Zeile 205 | Zeile 205 |
---|
reset($pforumcache); reset($pforumcache[$fid]);
|
reset($pforumcache); reset($pforumcache[$fid]);
|
| $navigation = '';
|
foreach($pforumcache[$fid] as $key => $forum) { if($fid == $forum['fid']) {
|
foreach($pforumcache[$fid] as $key => $forum) { if($fid == $forum['fid']) {
|
if($pforumcache[$forum['pid']])
| if(!empty($pforumcache[$forum['pid']]))
|
{ $navigation = make_parent_list($forum['pid'], $navsep).$navigation; }
if($navigation)
|
{ $navigation = make_parent_list($forum['pid'], $navsep).$navigation; }
if($navigation)
|
{
| {
|
$navigation .= $navsep; } $navigation .= $forum['fid'];
| $navigation .= $navsep; } $navigation .= $forum['fid'];
|
Zeile 255 | Zeile 257 |
---|
$existing_permissions = $db->fetch_array($query2);
if(!$existing_permissions)
|
$existing_permissions = $db->fetch_array($query2);
if(!$existing_permissions)
|
{
| {
|
$query2 = $db->simple_select("usergroups", $db->escape_string(implode(',', array_keys($usergroup_permission_fields))), "gid='{$usergroup['gid']}'", array('limit' => 1)); $existing_permissions = $db->fetch_array($query2); }
| $query2 = $db->simple_select("usergroups", $db->escape_string(implode(',', array_keys($usergroup_permission_fields))), "gid='{$usergroup['gid']}'", array('limit' => 1)); $existing_permissions = $db->fetch_array($query2); }
|
Zeile 264 | Zeile 266 |
---|
$db->delete_query("forumpermissions", "fid='{$fid}' AND gid='{$usergroup['gid']}'");
// Only insert the new ones if we're using custom permissions
|
$db->delete_query("forumpermissions", "fid='{$fid}' AND gid='{$usergroup['gid']}'");
// Only insert the new ones if we're using custom permissions
|
if($inherit[$usergroup['gid']] != 1)
| if(empty($inherit[$usergroup['gid']]))
|
{
|
{
|
if($canview[$usergroup['gid']] == 1)
| if(!empty($canview[$usergroup['gid']]))
|
{ $pview = 1; }
| { $pview = 1; }
|
Zeile 275 | Zeile 277 |
---|
$pview = 0; }
|
$pview = 0; }
|
if($canpostthreads[$usergroup['gid']] == 1)
| if(!empty($canpostthreads[$usergroup['gid']]))
|
{ $pthreads = 1; }
| { $pthreads = 1; }
|
Zeile 284 | Zeile 286 |
---|
$pthreads = 0; }
|
$pthreads = 0; }
|
if($canpostreplies[$usergroup['gid']] == 1)
| if(!empty($canpostreplies[$usergroup['gid']]))
|
{ $preplies = 1;
|
{ $preplies = 1;
|
} else {
| } else {
|
$preplies = 0;
|
$preplies = 0;
|
}
if($canpostpolls[$usergroup['gid']] == 1)
| }
if(!empty($canpostpolls[$usergroup['gid']]))
|
{ $ppolls = 1; }
|
{ $ppolls = 1; }
|
else { $ppolls = 0; }
| else { $ppolls = 0; }
|
if(!$preplies && !$pthreads) { $ppost = 0; } else
|
if(!$preplies && !$pthreads) { $ppost = 0; } else
|
{
| {
|
$ppost = 1; }
| $ppost = 1; }
|
Zeile 326 | Zeile 328 |
---|
{ continue; }
|
{ continue; }
|
$insertquery[$db->escape_string($field)] = (int)$existing_permissions[$field];
| $insertquery[$db->escape_string($field)] = isset($existing_permissions[$field]) ? (int)$existing_permissions[$field] : 0;
|
}
$db->insert_query("forumpermissions", $insertquery);
| }
$db->insert_query("forumpermissions", $insertquery);
|
Zeile 346 | Zeile 348 |
---|
function check_admin_permissions($action, $error = true) { global $mybb, $page, $lang, $modules_dir;
|
function check_admin_permissions($action, $error = true) { global $mybb, $page, $lang, $modules_dir;
|
|
|
if(is_super_admin($mybb->user['uid'])) { return true;
| if(is_super_admin($mybb->user['uid'])) { return true;
|
Zeile 357 | Zeile 359 |
---|
{ $func = $action['module']."_admin_permissions"; $permissions = $func();
|
{ $func = $action['module']."_admin_permissions"; $permissions = $func();
|
if($permissions['permissions'][$action['action']] && $mybb->admin['permissions'][$action['module']][$action['action']] != 1)
| if( !empty($permissions['permissions'][$action['action']]) && empty($mybb->admin['permissions'][$action['module']][$action['action']]) )
|
{ if($error) {
| { if($error) {
|
Zeile 366 | Zeile 371 |
---|
$page->output_error("<b>{$lang->access_denied}</b><ul><li style=\"list-style-type: none;\">{$lang->access_denied_desc}</li></ul>"); $page->output_footer(); exit;
|
$page->output_error("<b>{$lang->access_denied}</b><ul><li style=\"list-style-type: none;\">{$lang->access_denied_desc}</li></ul>"); $page->output_footer(); exit;
|
}
| }
|
else { return false;
| else { return false;
|
Zeile 502 | Zeile 507 |
---|
{ return $final_group_perms; }
|
{ return $final_group_perms; }
|
else
| elseif(isset($perms_def))
|
{ return $perms_def; }
|
{ return $perms_def; }
|
| return array();
|
} }
| } }
|
Zeile 594 | Zeile 601 |
---|
* @param integer $uid The uid of the admin to check * @param boolean $return_num Return an array of the number of attempts and expiry time? (default false) * @return mixed Return an array if the second parameter is true, boolean otherwise.
|
* @param integer $uid The uid of the admin to check * @param boolean $return_num Return an array of the number of attempts and expiry time? (default false) * @return mixed Return an array if the second parameter is true, boolean otherwise.
|
*/
| */
|
function login_attempt_check_acp($uid=0, $return_num=false) { global $db, $mybb;
|
function login_attempt_check_acp($uid=0, $return_num=false) { global $db, $mybb;
|
|
|
$attempts['loginattempts'] = 0;
if($uid > 0) { $query = $db->simple_select("adminoptions", "loginattempts, loginlockoutexpiry", "uid='".(int)$uid."'", 1); $attempts = $db->fetch_array($query);
|
$attempts['loginattempts'] = 0;
if($uid > 0) { $query = $db->simple_select("adminoptions", "loginattempts, loginlockoutexpiry", "uid='".(int)$uid."'", 1); $attempts = $db->fetch_array($query);
|
| if(!$attempts) { return false; }
|
}
if($attempts['loginattempts'] <= 0)
| }
if($attempts['loginattempts'] <= 0)
|
Zeile 655 | Zeile 667 |
---|
function check_template($template) { // Check to see if our database password is in the template
|
function check_template($template) { // Check to see if our database password is in the template
|
if(preg_match('#\$config\[(([\'|"]database[\'|"])|([^\'"].*?))\]\[(([\'|"](database|hostname|password|table_prefix|username)[\'|"])|([^\'"].*?))\]#i', $template))
| if(preg_match('#\$config\[(([\'|"]database[\'|"])|([^\'"].*?))\]\[(([\'|"](database|hostname|password|table_prefix|username)[\'|"])|([^\'"].*?))\]#i', $template) !== 0)
|
{ return true; }
// System calls via backtick
|
{ return true; }
// System calls via backtick
|
if(preg_match('#\$\s*\{#', $template))
| if(preg_match('#\$\s*\{#', $template) !== 0)
|
{ return true; }
// Any other malicious acts? // Courtesy of ZiNgA BuRgA
|
{ return true; }
// Any other malicious acts? // Courtesy of ZiNgA BuRgA
|
if(preg_match("~\\{\\$.+?\\}~s", preg_replace('~\\{\\$+[a-zA-Z_][a-zA-Z_0-9]*((?:-\\>|\\:\\:)\\$*[a-zA-Z_][a-zA-Z_0-9]*|\\[\s*\\$*([\'"]?)[a-zA-Z_ 0-9 ]+\\2\\]\s*)*\\}~', '', $template)))
| $allowed = preg_replace('~\\{\\$+[a-zA-Z_][a-zA-Z_0-9]*((?:-\\>|\\:\\:)\\$*[a-zA-Z_][a-zA-Z_0-9]*|\\[\s*\\$*([\'"]?)[a-zA-Z_ 0-9 ]+\\2\\]\s*)*\\}~', '', $template); if($allowed === null || preg_match("~\\{\\$.+?\\}~s", $allowed) !== 0)
|
{ return true; }
| { return true; }
|
Zeile 724 | Zeile 737 |
---|
{ while($post = $db->fetch_array($query)) {
|
{ while($post = $db->fetch_array($query)) {
|
if($post['usepostcounts'] != 0 && $post['visible'] != 0)
| if($post['usepostcounts'] != 0 && $post['visible'] == 1)
|
{ ++$post_count; }
| { ++$post_count; }
|
Zeile 750 | Zeile 763 |
---|
}
$db->update_query("users", array("postnum" => "postnum-".$post_count.""), "uid='".$uid."'", 1, true);
|
}
$db->update_query("users", array("postnum" => "postnum-".$post_count.""), "uid='".$uid."'", 1, true);
|
|
|
$to_return = array( 'to_delete' => $delete_thread_list, 'thread_update' => $thread_list,
| $to_return = array( 'to_delete' => $delete_thread_list, 'thread_update' => $thread_list,
|
Zeile 758 | Zeile 771 |
---|
);
return $to_return;
|
);
return $to_return;
|
} } }
| } } }
|
/** * Prints a selection JavaScript code for selectable groups/forums fields.
| /** * Prints a selection JavaScript code for selectable groups/forums fields.
|
Zeile 786 | Zeile 799 |
---|
if($(this).prop('checked') == true) { checked = $(this).val();
|
if($(this).prop('checked') == true) { checked = $(this).val();
|
} });
| } });
|
$('.'+id+'_forums_groups').each(function(e)
|
$('.'+id+'_forums_groups').each(function(e)
|
{
| {
|
$(this).hide(); });
if($('#'+id+'_forums_groups_'+checked)) { $('#'+id+'_forums_groups_'+checked).show();
|
$(this).hide(); });
if($('#'+id+'_forums_groups_'+checked)) { $('#'+id+'_forums_groups_'+checked).show();
|
} }
| } }
|
</script>"; }
| </script>"; }
|
Zeile 807 | Zeile 820 |
---|
function array_column($input, $column_key) { $values = array();
|
function array_column($input, $column_key) { $values = array();
|
|
|
if(!is_array($input)) { $input = array($input);
| if(!is_array($input)) { $input = array($input);
|
Zeile 827 | Zeile 840 |
---|
return $values; }
|
return $values; }
|
| }
/** * Output the auto redirect block. * * @param \Form $form An existing form instance to wrap the redirect within. * @param string $prompt The prompt to show. */ function output_auto_redirect($form, $prompt) { global $lang;
echo <<<HTML <div class="confirm_action"> <p>{$prompt}</p> <br /> <script type="text/javascript"> $(function() { var button = $("#proceed_button"); if (button.length > 0) { // create a temporary div element to render the text within, un-escaping HTML entities var textElement = $('<div/>').html('{$lang->automatically_redirecting}'); button.val(textElement.text()); button.attr("disabled", true); button.css("color", "#aaa"); button.css("borderColor", "#aaa"); var parent_form = button.closest('form');
if (parent_form.length > 0) { parent_form.submit(); } } }); </script> <p class="buttons"> {$form->generate_submit_button($lang->proceed, array('class' => 'button_yes', 'id' => 'proceed_button'))} </p> </div> HTML;
|
}
| }
|