Changeset 407
- Timestamp:
- 2011-01-01 15:54:56 (1 year ago)
- Files:
-
- trunk/admin/classes/pages/Editmember.php (modified) (3 diffs)
- trunk/admin/classes/pages/Permissions.php (modified) (1 diff)
- trunk/admin/index.php (modified) (2 diffs)
- trunk/classes/misc/Format.php (modified) (2 diffs)
- trunk/classes/misc/Member.php (modified) (11 diffs)
- trunk/classes/pages/Category.php (modified) (2 diffs)
- trunk/classes/pages/Page.php (modified) (5 diffs)
- trunk/classes/pages/Search.php (modified) (3 diffs)
- trunk/index.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
trunk/admin/classes/pages/Editmember.php
r405 r407 282 282 } 283 283 $_col2 .= '</select><select name="birthday1"><option value="00"'; 284 if ( $birthday[1] == '00') { $_col2 .= ' selected="selected"'; }284 if (!isset($birthday[1]) || $birthday[1] == '00') { $_col2 .= ' selected="selected"'; } 285 285 $_col2 .= '>' . $LANG['n/a'] . '</option>'; 286 286 $i = 1; … … 290 290 else { $j = $i; } 291 291 $_col2 .= '<option value="' . $j . '"'; 292 if ( $birthday[1] == $j) { $_col2 .=' selected="selected"'; }292 if (isset($birthday[1]) && $birthday[1] == $j) { $_col2 .=' selected="selected"'; } 293 293 $_col2 .= '>' . $j . '</option>'; 294 294 $i++; 295 295 } 296 296 $_col2 .= '</select><select name="birthday2"><option value="00"'; 297 if ( $birthday[2] == '00') {297 if (!isset($birthday[2]) || $birthday[2] == '00') { 298 298 $_col2 .= ' selected="selected"'; 299 299 } … … 305 305 else { $j = $i; } 306 306 $_col2 .= '<option value="' . $j . '"'; 307 if ( $birthday[2] == $j) { $_col2 .=' selected="selected"'; }307 if (isset($birthday[2]) && $birthday[2] == $j) { $_col2 .=' selected="selected"'; } 308 308 $_col2 .= '>' . $j . '</option>'; 309 309 $i++; trunk/admin/classes/pages/Permissions.php
r316 r407 233 233 } 234 234 $q2 = NULL; 235 if (!is_object($_row)) { 236 $_row = new stdClass(); 237 } 235 238 if (!isset($_row->r)) { 236 239 // nothing set yet, so 'default deny' trunk/admin/index.php
r307 r407 6 6 * Description: wrapper file calling all administrative functions 7 7 * 8 * Copyright (C) 2007, 2008, 2009 Hannes Schueller8 * Copyright (C) 2007, 2008, 2009, 2011 Hannes Schueller 9 9 * 10 10 * This program is free software: you can redistribute it and/or modify … … 25 25 // disable output of error messages and warnings 26 26 ini_set('display_errors', 'Off'); 27 error_reporting(E_ALL | E_STRICT); 28 29 // explicitely set default timezone 30 date_default_timezone_set('UTC'); 27 31 28 32 // if install script is present, redirect there trunk/classes/misc/Format.php
r387 r407 6 6 * Description: various output formatting functions 7 7 * 8 * Copyright (C) 2007, 2008, 2009 Hannes Schueller8 * Copyright (C) 2007, 2008, 2009, 2011 Hannes Schueller 9 9 * 10 10 * This program is free software: you can redistribute it and/or modify … … 176 176 $_cont = substr($str, ($_pos_open + $_len_open), ($_pos_close - $_pos_open - $_len_open)); 177 177 // handle a few special cases 178 $_attr_close = ''; 178 179 switch ($tags_open[$i]) { 179 180 // permutation handling isn't necessary, because we compare with the 'official' tag definition trunk/classes/misc/Member.php
r399 r407 6 6 * Description: Member object 7 7 * 8 * Copyright (C) 2007, 2009 Hannes Schueller8 * Copyright (C) 2007, 2009, 2011 Hannes Schueller 9 9 * 10 10 * This program is free software: you can redistribute it and/or modify … … 510 510 * matched with database 511 511 **/ 512 public function authenticate($user, $password) {512 public static function authenticate($user, $password) { 513 513 // language, formatting, settings 514 514 global $LANG, $F, $C, $SETTINGS; … … 638 638 * Returns: TRUE (access granted) or FALSE (access denied) 639 639 **/ 640 public function checkRights($page, $action, $id = FALSE) {640 public static function checkRights($page, $action, $id = FALSE) { 641 641 global $C, $SETTINGS; 642 642 if ($SETTINGS['maintainancemode'] == 1) { … … 957 957 * Returns: - 958 958 **/ 959 public function login($username, $remember = 'n', $admin = 0) {959 public static function login($username, $remember = 'n', $admin = 0) { 960 960 global $SETTINGS, $C; 961 961 // get personal settings … … 967 967 // delete old session entry in the online table 968 968 $q = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'online WHERE onlinesession = :session'); 969 $q->bind Param(':session', session_id(), PDO::PARAM_STR, 40);969 $q->bindValue(':session', session_id(), PDO::PARAM_STR); 970 970 $q->execute(); 971 971 $q = NULL; … … 1001 1001 $q = $C->prepare('UPDATE ' . $SETTINGS['dbtableprefix'] . 'online SET onlinememberid = :id WHERE onlinesession = :session'); 1002 1002 $q->bindParam(':id', $row->memberid, PDO::PARAM_INT, 12); 1003 $q->bind Param(':session', session_id(), PDO::PARAM_STR, 40);1003 $q->bindValue(':session', session_id(), PDO::PARAM_STR); 1004 1004 $q->execute(); 1005 1005 $q = NULL; … … 1039 1039 * Returns: - 1040 1040 **/ 1041 public function session($listonline = 1, $updatelastvisit = TRUE) {1041 public static function session($listonline = 1, $updatelastvisit = TRUE) { 1042 1042 global $SETTINGS, $C, $BOTS; 1043 1043 … … 1217 1217 // enter user into online table 1218 1218 $q = $C->prepare('SELECT COUNT(*) FROM ' . $SETTINGS['dbtableprefix'] . 'online WHERE onlinesession = :session'); 1219 $q->bind Param(':session', session_id(), PDO::PARAM_STR, 40);1219 $q->bindValue(':session', session_id(), PDO::PARAM_STR); 1220 1220 $s = $q->execute(); 1221 1221 if ($s && $q->fetchColumn() >= 1) { … … 1223 1223 // update existing entry with new timestamp 1224 1224 $q = $C->prepare('UPDATE ' . $SETTINGS['dbtableprefix'] . 'online SET onlinetime = :time WHERE onlinesession = :session'); 1225 $q->bind Param(':time', time(), PDO::PARAM_INT, 12);1226 $q->bind Param(':session', session_id(), PDO::PARAM_STR, 40);1225 $q->bindValue(':time', time(), PDO::PARAM_INT); 1226 $q->bindValue(':session', session_id(), PDO::PARAM_STR); 1227 1227 $q->execute(); 1228 1228 $q = NULL; … … 1238 1238 $q->bindValue(':memberid', 0, PDO::PARAM_INT); 1239 1239 } 1240 $q->bind Param(':time', time(), PDO::PARAM_INT, 12);1241 $q->bind Param(':session', session_id(), PDO::PARAM_STR, 40);1240 $q->bindValue(':time', time(), PDO::PARAM_INT); 1241 $q->bindValue(':session', session_id(), PDO::PARAM_STR); 1242 1242 $q->execute(); 1243 1243 $q = NULL; … … 1293 1293 // put into database in ISO format 1294 1294 $q = $C->prepare('UPDATE ' . $SETTINGS['dbtableprefix'] . 'members SET lastvisit = :t WHERE memberid = :id'); 1295 $q->bind Param(':t', $_ts->format('Y-m-d H:i:s'), PDO::PARAM_STR, 19);1295 $q->bindValue(':t', $_ts->format('Y-m-d H:i:s'), PDO::PARAM_STR); 1296 1296 $q->bindParam(':id', $_SESSION['memberid'], PDO::PARAM_INT, 12); 1297 1297 $q->execute(); trunk/classes/pages/Category.php
r213 r407 7 7 * (default) or just a specific one 8 8 * 9 * Copyright (C) 2007 Hannes Schueller9 * Copyright (C) 2007, 2011 Hannes Schueller 10 10 * 11 11 * This program is free software: you can redistribute it and/or modify … … 179 179 * Returns: name of the category or an empty string 180 180 **/ 181 public function getName($id = FALSE) {181 public static function getName($id = FALSE) { 182 182 global $C, $SETTINGS; 183 183 if ($id) { trunk/classes/pages/Page.php
r372 r407 7 7 * shared by all pages 8 8 * 9 * Copyright (C) 2007, 2008, 2009 Hannes Schueller9 * Copyright (C) 2007, 2008, 2009, 2011 Hannes Schueller 10 10 * 11 11 * This program is free software: you can redistribute it and/or modify … … 111 111 $_now = new DateTime('now', new DateTimeZone('UTC')); 112 112 $q->bindValue(':ts', $_now->format('Y-m-d H:i:s'), PDO::PARAM_STR); 113 $q->bindParam(':input', preg_replace('/(password[2]?\] =>) .*\n/', "$1 ***\n", print_r($INPUT, TRUE) , PDO::PARAM_STR));113 $q->bindParam(':input', preg_replace('/(password[2]?\] =>) .*\n/', "$1 ***\n", print_r($INPUT, TRUE)), PDO::PARAM_STR); 114 114 $q->execute(); 115 115 // admin's top bar … … 395 395 // get members with this month-day combination 396 396 $q = $C->prepare('SELECT memberid, membername, SUBSTR(birthday,1,4) AS year FROM ' . $SETTINGS['dbtableprefix'] . 'members WHERE SUBSTR(birthday,6,5) = :today'); 397 $q->bind Param(':today', $_today->format('m-d'), PDO::PARAM_STR, 5);397 $q->bindValue(':today', $_today->format('m-d'), PDO::PARAM_STR); 398 398 $s = $q->execute(); 399 399 if ($s) { … … 473 473 } 474 474 // debugging output 475 if ($SETTINGS['debug'] == 1 || ($SETTINGS['debug'] == 2 && $_admin == 1)) {475 if ($SETTINGS['debug'] == 1 || ($SETTINGS['debug'] == 2 && isset($_admin) && $_admin == 1)) { 476 476 $_now_utc = new DateTime('now', new DateTimeZone('UTC')); 477 477 $_now_board = new DateTime('now', new DateTimeZone('UTC')); … … 627 627 * Returns: TRUE / FALSE 628 628 **/ 629 public function checkLogins() {629 public static function checkLogins() { 630 630 global $SETTINGS, $C; 631 631 if ($SETTINGS['loginattempts'] > 0) { trunk/classes/pages/Search.php
r254 r407 6 6 * Description: Search page 7 7 * 8 * Copyright (C) 2007, 2008, 2009 Hannes Schueller8 * Copyright (C) 2007, 2008, 2009, 2011 Hannes Schueller 9 9 * 10 10 * This program is free software: you can redistribute it and/or modify … … 52 52 $INPUT['all'] = trim($INPUT['all']); 53 53 // evaluate search scope 54 if (!isset($INPUT['search_scope'])) { 55 $INPUT['search_scope'] = 'all'; 56 } 54 57 $scope = explode('=', $INPUT['search_scope']); 55 58 switch ($scope[0]) { … … 197 200 } 198 201 // evaluate if there has been at least one search term long enough to be considered 199 if ( $_n === 0) {202 if (isset($_n) && $_n === 0) { 200 203 $_error = $LANG['error_keywords_too_short']; 201 204 } trunk/index.php
r307 r407 6 6 * Description: wrapper file calling all the others directly or indirectly 7 7 * 8 * Copyright (C) 2007, 2008, 2009 Hannes Schueller8 * Copyright (C) 2007, 2008, 2009, 2011 Hannes Schueller 9 9 * 10 10 * This program is free software: you can redistribute it and/or modify … … 25 25 // disable output of error messages and warnings 26 26 ini_set('display_errors', 'Off'); 27 error_reporting(E_ALL | E_STRICT); 28 29 // explicitely set default timezone 30 date_default_timezone_set('UTC'); 27 31 28 32 // if install script is present, redirect there
