPTY_MESSAGE_EMAIL' => $lang['Empty_message_email'], - 'L_OPTIONS' => $lang['Options'], - 'L_CC_EMAIL' => $lang['CC_email'], - 'L_SPELLCHECK' => $lang['Spellcheck'], - 'L_SEND_EMAIL' => $lang['Send_email']) - ); - - $template->pparse('body'); - - include($phpbb_root_path . 'includes/page_tail.'.$phpEx); } else { - message_die(GENERAL_MESSAGE, $lang['User_prevent_email']); + message_die(GENERAL_MESSAGE, $lang['User_not_exist']); } } else { - message_die(GENERAL_MESSAGE, $lang['User_not_exist']); + message_die(GENERAL_ERROR, 'Could not select user data', '', __LINE__, __FILE__, $sql); } ?>
\ No newline at end of file diff --git a/phpBB/includes/usercp_register.php b/phpBB/includes/usercp_register.php index 05efe1ee21..1fd4f39cd0 100644 --- a/phpBB/includes/usercp_register.php +++ b/phpBB/includes/usercp_register.php @@ -144,6 +144,7 @@ if ( $notifyreply = ( isset($HTTP_POST_VARS['notifyreply']) ) ? ( ($HTTP_POST_VARS['notifyreply']) ? TRUE : 0 ) : 0; $notifypm = ( isset($HTTP_POST_VARS['notifypm']) ) ? ( ($HTTP_POST_VARS['notifypm']) ? TRUE : 0 ) : TRUE; $popup_pm = ( isset($HTTP_POST_VARS['popup_pm']) ) ? ( ($HTTP_POST_VARS['popup_pm']) ? TRUE : 0 ) : TRUE; + $sid = (isset($HTTP_POST_VARS['sid'])) ? $HTTP_POST_VARS['sid'] : 0; if ( $mode == 'register' ) { @@ -253,6 +254,13 @@ if ( isset($HTTP_POST_VARS['submit']) ) { include($phpbb_root_path . 'includes/usercp_avatar.'.$phpEx); + // session id check + if ($sid == '' || $sid != $userdata['session_id']) + { + $error = true; + $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Session_invalid']; + } + $passwd_sql = ''; if ( $mode == 'editprofile' ) { @@ -893,6 +901,7 @@ else } $s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />'; + $s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />'; if( $mode == 'editprofile' ) { $s_hidden_fields .= '<input type="hidden" name="user_id" value="' . $userdata['user_id'] . '" />'; diff --git a/phpBB/install/schemas/ms_access_primer.zip b/phpBB/install/schemas/ms_access_primer.zip Binary files differindex 9e88c483b8..96b10efae9 100644 --- a/phpBB/install/schemas/ms_access_primer.zip +++ b/phpBB/install/schemas/ms_access_primer.zip diff --git a/phpBB/install/schemas/mssql_basic.sql b/phpBB/install/schemas/mssql_basic.sql index c4bc82a6e4..348ca0e230 100644 --- a/phpBB/install/schemas/mssql_basic.sql +++ b/phpBB/install/schemas/mssql_basic.sql @@ -75,7 +75,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('record_online_date INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_name', 'www.yourdomain.tld'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_port', '80'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('script_path', '/phpBB2/'); -INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '.0.21'); +INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '.0.22'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('rand_seed', '0'); /* diff --git a/phpBB/install/schemas/mysql_basic.sql b/phpBB/install/schemas/mysql_basic.sql index 239fc5e5ce..d76ad992b6 100644 --- a/phpBB/install/schemas/mysql_basic.sql +++ b/phpBB/install/schemas/mysql_basic.sql @@ -68,7 +68,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('record_online_date INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_name', 'www.myserver.tld'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_port', '80'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('script_path', '/phpBB2/'); -INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '.0.21'); +INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '.0.22'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('rand_seed', '0'); diff --git a/phpBB/install/schemas/postgres_basic.sql b/phpBB/install/schemas/postgres_basic.sql index 2954bf8d22..3e33b7132e 100644 --- a/phpBB/install/schemas/postgres_basic.sql +++ b/phpBB/install/schemas/postgres_basic.sql @@ -69,7 +69,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('record_online_date INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_name', 'www.yourdomain.tld'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_port', '80'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('script_path', '/phpBB2/'); -INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '.0.21'); +INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '.0.22'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('rand_seed', '0'); -- Categories diff --git a/phpBB/install/update_to_latest.php b/phpBB/install/update_to_latest.php index 4b91c9455b..237fd2045d 100644 --- a/phpBB/install/update_to_latest.php +++ b/phpBB/install/update_to_latest.php @@ -59,7 +59,7 @@ include($phpbb_root_path . 'includes/db.'.$phpEx); // // // -$updates_to_version = '.0.21'; +$updates_to_version = '.0.22'; // // // @@ -1143,7 +1143,7 @@ switch (SQL_LAYER) { case 'mysql': case 'mysql4': - $sql = 'OPTIMIZE TABLE ' . $table_prefix . 'auth_access, ' . $table_prefix . 'banlist, ' . $table_prefix . 'categories, ' . $table_prefix . 'config, ' . $table_prefix . 'disallow, ' . $table_prefix . 'forum_prune, ' . $table_prefix . 'forums, ' . $table_prefix . 'groups, ' . $table_prefix . 'posts, ' . $table_prefix . 'posts_text, ' . $table_prefix . 'privmsgs, ' . $table_prefix . 'privmsgs_text, ' . $table_prefix . 'ranks, ' . $table_prefix . 'search_results, ' . $table_prefix . 'search_wordlist, ' . $table_prefix . 'search_wordmatch, ' . $table_prefix . 'sessions_keys' . $table_prefix . 'smilies, ' . $table_prefix . 'themes, ' . $table_prefix . 'themes_name, ' . $table_prefix . 'topics, ' . $table_prefix . 'topics_watch, ' . $table_prefix . 'user_group, ' . $table_prefix . 'users, ' . $table_prefix . 'vote_desc, ' . $table_prefix . 'vote_results, ' . $table_prefix . 'vote_voters, ' . $table_prefix . 'words'; + $sql = 'OPTIMIZE TABLE ' . $table_prefix . 'auth_access, ' . $table_prefix . 'banlist, ' . $table_prefix . 'categories, ' . $table_prefix . 'config, ' . $table_prefix . 'disallow, ' . $table_prefix . 'forum_prune, ' . $table_prefix . 'forums, ' . $table_prefix . 'groups, ' . $table_prefix . 'posts, ' . $table_prefix . 'posts_text, ' . $table_prefix . 'privmsgs, ' . $table_prefix . 'privmsgs_text, ' . $table_prefix . 'ranks, ' . $table_prefix . 'search_results, ' . $table_prefix . 'search_wordlist, ' . $table_prefix . 'search_wordmatch, ' . $table_prefix . 'sessions_keys, ' . $table_prefix . 'smilies, ' . $table_prefix . 'themes, ' . $table_prefix . 'themes_name, ' . $table_prefix . 'topics, ' . $table_prefix . 'topics_watch, ' . $table_prefix . 'user_group, ' . $table_prefix . 'users, ' . $table_prefix . 'vote_desc, ' . $table_prefix . 'vote_results, ' . $table_prefix . 'vote_voters, ' . $table_prefix . 'words'; _sql($sql, $errored, $error_ary); break; diff --git a/phpBB/language/lang_english/lang_main.php b/phpBB/language/lang_english/lang_main.php index 330fada765..5c9b972f01 100644 --- a/phpBB/language/lang_english/lang_main.php +++ b/phpBB/language/lang_english/lang_main.php @@ -1018,6 +1018,8 @@ $lang['Admin_reauthenticate'] = 'To administer the board you must re-authenticat $lang['Login_attempts_exceeded'] = 'The maximum number of %s login attempts has been exceeded. You are not allowed to login for the next %s minutes.'; $lang['Please_remove_install_contrib'] = 'Please ensure both the install/ and contrib/ directories are deleted'; +$lang['Session_invalid'] = 'Invalid Session. Please resubmit the form.'; + // // That's all, Folks! // ------------------------------------------------- diff --git a/phpBB/login.php b/phpBB/login.php index 15d0d449d2..2e90b244f9 100644 --- a/phpBB/login.php +++ b/phpBB/login.php @@ -123,7 +123,7 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($ $redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : ''; $redirect = str_replace('?', '&', $redirect); - if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r")) + if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r") || strstr(urldecode($redirect), ';url')) { message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.'); } @@ -142,7 +142,7 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($ $redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : ""; $redirect = str_replace("?", "&", $redirect); - if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r")) + if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r") || strstr(urldecode($redirect), ';url')) { message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.'); } diff --git a/phpBB/memberlist.php b/phpBB/memberlist.php index ed1d61a8f6..b19c92bc00 100644 --- a/phpBB/memberlist.php +++ b/phpBB/memberlist.php @@ -34,6 +34,7 @@ init_userprefs($userdata); // $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0; +$start = ($start < 0) ? 0 : $start; if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) { diff --git a/phpBB/modcp.php b/phpBB/modcp.php index 895d2de68d..699a636f32 100644 --- a/phpBB/modcp.php +++ b/phpBB/modcp.php @@ -71,6 +71,7 @@ $confirm = ( $HTTP_POST_VARS['confirm'] ) ? TRUE : 0; // Continue var definitions // $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0; +$start = ($start < 0) ? 0 : $start; $delete = ( isset($HTTP_POST_VARS['delete']) ) ? TRUE : FALSE; $move = ( isset($HTTP_POST_VARS['move']) ) ? TRUE : FALSE; diff --git a/phpBB/posting.php b/phpBB/posting.php index 332180000d..22b93a3fdc 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -44,6 +44,7 @@ while( list($var, $param) = @each($params) ) } $confirm = isset($HTTP_POST_VARS['confirm']) ? true : false; +$sid = (isset($HTTP_POST_VARS['sid'])) ? $HTTP_POST_VARS['sid'] : 0; $params = array('forum_id' => POST_FORUM_URL, 'topic_id' => POST_TOPIC_URL, 'post_id' => POST_POST_URL); while( list($var, $param) = @each($params) ) @@ -430,6 +431,7 @@ if ( ( $delete || $poll_delete || $mode == 'delete' ) && !$confirm ) // $s_hidden_fields = '<input type="hidden" name="' . POST_POST_URL . '" value="' . $post_id . '" />'; $s_hidden_fields .= ( $delete || $mode == "delete" ) ? '<input type="hidden" name="mode" value="delete" />' : '<input type="hidden" name="mode" value="poll_delete" />'; + $s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />'; $l_confirm = ( $delete || $mode == 'delete' ) ? $lang['Confirm_delete'] : $lang['Confirm_delete_poll']; @@ -541,6 +543,12 @@ else if ( $submit || $confirm ) $return_message = ''; $return_meta = ''; + // session id check + if ($sid == '' || $sid != $userdata['session_id']) + { + $error_msg .= (!empty($error_msg)) ? '<br />' . $lang['Session_invalid'] : $lang['Session_invalid']; + } + switch ( $mode ) { case 'editpost': @@ -566,6 +574,11 @@ else if ( $submit || $confirm ) case 'delete': case 'poll_delete': + if ($error_msg != '') + { + message_die(GENERAL_MESSAGE, $error_msg); + } + delete_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id); break; } @@ -928,6 +941,7 @@ if ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post'] ) } $hidden_form_fields = '<input type="hidden" name="mode" value="' . $mode . '" />'; +$hidden_form_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />'; switch( $mode ) { diff --git a/phpBB/privmsg.php b/phpBB/privmsg.php index b77cca6a4c..d6688e3a53 100644 --- a/phpBB/privmsg.php +++ b/phpBB/privmsg.php @@ -50,6 +50,7 @@ $confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : 0; $delete = ( isset($HTTP_POST_VARS['delete']) ) ? TRUE : 0; $delete_all = ( isset($HTTP_POST_VARS['deleteall']) ) ? TRUE : 0; $save = ( isset($HTTP_POST_VARS['save']) ) ? TRUE : 0; +$sid = (isset($HTTP_POST_VARS['sid'])) ? $HTTP_POST_VARS['sid'] : 0; $refresh = $preview || $submit_search; @@ -101,6 +102,7 @@ else } $start = ( !empty($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0; +$start = ($start < 0) ? 0 : $start; if ( isset($HTTP_POST_VARS[POST_POST_URL]) || isset($HTTP_GET_VARS[POST_POST_URL]) ) { @@ -1161,6 +1163,13 @@ else if ( $submit || $refresh || $mode != '' ) if ( $submit ) { + // session id check + if ($sid == '' || $sid != $userdata['session_id']) + { + $error = true; + $error_msg .= ( ( !empty($error_msg) ) ? '<br />' : '' ) . $lang['Session_invalid']; + } + if ( !empty($HTTP_POST_VARS['username']) ) { $to_username = phpbb_clean_username($HTTP_POST_VARS['username']); @@ -1376,7 +1385,7 @@ else if ( $submit || $refresh || $mode != '' ) $privmsg_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(htmlspecialchars(stripslashes($HTTP_POST_VARS['subject']))) : ''; $privmsg_message = ( isset($HTTP_POST_VARS['message']) ) ? trim($HTTP_POST_VARS['message']) : ''; - $privmsg_message = preg_replace('#<textarea>#si', '<textarea>', $privmsg_message); + // $privmsg_message = preg_replace('#<textarea>#si', '<textarea>', $privmsg_message); if ( !$preview ) { $privmsg_message = stripslashes($privmsg_message); @@ -1480,7 +1489,7 @@ else if ( $submit || $refresh || $mode != '' ) } $privmsg_message = str_replace('<br />', "\n", $privmsg_message); - $privmsg_message = preg_replace('#</textarea>#si', '</textarea>', $privmsg_message); + // $privmsg_message = preg_replace('#</textarea>#si', '</textarea>', $privmsg_message); $user_sig = ( $board_config['allow_sig'] ) ? (($privmsg['privmsgs_type'] == PRIVMSGS_NEW_MAIL) ? $user_sig : $privmsg['user_sig']) : ''; @@ -1523,7 +1532,7 @@ else if ( $submit || $refresh || $mode != '' ) $privmsg_message = preg_replace("/\:(([a-z0-9]:)?)$privmsg_bbcode_uid/si", '', $privmsg_message); $privmsg_message = str_replace('<br />', "\n", $privmsg_message); - $privmsg_message = preg_replace('#</textarea>#si', '</textarea>', $privmsg_message); + // $privmsg_message = preg_replace('#</textarea>#si', '</textarea>', $privmsg_message); $privmsg_message = preg_replace($orig_word, $replacement_word, $privmsg_message); $msg_date = create_date($board_config['default_dateformat'], $privmsg['privmsgs_date'], $board_config['board_timezone']); @@ -1650,6 +1659,7 @@ else if ( $submit || $refresh || $mode != '' ) // if ($error) { + $privmsg_message = htmlspecialchars($privmsg_message); $template->set_filenames(array( 'reg_header' => 'error_body.tpl') ); @@ -1736,6 +1746,7 @@ else if ( $submit || $refresh || $mode != '' ) $s_hidden_fields = '<input type="hidden" name="folder" value="' . $folder . '" />'; $s_hidden_fields .= '<input type="hidden" name="mode" value="' . $mode . '" />'; + $s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />'; if ( $mode == 'edit' ) { $s_hidden_fields .= '<input type="hidden" name="' . POST_POST_URL . '" value="' . $privmsg_id . '" />'; diff --git a/phpBB/search.php b/phpBB/search.php index 7a14f1028e..306f195979 100644 --- a/phpBB/search.php +++ b/phpBB/search.php @@ -118,6 +118,7 @@ else } $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0; +$start = ($start < 0) ? 0 : $start; $sort_by_types = array($lang['Sort_Time'], $lang['Sort_Post_Subject'], $lang['Sort_Topic_Title'], $lang['Sort_Author'], $lang['Sort_Forum']); diff --git a/phpBB/viewforum.php b/phpBB/viewforum.php index 2584794947..92d4f7f545 100644 --- a/phpBB/viewforum.php +++ b/phpBB/viewforum.php @@ -42,6 +42,7 @@ else } $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0; +$start = ($start < 0) ? 0 : $start; if ( isset($HTTP_GET_VARS['mark']) || isset($HTTP_POST_VARS['mark']) ) { diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index ee564418ec..8a0c73521d 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -46,6 +46,7 @@ if ( isset($HTTP_GET_VARS[POST_POST_URL])) $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0; +$start = ($start < 0) ? 0 : $start; if (!$topic_id && !$post_id) { |