Navigation

← Previous Changeset
Next Changeset →

Changeset 20

Timestamp:

2007-11-23 14:40:11 (4 years ago)

Author:

hannes

Message:

unraveled $C->query occurences
fixed lots of bugs occuring for members without cookies
lots and lots of small bugfixes (went through all pages)

Files:

trunk/admin/classes/pages/Deletecategory.php (modified) (2 diffs)
trunk/admin/classes/pages/Deleteforum.php (modified) (1 diff)
trunk/admin/classes/pages/Editmember.php (modified) (5 diffs)
trunk/admin/classes/pages/Groups.php (modified) (1 diff)
trunk/admin/classes/pages/Moderators.php (modified) (3 diffs)
trunk/admin/classes/pages/Modifycategory.php (modified) (1 diff)
trunk/admin/classes/pages/Modifyforum.php (modified) (2 diffs)
trunk/admin/classes/pages/Permissions.php (modified) (1 diff)
trunk/admin/classes/pages/Settings.php (modified) (1 diff)
trunk/classes/misc/Post.php (modified) (1 diff)
trunk/classes/misc/Postform.php (modified) (1 diff)
trunk/classes/pages/Lostpassword.php (modified) (1 diff)
trunk/classes/pages/Messenger.php (modified) (2 diffs)
trunk/classes/pages/Moderate.php (modified) (3 diffs)
trunk/classes/pages/Page.php (modified) (3 diffs)
trunk/classes/pages/Register.php (modified) (3 diffs)
trunk/classes/pages/Search.php (modified) (1 diff)
trunk/classes/pages/Userpanel.php (modified) (3 diffs)
trunk/includes/input.php (modified) (1 diff)
trunk/includes/js/js.js (modified) (1 diff)
trunk/includes/lang/en.php (modified) (1 diff)
trunk/includes/session.php (modified) (1 diff)
trunk/includes/styles/default.css (modified) (1 diff)
trunk/redirectors/preview.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

trunk/admin/classes/pages/Deletecategory.php

r19	r20
46	46	$q->bindParam(':id', $id, PDO::PARAM_INT, 12);
47	47	$q->execute();
48		$rows = $q->fetchAll()M
	48	$rows = $q->fetchAll();
49	49	$q = NULL;
50	50	foreach ($rows as $row) {
…	…
55	55	$rows2 = $q2->fetchAll();
56	56	$q2 = NULL;
57		forach ($rows2 as $row2) {
	57	foreach ($rows2 as $row2) {
58	58	// delete posts in this forum
59	59	$q3 = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'posts WHERE topic = :id');

trunk/admin/classes/pages/Deleteforum.php

r19	r20
97	97	$form->addInput('hidden', 'commit', 'y');
98	98	$form->createTable('adminform');
99		$_col2 = '<td><select>';
	99	$_col2 = '<td><select name="id">';
100	100	foreach ($C->query('SELECT * FROM ' . $SETTINGS['dbtableprefix'] . 'forums ORDER BY forum_category ASC, forum_order ASC') as $row) {
101	101	$_col2 .= '<option value="' . $row['forumid'] . '">' . $row['forumtitle'] . '</option>';

trunk/admin/classes/pages/Editmember.php

r19	r20
61	61	$messagenotification_popup = 0;
62	62	}
63		~~// strip admin-specific directory prefix from avatar variable~~
64		~~$avatar = substr($avatar, 3);~~
65	63	// glue birthday parts together
66	64	$birthday = $birthday0 . '-' . $birthday1 . '-' . $birthday2;
…	…
74	72	// check if what has been submitted as avatar exists in the directory
75	73	$ok = 0;
76		// open avatar directory
77		if ($handle = @opendir('../images/avatars')) {
78		while (FALSE !== ($file = @readdir($handle))) {
79		// use only actual files
80		if ($file != '.' && $file != '..' &&
81		$file != 'index.htm') {
82		if ('images/avatars/' . $file == $avatar) {
83		// found
84		$ok = 1;
	74	if ($avatar != 'images/spacer.gif') {
	75	// strip admin-specific directory prefix from avatar variable
	76	$avatar = substr($avatar, 3);
	77	// open avatar directory
	78	if ($handle = @opendir('../images/avatars')) {
	79	while (FALSE !== ($file = @readdir($handle))) {
	80	// use only actual files
	81	if ($file != '.' && $file != '..' &&
	82	$file != 'index.htm') {
	83	if ('images/avatars/' . $file == $avatar) {
	84	// found
	85	$ok = 1;
	86	}
85	87	}
86	88	}
87		}
88		// close directory
89		@closedir($handle);
	89	// close directory
	90	@closedir($handle);
	91	}
	92	} else {
	93	$ok = 1;
90	94	}
91	95	// check if mandatory fields (username, password and e-mail) are set
…	…
202	206	// update groups of this member
203	207	// go through all existing groups
204		foreach ($C->query('SELECT id, name FROM ' . $SETTINGS['dbtableprefix'] . 'usergroups') as $row) {
	208	$q = $C->prepare('SELECT id, name FROM ' . $SETTINGS['dbtableprefix'] . 'usergroups');
	209	$q->execute();
	210	$rows = $q->fetchAll();
	211	$q = NULL;
	212	foreach ($rows as $row) {
205	213	// don't touch if it's one of the 'status' groups
206	214	if (!in_array($row['name'], $_def_groups)) {
…	…
397	405	@closedir($handle);
398	406	}
399		$_col1 .= '</select><br /><a href="javascript:void();" onclick="window.open(\'../redirectors/uploadavatar.php\', \'uploadwindow\', \'width=350, height=200\');">' . $LANG['Upload_Avatar'] . '</a></td>';
	407	$_col1 .= '</select><br /><a href="javascript:void();" onclick="window.open(\'../redirectors/uploadavatar.php?s=' . session_id() . '\', \'uploadwindow\', \'width=350, height=200\');">' . $LANG['Upload_Avatar'] . '</a></td>';
400	408	$_col2 = '<td>';
401	409	/* it shouldn't really occur that the avatar is an empty string,
…	…
428	436	$form->addRawTableRow(Array('<th>' . $LANG['Group'] . '</th>', '<th>' . $LANG['Member'] . '</th>'));
429	437	// get all groups
430		foreach ($C->query('SELECT * FROM ' . $SETTINGS['dbtableprefix'] . 'usergroups ORDER BY id ASC') as $row2) {
	438	$q2 = $C->prepare('SELECT * FROM ' . $SETTINGS['dbtableprefix'] . 'usergroups ORDER BY id ASC');
	439	$q2->execute();
	440	$rows2 = $q2->fetchAll();
	441	$q2 = NULL;
	442	foreach ($rows2 as $row2) {
431	443	$_col2 = '<td><input type="checkbox" name="newgroupmemberships[' . $row2['id'] . ']"';
432	444	if (in_array($row2['name'], $_def_groups)) {

trunk/admin/classes/pages/Groups.php

r19	r20
47	47	if (Member::checkRights('admin/', 'w') && $_SESSION['auth_admin'] == 'yes') {
48	48	// go through all existing groups to update them accordingly
49		foreach ($C->query('SELECT * FROM ' . $SETTINGS['dbtableprefix'] . 'usergroups') as $row) {
	49	$q = $C->prepare('SELECT * FROM ' . $SETTINGS['dbtableprefix'] . 'usergroups');
	50	$q->execute();
	51	$rows = $q->fetchAll();
	52	$q = NULL;
	53	foreach ($rows as $row) {
50	54	if (!in_array($row['name'], $_def_groups)) {
51	55	if ($changegroupdelete[$row['id']] == 1) {

trunk/admin/classes/pages/Moderators.php

r19	r20
43	43	$_warnings = '';
44	44	// go through all forums
45		foreach ($C->query('SELECT forumid FROM ' . $SETTINGS['dbtableprefix'] . 'forums') as $row) {
	45	$q = $C->prepare('SELECT forumid FROM ' . $SETTINGS['dbtableprefix'] . 'forums');
	46	$q->execute();
	47	$rows = $q->fetchAll();
	48	$q = NULL;
	49	foreach ($rows as $row) {
46	50	// check if all names entered are valid
47	51	$_newmods = explode(',', $newdesc[$row['forumid']]);
…	…
49	53	$_invalid = Array();
50	54	foreach ($_newmods as $_mod) {
51		$q = $C->prepare('SELECT memberid FROM ' . $SETTINGS['dbtableprefix'] . 'members WHERE membername = :name');
	55	$q = $C->prepare('SELECT memberid, memberstatus FROM ' . $SETTINGS['dbtableprefix'] . 'members WHERE membername = :name');
52	56	$q->bindParam(':name', trim($_mod), PDO::PARAM_STR);
53	57	if ($q->execute() && $row2 = $q->fetchObject()) {
…	…
106	110	$form->addRawTableRow(Array('<th>' . $LANG['Forum'] . '</th>', '<th>' . $LANG['Moderators_seperated_by_commas'] . '</th>'));
107	111	// get all forums
108		foreach ($C->query('SELECT * FROM ' . $SETTINGS['dbtableprefix'] . 'forums ORDER BY forum_category ASC, forum_order ASC') as $row) {
	112	$q = $C->prepare('SELECT * FROM ' . $SETTINGS['dbtableprefix'] . 'forums ORDER BY forum_category ASC, forum_order ASC');
	113	$q->execute();
	114	$rows = $q->fetchAll();
	115	$q = NULL;
	116	foreach ($rows as $row) {
109	117	// get current moderators
110		$q = $C->prepare('SELECT membername FROM ' . $SETTINGS['dbtableprefix'] . 'members AS m, ' . $SETTINGS['dbtableprefix'] . 'moderators AS mod ~~WHERE mod.forum = :forum AND m.memberid = mod~~.member');
	118	$q = $C->prepare('SELECT membername FROM ' . $SETTINGS['dbtableprefix'] . 'members AS m, ' . $SETTINGS['dbtableprefix'] . 'moderators AS mods WHERE mods.forum = :forum AND m.memberid = mods.member');
111	119	$q->bindParam(':forum', $row['forumid'], PDO::PARAM_INT, 12);
112	120	$q->execute();

trunk/admin/classes/pages/Modifycategory.php

r19	r20
42	42	if (Member::checkRights('admin/', 'w') && $_SESSION['auth_admin'] == 'yes') {
43	43	// go through all categories
44		foreach ($C->query('SELECT category_id FROM ' . $SETTINGS['dbtableprefix'] . 'categories') as $row) {
	44	$q = $C->prepare('SELECT category_id FROM ' . $SETTINGS['dbtableprefix'] . 'categories');
	45	$q->execute();
	46	$rows = $q->fetchAll();
	47	$q = NULL;
	48	foreach ($rows as $row) {
45	49	// update (just do it regardless of whether anything has actually changed
46	50	$q = $C->prepare('UPDATE ' . $SETTINGS['dbtableprefix'] . 'categories SET category_name = :name, category_order = :order WHERE category_id = :id');

trunk/admin/classes/pages/Modifyforum.php

r19	r20
42	42	if (Member::checkRights('admin/', 'w') && $_SESSION['auth_admin'] == 'yes') {
43	43	// go through all forums
44		foreach ($C->query('SELECT forumid FROM ' . $SETTINGS['dbtableprefix'] . 'forums') as $row) {
	44	$q = $C->prepare('SELECT forumid FROM ' . $SETTINGS['dbtableprefix'] . 'forums');
	45	$q->execute();
	46	$rows = $q->fetchAll();
	47	$q = NULL;
	48	foreach ($rows as $row) {
45	49	// update settings in database regardless of whether there actually have been any changes
46	50	$q = $C->prepare('UPDATE ' . $SETTINGS['dbtableprefix'] . 'forums SET forumtitle = :title, forumdescription = :desc, forum_category = :cat, forum_order = :order WHERE forumid = :id');
…	…
66	70	$form->createTable('adminform');
67	71	$form->addRawTableRow(Array('<th>' . $LANG['Name'] . '</th>', '<th>' . $LANG['Description'] . '</th>', '<th>' . $LANG['Category'] . '</th>', '<th>' . $LANG['Order'] . '</th>'));
68		foreach ($C->query('SELECT * FROM ' . $SETTINGS['dbtableprefix'] . 'forums ORDER BY forum_category ASC, forum_order ASC') as $row) {
	72	$q = $C->prepare('SELECT * FROM ' . $SETTINGS['dbtableprefix'] . 'forums ORDER BY forum_category ASC, forum_order ASC');
	73	$q->execute();
	74	$rows = $q->fetchAll();
	75	$q = NULL;
	76	foreach ($rows as $row) {
69	77	$_col3 = '<td><select name="tocategory[' . $row['forumid'] . ']">';
70	78	foreach ($C->query('SELECT * FROM ' . $SETTINGS['dbtableprefix'] . 'categories ORDER BY category_order ASC') as $row2) {

trunk/admin/classes/pages/Permissions.php

r19	r20
213	213	}
214	214	// forums
215		foreach ($C->query('SELECT forumid, forumtitle FROM ' . $SETTINGS['dbtableprefix'] . 'forums ORDER BY forum_category ASC, forum_order ASC') as $row) {
	215	$q = $C->prepare('SELECT forumid, forumtitle FROM ' . $SETTINGS['dbtableprefix'] . 'forums ORDER BY forum_category ASC, forum_order ASC');
	216	$q->execute();
	217	$rows = $q->fetchAll();
	218	$q = NULL;
	219	foreach ($rows as $row) {
216	220	foreach ($_forum_pages as $_page_stub) {
217	221	$_page = $_page_stub . '=' . $row['forumid'];

trunk/admin/classes/pages/Settings.php

r19	r20
139	139	$form->addTableRow($LANG['SQL_Hostname'], 'text', 'newsqlhost', $SETTINGS['sqlhost']);
140	140	$form->addTableRow($LANG['SQL_Username'], 'text', 'newsqluser', $SETTINGS['sqluser']);
141		$form->addTableRow($LANG['SQL_Password'], '~~text~~', 'newsqlpassword', $SETTINGS['sqlpassword']);
	141	$form->addTableRow($LANG['SQL_Password'], 'password', 'newsqlpassword', $SETTINGS['sqlpassword']);
142	142	$form->addTableRow($LANG['SQL_Database'], 'text', 'newdbname', $SETTINGS['dbname']);
143	143	$form->addTableRow($LANG['SQL_Database_Table_Prefix'], 'text', 'newdbtableprefix', $SETTINGS['dbtableprefix']);

trunk/classes/misc/Post.php

r19	r20
414	414	$page = ceil($row / $SETTINGS['postsperpage']);
415	415	// send e-mail notifications (using the language the receipient has set)
416		$q = $C->prepare('SELECT member FROM ' . $SETTINGS['dbtableprefix'] . 'WHERE topic = :id');
	416	$q = $C->prepare('SELECT member FROM ' . $SETTINGS['dbtableprefix'] . 'subscriptions WHERE topic = :id');
417	417	$q->bindParam(':id', $reply, PDO::PARAM_INT, 12);
418	418	$q->execute();

trunk/classes/misc/Postform.php

r1	r20
147	147	if ($show_orig !== 'mail') {
148	148	// preview button
149		$_col .= '<input type="button" onclick="preview();" value="' . $LANG['Preview'] . '" />';
	149	$_col .= '<input type="button" onclick="preview(\'' . session_id() . '\');" value="' . $LANG['Preview'] . '" />';
150	150	}
151	151	$_col .= '<input type="submit" value="' . $LANG['Submit'] . '" /></td>';

trunk/classes/pages/Lostpassword.php

r19	r20
58	58	// send mail
59	59	@mail($email, $SETTINGS['forumname'] . ' - ' . $LANG['Lost_Password'], str_replace(Array('%membername%', '%password%'), Array($row->membername, $p->get()), $LANG['lost_password_mail']), 'From: ' . $SETTINGS['forumadminemail']);
	60	$div = $this->html->body->addChild('div', $LANG['new_password_sent']);
	61	$div->addAttribute('class', 'message');
60	62	} else {
61	63	$q = NULL;
62		$this->html->body->addChild('div', $LANG['error_unknown_mail_address']);
	64	$div = $this->html->body->addChild('div', $LANG['error_unknown_mail_address']);
	65	$div->addAttribute('class', 'message');
63	66	}
64	67	} else {
65		$this->html->body->addChild('div', $LANG['error_mandatory']);
	68	$div = $this->html->body->addChild('div', $LANG['error_mandatory']);
	69	$div->addAttribute('class', 'message');
66	70	}
67	71	} else {

trunk/classes/pages/Messenger.php

r19	r20
86	86	$addresses = $q->fetchColumn();
87	87	$q = NULL;
88		$addresses .= ~~"\n" . $_id~~;
	88	$addresses .= $_id . "\n";
89	89	// write back to database
90	90	$q = $C->prepare('UPDATE ' . $SETTINGS['dbtableprefix'] . 'members SET addressbook=:addr WHERE memberid=:id');
…	…
142	142	$_member = new Member($addresses[$i]);
143	143	// add to table
144		$_table->addRow(Array($_member->getName(), '<td><a href="' . $F->link('messenger') . 'action=send&id=' . ~~$addresses[$i]~~ . '">' . $LANG['Send'] . '</a></td>', '<td><a href="' . $F->link('messenger') . 'action=changeaddresses&id=' . $addresses[$i] . '">' . $LANG['Delete'] . '</a></td>'));
	144	$_table->addRow(Array($_member->getName(), '<td><a href="' . $F->link('messenger') . 'action=send&id=' . trim($addresses[$i]) . '">' . $LANG['Send'] . '</a></td>', '<td><a href="' . $F->link('messenger') . 'action=changeaddresses&id=' . $addresses[$i] . '">' . $LANG['Delete'] . '</a></td>'));
145	145	// free memory
146	146	unset($_member);

trunk/classes/pages/Moderate.php

r19	r20
290	290	$q->bindParam(':id', $id, PDO::PARAM_INT, 12);
291	291	$q->execute();
292		$q = NULL
	292	$q = NULL;
293	293	// delete old topic (this is the one from which the 'merge' operation was called)
294	294	$q = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'topics WHERE topicid=:id');
…	…
367	367	@$C->query('LOCK TABLES ' . $SETTINGS['dbtableprefix'] . 'topics WRITE');
368	368	// insert new topic
369		$q = $C->prepare('INSERT INTO ' . $SETTINGS['dbtableprefix'] . 'topics (forum, topictitle~~, subscribed) VALUES (:forum, :title, :non~~e)');
	369	$q = $C->prepare('INSERT INTO ' . $SETTINGS['dbtableprefix'] . 'topics (forum, topictitle) VALUES (:forum, :title)');
370	370	$q->bindParam(':forum', $_forum, PDO::PARAM_INT, 12);
371	371	$q->bindParam(':title', $F->htmlentities(trim($subject)), PDO::PARAM_STR);
372		~~$q->bindValue(':none', '', PDO::PARAM_STR);~~
373	372	$q->execute();
374	373	$q = NULL;
…	…
439	438	$poll = $q->fetchColumn();
440	439	$q = NULL;
441		~~$q->closeCursor();~~
442	440	if ($poll > 0) {
443	441	$_form->addRawTableRow(Array($LANG['Poll'] . ':', '<td><input type="radio" name="poll" value="0" checked="checked" />' . $LANG['old'] . ' <input type="radio" name="poll" value="1" />' . $LANG['new'] . '</td>'));

trunk/classes/pages/Page.php

r19	r20
409	409	}
410	410	// add notification script
411		$this->html->body->addChild('script', "if (confirm('" . str_replace("%count%", $count, $LANG['x_unread_messages']) . "')) { window.location.href = '" . $F->link("messenger") . "action=inbox' }");
	411	$this->html->body->addChild('script', "if (confirm('" . str_replace("%count%", $count, $LANG['x_unread_messages']) . "')) { window.location.href = '" . $F->link("messenger") . "action=inbox&s=" . session_id() . " }");
412	412	}
413	413	}
…	…
421	421	* Function: permissionDenied
422	422	* Description: tell the user (s)he doesn't have sufficient rights
423		* Input: $t - target page whichr should be sent to in case
	423	* Input: $t - target page which should be sent to in case
424	424	* a login is allowed at this point
425	425	* $a - arguments passed to the login form as an array
…	…
446	446	// maybe user can rectify this by entering his password
447	447	$this->html->body->addChild('h2', $LANG['Login']);
448		$this->loginForm($t, $a, $admin);
	448	$this->loginForm($F->link($t), $a, $admin);
449	449	// redefine title and location
450	450	$this->title = ' - ' . $LANG['Login'];

trunk/classes/pages/Register.php

r19	r20
76	76	if ($q->fetchColumn() >= 1) {
77	77	// if membername exists, prevent registration
78		$this->html->body->addChild('div', $LANG['error_username_taken']);
	78	$div = $this->html->body->addChild('div', $LANG['error_username_taken']);
	79	$div->addAttribute('class', 'message');
79	80	$ok = 0;
80	81	}
…	…
87	88	if ($q->fetchColumn() >= 1) {
88	89	// if membername exists, prevent registration
89		$this->html->body->addChild('div', $LANG['error_mail_address_already_used']);
	90	$div = $this->html->body->addChild('div', $LANG['error_mail_address_already_used']);
	91	$div->addAttribute('class', 'message');
90	92	$ok = 0;
91	93	}
…	…
135	137	}
136	138	} else {
137		$this->html->body->addChild('div', $LANG['error_mandatory']);
	139	$div = $this->html->body->addChild('div', $LANG['error_mandatory']);
	140	$div->addAttribute('class', 'message');
138	141	}
139	142	} else {
140		$this->html->body->addChild('div', $LANG['error_authentication_code']);
	143	$div = $this->html->body->addChild('div', $LANG['error_authentication_code']);
	144	$div->addAttribute('class', 'message');
141	145	}
142	146	} else {

trunk/classes/pages/Search.php

r19	r20
62	62	}
63	63	// get 'read' rights for all forums of this user
64		foreach ($C->query('SELECT forumid FROM ' . $SETTINGS['dbtableprefix'] . 'forums') as $row) {
	64	$q = $C->prepare('SELECT forumid FROM ' . $SETTINGS['dbtableprefix'] . 'forums');
	65	$q->execute();
	66	$rows = $q->fetchAll();
	67	$q = NULL;
	68	foreach ($rows as $row) {
65	69	// put forum ids for which access is NOT granted into search condition
66	70	if (!Member::checkRights('Forum', 'r', $row['forumid'])) {

trunk/classes/pages/Userpanel.php

r19	r20
510	510	@closedir($handle);
511	511	}
512		$_col1 .= '</select><br /><a href="javascript:void(0);" onclick="window.open(\'redirectors/uploadavatar.php\', \'uploadwindow\', \'width=350, height=200\');">' . $LANG['Upload_Avatar'] . '</a></td>';
	512	$_col1 .= '</select><br /><a href="javascript:void(0);" onclick="window.open(\'redirectors/uploadavatar.php?s=' . session_id() . '\', \'uploadwindow\', \'width=350, height=200\');">' . $LANG['Upload_Avatar'] . '</a></td>';
513	513	$_col2 = '<td>';
514	514	// it shouldn't really occur that the avatar is an empty string,
…	…
558	558	// one select box for a new subscription showing only the 50 last active topics
559	559	$_col2 = '<td><select name="newsubscribed[0]"><option value="0" selected="selected">-</option>';
560		foreach ($C->query('SELECT DISTINCT(p.topic) AS topicid, t.topictitle AS topictitle, f.forumtitle AS forumtitle, MAX(p.posttime) AS posttime FROM ' . $SETTINGS['dbtableprefix'] . 'posts p, ' . $SETTINGS['dbtableprefix'] . 'topics t, ' . $SETTINGS['dbtableprefix'] . 'forums f WHERE p.topic=t.topicid AND t.forum = f.forumid GROUP BY p.topic ORDER BY posttime DESC LIMIT 0, 50') as $row) {
	560	$q = $C->prepare('SELECT DISTINCT(p.topic) AS topicid, t.topictitle AS topictitle, f.forumtitle AS forumtitle, MAX(p.posttime) AS posttime FROM ' . $SETTINGS['dbtableprefix'] . 'posts p, ' . $SETTINGS['dbtableprefix'] . 'topics t, ' . $SETTINGS['dbtableprefix'] . 'forums f WHERE p.topic=t.topicid AND t.forum = f.forumid GROUP BY p.topic ORDER BY posttime DESC LIMIT 0, 50');
	561	$q->execute();
	562	$rows = $q->fetchAll();
	563	$q = NULL;
	564	foreach ($rows as $row) {
561	565	// check if already subscribed
562	566	$q2 = $C->prepare('SELECT COUNT(*) FROM ' . $SETTINGS['dbtableprefix'] . 'subscriptions WHERE topic = :topic AND member = :member');
…	…
588	592	$form->addRawTableRow(Array('<th>' . $LANG['Group'] . '</th>', '<th>' . $LANG['Member'] . '</th>'));
589	593	// list all groups
590		foreach ($C->query('SELECT * FROM ' . $SETTINGS['dbtableprefix'] . 'usergroups ORDER BY id ASC') as $row) {
	594	$q = $C->prepare('SELECT * FROM ' . $SETTINGS['dbtableprefix'] . 'usergroups ORDER BY id ASC');
	595	$q->execute();
	596	$rows = $q->fetchAll();
	597	$q = NULL;
	598	foreach ($rows as $row) {
591	599	if ($row['public'] == 1) {
592	600	// public groups

trunk/includes/input.php

r9	r20
430	430	$newforum = $_POST['newforum'];
431	431	if (is_array($newforum)) {
432		foreach ($newforum as $_forum) {
	432	foreach ($newforum as $_forum=>$val) {
433	433	if (preg_match('/^[0-9]*$/', $_forum) != 1) {
434	434	die($LANG['error_input']);

trunk/includes/js/js.js

r1	r20
65	65	}
66	66
67		function preview() {
	67	function preview(sid) {
68	68	if (typeof(document.getElementsByName('user')[0]) != 'undefined') {
69	69	var user = document.getElementsByName('user')[0].value;
70	70	} else { var user = ''; }
71	71	var post = document.getElementsByName('post')[0].value;
72		window.open('redirectors/preview.php?user=' + encode64(user) + '&post=' + encode64(post), 'previewwindow', 'width=600, height=450, scrollbars=yes');
	72	window.open('redirectors/preview.php?user=' + encode64(user) + '&post=' + encode64(post) + '&s=' + sid, 'previewwindow', 'width=600, height=450, scrollbars=yes');
73	73	}
74	74

trunk/includes/lang/en.php

r13	r20
377	377	$LANG['welcome_mail'] = 'Hello and welcome to ' . $SETTINGS['forumname'] . "!\n\nYour initial password is %password%\n\nYou can now use it to log in and change your profile settings.\n\n" . $SETTINGS['forumadmin'] . "\nhttp://" . $_SERVER['SERVER_NAME'] . substr($_SERVER['PHP_SELF'], 0, strrpos($_SERVER[PHP_SELF], '/'));
378	378	$LANG['lost_password_mail'] = "%membername%,\n\nsomebody (hopefully you) has requested a new password for your account over at " . $SETTINGS['forumname'] . ".\n\nThis is said password: %password%\n\nUse it to log in and change it to whatever you like.\n\n" . $SETTINGS['forumadmin'] . "\nhttp://" . $_SERVER['SERVER_NAME'] . substr($_SERVER['PHP_SELF'], 0, strrpos($_SERVER[PHP_SELF], '/'));
	379	$LANG['new_password_sent'] = 'A new password has been sent to your e-mail address.';
379	380	$LANG['upload_avatar_hints'] = "<ul><li>File size must be smaller or equal 50KB</li><li>Width and height of the image mustn't exceed " . $SETTINGS['maxavatarsize'] . " pixels each</li><li>Allow file types are PNG, JPEG and GIF</li></ul>";
380	381	$LANG['upload_avatar_success'] = 'Your avatar has been uploaded successfully. You can now safely close this window, then reload the page from which you opened it and the new file should appear in the list.';

trunk/includes/session.php

r18	r20
40	40	ini_set('session.use_only_cookies', 0);
41	41	ini_set('session.use_trans_sid', 1);
42		ini_set('url_rewriter.tags', 'a=href, ~~area=href, frame=src, input=src, form=fakeentry,~~ fieldset=');
	42	ini_set('url_rewriter.tags', 'a=href,area=href,frame=src,input=src,form=,fieldset=');
43	43	ini_set('arg_separator.output', '&');
44	44	// cookies deleted once browser is closed

trunk/includes/styles/default.css

r5 r20

280 280
281 281 ol {
282 list-style-type:~~lower-greek~~;
282 list-style-type:decimal;
283 283 list-style-position:outside;
284 284 }

trunk/redirectors/preview.php

r19	r20
75	75	} else {
76	76	// logged in
	77	$row = new stdClass();
77	78	$row->poster = $_SESSION['membername'];
78	79	$row->postedbymember = 1;

r5	r20
280	280
281	281	ol {
282		list-style-type:~~lower-greek~~;
	282	list-style-type:decimal;
283	283	list-style-position:outside;
284	284	}

Navigation

Changeset 20

Legend:

Download in other formats: