Vergleich admin/inc/functions.php - 1.8.25 - 1.8.36

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 212Zeile 212
	{
if($fid == $forum['fid'])
{

	{
if($fid == $forum['fid'])
{

			if($pforumcache[$forum['pid']])

			if(!empty($pforumcache[$forum['pid']]))

			{
$navigation = make_parent_list($forum['pid'], $navsep).$navigation;
}

			{
$navigation = make_parent_list($forum['pid'], $navsep).$navigation;
}

Zeile 266Zeile 266
		$db->delete_query("forumpermissions", "fid='{$fid}' AND gid='{$usergroup['gid']}'");

// Only insert the new ones if we're using custom permissions

		$db->delete_query("forumpermissions", "fid='{$fid}' AND gid='{$usergroup['gid']}'");

// Only insert the new ones if we're using custom permissions

		if($inherit[$usergroup['gid']] != 1)

		if(empty($inherit[$usergroup['gid']]))

		{

		{

			if($canview[$usergroup['gid']] == 1)

			if(!empty($canview[$usergroup['gid']]))

			{
$pview = 1;
}

			{
$pview = 1;
}

Zeile 277Zeile 277
				$pview = 0;
}


				$pview = 0;
}


			if($canpostthreads[$usergroup['gid']] == 1)

			if(!empty($canpostthreads[$usergroup['gid']]))

			{
$pthreads = 1;
}

			{
$pthreads = 1;
}

Zeile 286Zeile 286
				$pthreads = 0;
}


				$pthreads = 0;
}


			if($canpostreplies[$usergroup['gid']] == 1)

			if(!empty($canpostreplies[$usergroup['gid']]))

			{
$preplies = 1;
}

			{
$preplies = 1;
}

Zeile 295Zeile 295
				$preplies = 0;
}


				$preplies = 0;
}


			if($canpostpolls[$usergroup['gid']] == 1)

			if(!empty($canpostpolls[$usergroup['gid']]))

			{
$ppolls = 1;
}

			{
$ppolls = 1;
}

Zeile 329Zeile 329
					continue;
}


					continue;
}


				$insertquery[$db->escape_string($field)] = (int)$existing_permissions[$field];

				$insertquery[$db->escape_string($field)] = isset($existing_permissions[$field]) ? (int)$existing_permissions[$field] : 0;

			}

$db->insert_query("forumpermissions", $insertquery);

			}

$db->insert_query("forumpermissions", $insertquery);

Zeile 359Zeile 359
	{
$func = $action['module']."_admin_permissions";
$permissions = $func();

	{
$func = $action['module']."_admin_permissions";
$permissions = $func();

		if($permissions['permissions'][$action['action']] && $mybb->admin['permissions'][$action['module']][$action['action']] != 1)




		if(
!empty($permissions['permissions'][$action['action']]) &&
empty($mybb->admin['permissions'][$action['module']][$action['action']])
)

		{
if($error)
{

		{
if($error)
{

Zeile 504Zeile 507
		{
return $final_group_perms;
}

		{
return $final_group_perms;
}

		else

		elseif(isset($perms_def))

		{
return $perms_def;
}

		{
return $perms_def;
}

 

return array();

	}
}


	}
}


Zeile 516Zeile 521
 *
* @param string $mysql_encoding The MySQL encoding
* @return string The iconv/mb encoding

 *
* @param string $mysql_encoding The MySQL encoding
* @return string The iconv/mb encoding

 */

 */

function fetch_iconv_encoding($mysql_encoding)
{
$mysql_encoding = explode("_", $mysql_encoding);

function fetch_iconv_encoding($mysql_encoding)
{
$mysql_encoding = explode("_", $mysql_encoding);

Zeile 554Zeile 559
			if(!empty($page))
{
unset($adminoption['permissions'][$tab][$page]);

			if(!empty($page))
{
unset($adminoption['permissions'][$tab][$page]);

			}
else

			}
else

			{
unset($adminoption['permissions'][$tab]);
}

			{
unset($adminoption['permissions'][$tab]);
}

Zeile 567Zeile 572
				if($adminoption['uid'] == 0)
{
$adminoption['permissions'][$tab][$page] = 0;

				if($adminoption['uid'] == 0)
{
$adminoption['permissions'][$tab][$page] = 0;

				}
else

				}
else

				{
$adminoption['permissions'][$tab][$page] = $default;
}

				{
$adminoption['permissions'][$tab][$page] = $default;
}

Zeile 607Zeile 612
	{
$query = $db->simple_select("adminoptions", "loginattempts, loginlockoutexpiry", "uid='".(int)$uid."'", 1);
$attempts = $db->fetch_array($query);

	{
$query = $db->simple_select("adminoptions", "loginattempts, loginlockoutexpiry", "uid='".(int)$uid."'", 1);
$attempts = $db->fetch_array($query);

 

if(!$attempts)
{
return false;
}

	}

if($attempts['loginattempts'] <= 0)

	}

if($attempts['loginattempts'] <= 0)

Zeile 657Zeile 667
function check_template($template)
{
// Check to see if our database password is in the template

function check_template($template)
{
// Check to see if our database password is in the template

	if(preg_match('#\$config\[(([\'|"]database[\'|"])|([^\'"].*?))\]\[(([\'|"](database|hostname|password|table_prefix|username)[\'|"])|([^\'"].*?))\]#i', $template)) 

	if(preg_match('#\$config\[(([\'|"]database[\'|"])|([^\'"].*?))\]\[(([\'|"](database|hostname|password|table_prefix|username)[\'|"])|([^\'"].*?))\]#i', $template) !== 0)

	{
return true;
}

// System calls via backtick

	{
return true;
}

// System calls via backtick

	if(preg_match('#\$\s*\{#', $template))

	if(preg_match('#\$\s*\{#', $template) !== 0)

	{
return true;
}

// Any other malicious acts?
// Courtesy of ZiNgA BuRgA

	{
return true;
}

// Any other malicious acts?
// Courtesy of ZiNgA BuRgA

	if(preg_match("~\\{\\$.+?\\}~s", preg_replace('~\\{\\$+[a-zA-Z_][a-zA-Z_0-9]*((?:-\\>|\\:\\:)\\$*[a-zA-Z_][a-zA-Z_0-9]*|\\[\s*\\$*([\'"]?)[a-zA-Z_ 0-9 ]+\\2\\]\s*)*\\}~', '', $template)))


	$allowed = preg_replace('~\\{\\$+[a-zA-Z_][a-zA-Z_0-9]*((?:-\\>|\\:\\:)\\$*[a-zA-Z_][a-zA-Z_0-9]*|\\[\s*\\$*([\'"]?)[a-zA-Z_ 0-9 ]+\\2\\]\s*)*\\}~', '', $template);
if($allowed === null || preg_match("~\\{\\$.+?\\}~s", $allowed) !== 0)

	{
return true;
}

	{
return true;
}