il y a 12 ans · 43a398c885
--- a/Sources/DbPackages-mysql.php
+++ b/Sources/DbPackages-mysql.php
@@ -121,30 +121,7 @@ function smf_db_create_table($table_name, $columns, $indexes = array(), $paramet
 
 	// Righty - let's do the damn thing!
 
 	$table_query = 'CREATE TABLE ' . $table_name . "\n" . '(';
 
 	foreach ($columns as $column)
 
-	{
 
-		// Auto increment is easy here!
 
-		if (!empty($column['auto']))
 
-		{
 
-			$default = 'auto_increment';
 
-		}
 
-		elseif (isset($column['default']) && $column['default'] !== null)
 
-			$default = 'default \'' . $smcFunc['db_escape_string']($column['default']) . '\'';
 
-		else
 
-			$default = '';
 
-
 
-		// Sort out the size... and stuff...
 
-		$column['size'] = isset($column['size']) && is_numeric($column['size']) ? $column['size'] : null;
 
-		list ($type, $size) = $smcFunc['db_calculate_type']($column['type'], $column['size']);
 
-
 
-		// Allow unsigned integers (mysql only)
 
-		$unsigned = in_array($type, array('int', 'tinyint', 'smallint', 'mediumint', 'bigint')) && !empty($column['unsigned']) ? 'unsigned ' : '';
 
-
 
-		if ($size !== null)
 
-			$type = $type . '(' . $size . ')';
 
-
 
-		// Now just put it together!
 
-		$table_query .= "\n\t`" .$column['name'] . '` ' . $type . ' ' . (!empty($unsigned) ? $unsigned : '') . (!empty($column['null']) ? '' : 'NOT NULL') . ' ' . $default . ',';
 
-	}
 
+		$table_query .= "\n\t" . smf_db_create_query_column($column);
 
 
 
 	// Loop through the indexes next...
 
 	foreach ($indexes as $index)
@@ -259,9 +236,7 @@ function smf_db_add_column($table_name, $column_info, $parameters = array(), $if
 
 	// Now add the thing!
 
 	$query = '
 
 		ALTER TABLE ' . $table_name . '
 
-		ADD `' . $column_info['name'] . '` ' . $type . ' ' . (!empty($unsigned) ? $unsigned : '') . (empty($column_info['null']) ? 'NOT NULL' : '') . ' ' .
 
-			(!isset($column_info['default']) ? '' : 'default \'' . $smcFunc['db_escape_string']($column_info['default']) . '\'') . ' ' .
 
-			(empty($column_info['auto']) ? '' : 'auto_increment primary key') . ' ';
 
+		ADD ' . smf_db_create_query_column($column_info);
 
 	$smcFunc['db_query']('', $query,
 
 		array(
 
 			'security_override' => true,
@@ -643,4 +618,30 @@ function smf_db_list_indexes($table_name, $detail = false, $parameters = array()
 
 	return $indexes;
 
 }
 
 
 
+function smf_db_create_query_column($column)
 
+{
 
+	// Auto increment is easy here!
 
+	if (!empty($column['auto']))
 
+	{
 
+		$default = 'auto_increment';
 
+	}
 
+	elseif (isset($column['default']) && $column['default'] !== null)
 
+		$default = 'default \'' . $smcFunc['db_escape_string']($column['default']) . '\'';
 
+	else
 
+		$default = '';
 
+
 
+	// Sort out the size... and stuff...
 
+	$column['size'] = isset($column['size']) && is_numeric($column['size']) ? $column['size'] : null;
 
+	list ($type, $size) = $smcFunc['db_calculate_type']($column['type'], $column['size']);
 
+
 
+	// Allow unsigned integers (mysql only)
 
+	$unsigned = in_array($type, array('int', 'tinyint', 'smallint', 'mediumint', 'bigint')) && !empty($column['unsigned']) ? 'unsigned ' : '';
 
+
 
+	if ($size !== null)
 
+		$type = $type . '(' . $size . ')';
 
+
 
+	// Now just put it together!
 
+	return '`' .$column['name'] . '` ' . $type . ' ' . (!empty($unsigned) ? $unsigned : '') . (!empty($column['null']) ? '' : 'NOT NULL') . ' ' . $default . ',';
 
+}
 
+
 
 ?>
--- a/Sources/ManageMembers.php
+++ b/Sources/ManageMembers.php
@@ -156,13 +156,12 @@ function ViewMemberlist()
 
 		// Clean the input.
 
 		foreach ($_POST['delete'] as $key => $value)
 
 		{
 
-			$_POST['delete'][$key] = (int) $value;
 
 			// Don't delete yourself, idiot.
 
-			if ($value == $user_info['id'])
 
-				unset($_POST['delete'][$key]);
 
+			if ($value != $user_info['id'])
 
+				$delete[$key] = (int) $value;
 
 		}
 
 
 
-		if (!empty($_POST['delete']))
 
+		if (!empty($delete))
 
 		{
 
 			// Delete all the selected members.
 
 			require_once($sourcedir . '/Subs-Members.php');
@@ -170,9 +169,6 @@ function ViewMemberlist()
 
 		}
 
 	}
 
 
 
-	if ($context['sub_action'] == 'query' && !empty($_REQUEST['params']) && empty($_POST))
 
-		$_POST += @unserialize(base64_decode($_REQUEST['params']));
 
-
 
 	// Check input after a member search has been submitted.
 
 	if ($context['sub_action'] == 'query')
 
 	{
@@ -284,6 +280,19 @@ function ViewMemberlist()
 
 
 
 		call_integration_hook('integrate_view_members_params', array(&$params));
 
 
 
+		$search_params = array();
 
+		if ($context['sub_action'] == 'query' && !empty($_REQUEST['params']) && empty($_POST))
 
+			$search_params = @unserialize(base64_decode($_REQUEST['params']));
 
+		elseif (!empty($_POST))
 
+		{
 
+			$search_params['types'] = $_POST['types'];
 
+			foreach ($params as $param_name => $param_info)
 
+				if (isset($_POST[$param_name]))
 
+					$search_params[$param_name] = $_POST[$param_name];
 
+		}
 
+
 
+		$search_url_params = isset($search_params) ? base64_encode(serialize($search_params)) : null;
 
+
 
 		// @todo Validate a little more.
 
 
 
 		// Loop through every field of the form.
@@ -292,45 +301,45 @@ function ViewMemberlist()
 
 		foreach ($params as $param_name => $param_info)
 
 		{
 
 			// Not filled in?
 
-			if (!isset($_POST[$param_name]) || $_POST[$param_name] === '')
 
+			if (!isset($search_params[$param_name]) || $search_params[$param_name] === '')
 
 				continue;
 
 
 
 			// Make sure numeric values are really numeric.
 
 			if (in_array($param_info['type'], array('int', 'age')))
 
-				$_POST[$param_name] = (int) $_POST[$param_name];
 
+				$search_params[$param_name] = (int) $search_params[$param_name];
 
 			// Date values have to match the specified format.
 
 			elseif ($param_info['type'] == 'date')
 
 			{
 
 				// Check if this date format is valid.
 
-				if (preg_match('/^\d{4}-\d{1,2}-\d{1,2}$/', $_POST[$param_name]) == 0)
 
+				if (preg_match('/^\d{4}-\d{1,2}-\d{1,2}$/', $search_params[$param_name]) == 0)
 
 					continue;
 
 
 
-				$_POST[$param_name] = strtotime($_POST[$param_name]);
 
+				$search_params[$param_name] = strtotime($search_params[$param_name]);
 
 			}
 
 
 
 			// Those values that are in some kind of range (<, <=, =, >=, >).
 
 			if (!empty($param_info['range']))
 
 			{
 
 				// Default to '=', just in case...
 
-				if (empty($range_trans[$_POST['types'][$param_name]]))
 
-					$_POST['types'][$param_name] = '=';
 
+				if (empty($range_trans[$search_params['types'][$param_name]]))
 
+					$search_params['types'][$param_name] = '=';
 
 
 
 				// Handle special case 'age'.
 
 				if ($param_info['type'] == 'age')
 
 				{
 
 					// All people that were born between $lowerlimit and $upperlimit are currently the specified age.
 
 					$datearray = getdate(forum_time());
 
-					$upperlimit = sprintf('%04d-%02d-%02d', $datearray['year'] - $_POST[$param_name], $datearray['mon'], $datearray['mday']);
 
-					$lowerlimit = sprintf('%04d-%02d-%02d', $datearray['year'] - $_POST[$param_name] - 1, $datearray['mon'], $datearray['mday']);
 
-					if (in_array($_POST['types'][$param_name], array('-', '--', '=')))
 
+					$upperlimit = sprintf('%04d-%02d-%02d', $datearray['year'] - $search_params[$param_name], $datearray['mon'], $datearray['mday']);
 
+					$lowerlimit = sprintf('%04d-%02d-%02d', $datearray['year'] - $search_params[$param_name] - 1, $datearray['mon'], $datearray['mday']);
 
+					if (in_array($search_params['types'][$param_name], array('-', '--', '=')))
 
 					{
 
 						$query_parts[] = ($param_info['db_fields'][0]) . ' > {string:' . $param_name . '_minlimit}';
 
-						$where_params[$param_name . '_minlimit'] = ($_POST['types'][$param_name] == '--' ? $upperlimit : $lowerlimit);
 
+						$where_params[$param_name . '_minlimit'] = ($search_params['types'][$param_name] == '--' ? $upperlimit : $lowerlimit);
 
 					}
 
-					if (in_array($_POST['types'][$param_name], array('+', '++', '=')))
 
+					if (in_array($search_params['types'][$param_name], array('+', '++', '=')))
 
 					{
 
 						$query_parts[] = ($param_info['db_fields'][0]) . ' <= {string:' . $param_name . '_pluslimit}';
 
-						$where_params[$param_name . '_pluslimit'] = ($_POST['types'][$param_name] == '++' ? $lowerlimit : $upperlimit);
 
+						$where_params[$param_name . '_pluslimit'] = ($search_params['types'][$param_name] == '++' ? $lowerlimit : $upperlimit);
 
 
 
 						// Make sure that members that didn't set their birth year are not queried.
 
 						$query_parts[] = ($param_info['db_fields'][0]) . ' > {date:dec_zero_date}';
@@ -338,27 +347,27 @@ function ViewMemberlist()
 
 					}
 
 				}
 
 				// Special case - equals a date.
 
-				elseif ($param_info['type'] == 'date' && $_POST['types'][$param_name] == '=')
 
+				elseif ($param_info['type'] == 'date' && $search_params['types'][$param_name] == '=')
 
 				{
 
-					$query_parts[] = $param_info['db_fields'][0] . ' > ' . $_POST[$param_name] . ' AND ' . $param_info['db_fields'][0] . ' < ' . ($_POST[$param_name] + 86400);
 
+					$query_parts[] = $param_info['db_fields'][0] . ' > ' . $search_params[$param_name] . ' AND ' . $param_info['db_fields'][0] . ' < ' . ($search_params[$param_name] + 86400);
 
 				}
 
 				else
 
-					$query_parts[] = $param_info['db_fields'][0] . ' ' . $range_trans[$_POST['types'][$param_name]] . ' ' . $_POST[$param_name];
 
+					$query_parts[] = $param_info['db_fields'][0] . ' ' . $range_trans[$search_params['types'][$param_name]] . ' ' . $search_params[$param_name];
 
 			}
 
 			// Checkboxes.
 
 			elseif ($param_info['type'] == 'checkbox')
 
 			{
 
 				// Each checkbox or no checkbox at all is checked -> ignore.
 
-				if (!is_array($_POST[$param_name]) || count($_POST[$param_name]) == 0 || count($_POST[$param_name]) == count($param_info['values']))
 
+				if (!is_array($search_params[$param_name]) || count($search_params[$param_name]) == 0 || count($search_params[$param_name]) == count($param_info['values']))
 
 					continue;
 
 
 
 				$query_parts[] = ($param_info['db_fields'][0]) . ' IN ({array_string:' . $param_name . '_check})';
 
-				$where_params[$param_name . '_check'] = $_POST[$param_name];
 
+				$where_params[$param_name . '_check'] = $search_params[$param_name];
 
 			}
 
 			else
 
 			{
 
 				// Replace the wildcard characters ('*' and '?') into MySQL ones.
 
-				$parameter = strtolower(strtr($smcFunc['htmlspecialchars']($_POST[$param_name], ENT_QUOTES), array('%' => '\%', '_' => '\_', '*' => '%', '?' => '_')));
 
+				$parameter = strtolower(strtr($smcFunc['htmlspecialchars']($search_params[$param_name], ENT_QUOTES), array('%' => '\%', '_' => '\_', '*' => '%', '?' => '_')));
 
 
 
 				$query_parts[] = '(' . implode( ' LIKE {string:' . $param_name . '_normal} OR ', $param_info['db_fields']) . ' LIKE {string:' . $param_name . '_normal})';
 
 				$where_params[$param_name . '_normal'] = '%' . $parameter . '%';
@@ -369,15 +378,15 @@ function ViewMemberlist()
 
 		$mg_query_parts = array();
 
 
 
 		// Primary membergroups, but only if at least was was not selected.
 
-		if (!empty($_POST['membergroups'][1]) && count($context['membergroups']) != count($_POST['membergroups'][1]))
 
+		if (!empty($search_params['membergroups'][1]) && count($context['membergroups']) != count($search_params['membergroups'][1]))
 
 		{
 
 			$mg_query_parts[] = 'mem.id_group IN ({array_int:group_check})';
 
-			$where_params['group_check'] = $_POST['membergroups'][1];
 
+			$where_params['group_check'] = $search_params['membergroups'][1];
 
 		}
 
 
 
 		// Additional membergroups (these are only relevant if not all primary groups where selected!).
 
-		if (!empty($_POST['membergroups'][2]) && (empty($_POST['membergroups'][1]) || count($context['membergroups']) != count($_POST['membergroups'][1])))
 
-			foreach ($_POST['membergroups'][2] as $mg)
 
+		if (!empty($search_params['membergroups'][2]) && (empty($search_params['membergroups'][1]) || count($context['membergroups']) != count($search_params['membergroups'][1])))
 
+			foreach ($search_params['membergroups'][2] as $mg)
 
 			{
 
 				$mg_query_parts[] = 'FIND_IN_SET({int:add_group_' . $mg . '}, mem.additional_groups) != 0';
 
 				$where_params['add_group_' . $mg] = $mg;
@@ -388,23 +397,21 @@ function ViewMemberlist()
 
 			$query_parts[] = '(' . implode(' OR ', $mg_query_parts) . ')';
 
 
 
 		// Get all selected post count related membergroups.
 
-		if (!empty($_POST['postgroups']) && count($_POST['postgroups']) != count($context['postgroups']))
 
+		if (!empty($search_params['postgroups']) && count($search_params['postgroups']) != count($context['postgroups']))
 
 		{
 
 			$query_parts[] = 'id_post_group IN ({array_int:post_groups})';
 
-			$where_params['post_groups'] = $_POST['postgroups'];
 
+			$where_params['post_groups'] = $search_params['postgroups'];
 
 		}
 
 
 
 		// Construct the where part of the query.
 
 		$where = empty($query_parts) ? '1' : implode('
 
 			AND ', $query_parts);
 
-
 
-		$search_params = base64_encode(serialize($_POST));
 
 	}
 
 	else
 
-		$search_params = null;
 
+		$search_url_params = null;
 
 
 
 	// Construct the additional URL part with the query info in it.
 
-	$context['params_url'] = $context['sub_action'] == 'query' ? ';sa=query;params=' . $search_params : '';
 
+	$context['params_url'] = $context['sub_action'] == 'query' ? ';sa=query;params=' . $search_url_params : '';
 
 
 
 	// Get the title and sub template ready..
 
 	$context['page_title'] = $txt['admin_members'];
--- a/Sources/Poll.php
+++ b/Sources/Poll.php
@@ -641,6 +641,8 @@ function EditPoll2()
 
 	}
 
 	if ($optionCount < 2)
 
 		$poll_errors[] = 'poll_few';
 
+	elseif ($optionCount > 256)
 
+		$poll_errors[] = 'poll_many';
 
 
 
 	// Also - ensure they are not removing the question.
 
 	if (trim($_POST['question']) == '')
--- a/Sources/Post.php
+++ b/Sources/Post.php
@@ -1524,6 +1524,8 @@ function Post2()
 
 		// What are you going to vote between with one choice?!?
 
 		if (count($_POST['options']) < 2)
 
 			$post_errors[] = 'poll_few';
 
+		elseif (count($_POST['options']) > 256)
 
+			$post_errors[] = 'poll_many';
 
 	}
 
 
 
 	if ($posterIsGuest)
--- a/Sources/Profile-Modify.php
+++ b/Sources/Profile-Modify.php
@@ -2675,7 +2675,7 @@ function profileSaveAvatarData(&$value)
 
 		removeAttachments(array('id_member' => $memID));
 
 
 
 		// @todo http://www.simplemachines.org/community/index.php?topic=462089.msg3226650#msg3226650
 
-		$profile_vars['avatar'] = str_replace('%20', ' ', preg_replace('~action(?:=|%3d)(?!dlattach)~i', 'action-', $_POST['userpicpersonal']));
 
+		$profile_vars['avatar'] = str_replace(' ', '%20', preg_replace('~action(?:=|%3d)(?!dlattach)~i', 'action-', $_POST['userpicpersonal']));
 
 
 
 		if ($profile_vars['avatar'] == 'http://' || $profile_vars['avatar'] == 'http:///')
 
 			$profile_vars['avatar'] = '';
@@ -2993,7 +2993,7 @@ function profileValidateSignature(&$value)
 
 		$disabledSigBBC = implode('|', $disabledTags);
 
 		if (!empty($disabledSigBBC))
 
 		{
 
-			if (preg_match('~\[(' . $disabledSigBBC . ')~i', $unparsed_signature, $matches) !== false && isset($matches[1]))
 
+			if (preg_match('~\[(' . $disabledSigBBC . '[ =\]/])~i', $unparsed_signature, $matches) !== false && isset($matches[1]))
 
 			{
 
 				$disabledTags = array_unique($disabledTags);
 
 				$txt['profile_error_signature_disabled_bbc'] = sprintf($txt['profile_error_signature_disabled_bbc'], implode(', ', $disabledTags));
--- a/Sources/Subs-Graphics.php
+++ b/Sources/Subs-Graphics.php
@@ -121,7 +121,7 @@ function checkImageContents($fileName, $extensiveCheck = false)
 
 		else
 
 		{
 
 			// Check for potential infection
 
-			if (preg_match('~(iframe|html|eval|body|script\W|[CF]WS[\x01-\x0C])~i', $prev_chunk . $cur_chunk) === 1)
 
+			if (preg_match('~(iframe|(?<!cellTextIs)html|eval|body|script\W|[CF]WS[\x01-\x0C])~i', $prev_chunk . $cur_chunk) === 1)
 
 			{
 
 				fclose($fp);
 
 				return false;
--- a/Sources/Subs-Package.php
+++ b/Sources/Subs-Package.php
@@ -260,9 +260,9 @@ function read_zip_data($data, $destination, $single_file = false, $overwrite = f
 
 		if ($file_info['general_purpose'] & 0x0008)
 
 		{
 
 			$unzipped2 = unpack("Vcrc/Vcompressed_size/Vsize", substr($$data, -12));
 
-			$unzipped['crc'] = $unzipped2['crc'];
 
-			$unzipped['compressed_size'] = $unzipped2['compressed_size'];
 
-			$unzipped['size'] = $unzipped2['size'];
 
+			$file_info['crc'] = $unzipped2['crc'];
 
+			$file_info['compressed_size'] = $unzipped2['compressed_size'];
 
+			$file_info['size'] = $unzipped2['size'];
 
 			unset($unzipped2);
 
 		}
 
 
@@ -290,7 +290,7 @@ function read_zip_data($data, $destination, $single_file = false, $overwrite = f
 
 		$file_info['data'] = substr($data, 26 + $file_info['filename_length'] + $file_info['extrafield_length']);
 
 
 
 		// Only inflate it if we need to ;)
 
-		if ($file_info['compressed_size'] != $file_info['size'])
 
+		if (!empty($file_info['compress_method']) || ($file_info['compressed_size'] != $file_info['size']))
 
 			$file_info['data'] = gzinflate($file_info['data']);
 
 
 
 		// Okay!  We can write this file, looks good from here...
--- a/Themes/default/index.template.php
+++ b/Themes/default/index.template.php
@@ -180,8 +180,8 @@ function template_html_above()
 
 	// Show all the relative links, such as help, search, contents, and the like.
 
 	echo '
 
 	<link rel="help" href="', $scripturl, '?action=help" />
 
-	<link rel="search" href="', $scripturl, '?action=search" />
 
-	<link rel="contents" href="', $scripturl, '" />';
 
+	<link rel="contents" href="', $scripturl, '" />', ($context['allow_search'] ? '
 
+	<link rel="search" href="' . $scripturl . '?action=search" />' : '');
 
 
 
 	// If RSS feeds are enabled, advertise the presence of one.
 
 	if (!empty($modSettings['xmlnews_enable']) && (!empty($modSettings['allow_guestAccess']) || $context['user']['is_logged']))
@@ -295,22 +295,26 @@ function template_body_above()
 
 
 
 	echo '
 
 			</div>
 
-			<div class="news normaltext">
 
+			<div class="news normaltext">';
 
+	if ($context['allow_search'])
 
+	{
 
+		echo '
 
 				<form id="search_form" action="', $scripturl, '?action=search2" method="post" accept-charset="', $context['character_set'], '">
 
 					<input type="text" name="search" value="" class="input_text" />&nbsp;
 
 					<input type="submit" name="submit" value="', $txt['search'], '" class="button_submit" />
 
 					<input type="hidden" name="advanced" value="0" />';
 
 
 
-	// Search within current topic?
 
-	if (!empty($context['current_topic']))
 
-		echo '
 
-					<input type="hidden" name="topic" value="', $context['current_topic'], '" />';
 
-	// If we're on a certain board, limit it to this board ;).
 
-	elseif (!empty($context['current_board']))
 
-		echo '
 
-					<input type="hidden" name="brd[', $context['current_board'], ']" value="', $context['current_board'], '" />';
 
+		// Search within current topic?
 
+		if (!empty($context['current_topic']))
 
+			echo '
 
+						<input type="hidden" name="topic" value="', $context['current_topic'], '" />';
 
+		// If we're on a certain board, limit it to this board ;).
 
+		elseif (!empty($context['current_board']))
 
+			echo '
 
+						<input type="hidden" name="brd[', $context['current_board'], ']" value="', $context['current_board'], '" />';
 
 
 
-	echo '</form>';
 
+		echo '</form>';
 
+	}
 
 
 
 	// Show a random news item? (or you could pick one from news_lines...)
 
 	if (!empty($settings['enable_news']))
--- a/Themes/default/languages/Errors.english.php
+++ b/Themes/default/languages/Errors.english.php
@@ -244,6 +244,7 @@ $txt['error_bad_to'] = 'One or more \'to\'-recipients could not be found.';
 
 $txt['error_bad_bcc'] = 'One or more \'bcc\'-recipients could not be found.';
 
 $txt['error_form_already_submitted'] = 'You already submitted this post!  You might have accidentally double clicked or tried to refresh the page.';
 
 $txt['error_poll_few'] = 'You must have at least two choices!';
 
+$txt['error_poll_many'] = 'You must have no more than 256 choices!';
 
 $txt['error_need_qr_verification'] = 'Please complete the verification section below to complete your post.';
 
 $txt['error_wrong_verification_code'] = 'The letters you typed don\'t match the letters that were shown in the picture.';
 
 $txt['error_wrong_verification_answer'] = 'You did not answer the verification questions correctly.';