Esempio n. 1
0
    /**
     * Update forum data
     */
    function update_forum_data(&$forum_data)
    {
        global $db, $user, $cache, $phpbb_root_path;
        $errors = array();
        if ($forum_data['forum_name'] == '') {
            $errors[] = $user->lang['FORUM_NAME_EMPTY'];
        }
        if (utf8_strlen($forum_data['forum_desc']) > 4000) {
            $errors[] = $user->lang['FORUM_DESC_TOO_LONG'];
        }
        if (utf8_strlen($forum_data['forum_rules']) > 4000) {
            $errors[] = $user->lang['FORUM_RULES_TOO_LONG'];
        }
        if ($forum_data['forum_password'] || $forum_data['forum_password_confirm']) {
            if ($forum_data['forum_password'] != $forum_data['forum_password_confirm']) {
                $forum_data['forum_password'] = $forum_data['forum_password_confirm'] = '';
                $errors[] = $user->lang['FORUM_PASSWORD_MISMATCH'];
            }
        }
        if ($forum_data['prune_days'] < 0 || $forum_data['prune_viewed'] < 0 || $forum_data['prune_freq'] < 0) {
            $forum_data['prune_days'] = $forum_data['prune_viewed'] = $forum_data['prune_freq'] = 0;
            $errors[] = $user->lang['FORUM_DATA_NEGATIVE'];
        }
        $range_test_ary = array(array('lang' => 'FORUM_TOPICS_PAGE', 'value' => $forum_data['forum_topics_per_page'], 'column_type' => 'TINT:0'));
        if (!empty($forum_data['forum_image']) && !file_exists($phpbb_root_path . $forum_data['forum_image'])) {
            $errors[] = $user->lang['FORUM_IMAGE_NO_EXIST'];
        }
        validate_range($range_test_ary, $errors);
        // Set forum flags
        // 1 = link tracking
        // 2 = prune old polls
        // 4 = prune announcements
        // 8 = prune stickies
        // 16 = show active topics
        // 32 = enable post review
        $forum_data['forum_flags'] = 0;
        $forum_data['forum_flags'] += $forum_data['forum_link_track'] ? FORUM_FLAG_LINK_TRACK : 0;
        $forum_data['forum_flags'] += $forum_data['prune_old_polls'] ? FORUM_FLAG_PRUNE_POLL : 0;
        $forum_data['forum_flags'] += $forum_data['prune_announce'] ? FORUM_FLAG_PRUNE_ANNOUNCE : 0;
        $forum_data['forum_flags'] += $forum_data['prune_sticky'] ? FORUM_FLAG_PRUNE_STICKY : 0;
        $forum_data['forum_flags'] += $forum_data['show_active'] ? FORUM_FLAG_ACTIVE_TOPICS : 0;
        $forum_data['forum_flags'] += $forum_data['enable_post_review'] ? FORUM_FLAG_POST_REVIEW : 0;
        $forum_data['forum_flags'] += $forum_data['enable_quick_reply'] ? FORUM_FLAG_QUICK_REPLY : 0;
        // Unset data that are not database fields
        $forum_data_sql = $forum_data;
        unset($forum_data_sql['forum_link_track']);
        unset($forum_data_sql['prune_old_polls']);
        unset($forum_data_sql['prune_announce']);
        unset($forum_data_sql['prune_sticky']);
        unset($forum_data_sql['show_active']);
        unset($forum_data_sql['enable_post_review']);
        unset($forum_data_sql['enable_quick_reply']);
        unset($forum_data_sql['forum_password_confirm']);
        // What are we going to do tonight Brain? The same thing we do everynight,
        // try to take over the world ... or decide whether to continue update
        // and if so, whether it's a new forum/cat/link or an existing one
        if (sizeof($errors)) {
            return $errors;
        }
        // As we don't know the old password, it's kinda tricky to detect changes
        if ($forum_data_sql['forum_password_unset']) {
            $forum_data_sql['forum_password'] = '';
        } else {
            if (empty($forum_data_sql['forum_password'])) {
                unset($forum_data_sql['forum_password']);
            } else {
                $forum_data_sql['forum_password'] = phpbb_hash($forum_data_sql['forum_password']);
            }
        }
        unset($forum_data_sql['forum_password_unset']);
        if (!isset($forum_data_sql['forum_id'])) {
            // no forum_id means we're creating a new forum
            unset($forum_data_sql['type_action']);
            if ($forum_data_sql['parent_id']) {
                $sql = 'SELECT left_id, right_id, forum_type
					FROM ' . FORUMS_TABLE . '
					WHERE forum_id = ' . $forum_data_sql['parent_id'];
                $result = $db->sql_query($sql);
                $row = $db->sql_fetchrow($result);
                $db->sql_freeresult($result);
                if (!$row) {
                    trigger_error($user->lang['PARENT_NOT_EXIST'] . adm_back_link($this->u_action . '&amp;parent_id=' . $this->parent_id), E_USER_WARNING);
                }
                if ($row['forum_type'] == FORUM_LINK) {
                    $errors[] = $user->lang['PARENT_IS_LINK_FORUM'];
                    return $errors;
                }
                $sql = 'UPDATE ' . FORUMS_TABLE . '
					SET left_id = left_id + 2, right_id = right_id + 2
					WHERE left_id > ' . $row['right_id'];
                $db->sql_query($sql);
                $sql = 'UPDATE ' . FORUMS_TABLE . '
					SET right_id = right_id + 2
					WHERE ' . $row['left_id'] . ' BETWEEN left_id AND right_id';
                $db->sql_query($sql);
                $forum_data_sql['left_id'] = $row['right_id'];
                $forum_data_sql['right_id'] = $row['right_id'] + 1;
            } else {
                $sql = 'SELECT MAX(right_id) AS right_id
					FROM ' . FORUMS_TABLE;
                $result = $db->sql_query($sql);
                $row = $db->sql_fetchrow($result);
                $db->sql_freeresult($result);
                $forum_data_sql['left_id'] = $row['right_id'] + 1;
                $forum_data_sql['right_id'] = $row['right_id'] + 2;
            }
            $sql = 'INSERT INTO ' . FORUMS_TABLE . ' ' . $db->sql_build_array('INSERT', $forum_data_sql);
            $db->sql_query($sql);
            $forum_data['forum_id'] = $db->sql_nextid();
            add_log('admin', 'LOG_FORUM_ADD', $forum_data['forum_name']);
        } else {
            $row = $this->get_forum_info($forum_data_sql['forum_id']);
            if ($row['forum_type'] == FORUM_POST && $row['forum_type'] != $forum_data_sql['forum_type']) {
                // Has subforums and want to change into a link?
                if ($row['right_id'] - $row['left_id'] > 1 && $forum_data_sql['forum_type'] == FORUM_LINK) {
                    $errors[] = $user->lang['FORUM_WITH_SUBFORUMS_NOT_TO_LINK'];
                    return $errors;
                }
                // we're turning a postable forum into a non-postable forum
                if ($forum_data_sql['type_action'] == 'move') {
                    $to_forum_id = request_var('to_forum_id', 0);
                    if ($to_forum_id) {
                        $errors = $this->move_forum_content($forum_data_sql['forum_id'], $to_forum_id);
                    } else {
                        return array($user->lang['NO_DESTINATION_FORUM']);
                    }
                } else {
                    if ($forum_data_sql['type_action'] == 'delete') {
                        $errors = $this->delete_forum_content($forum_data_sql['forum_id']);
                    } else {
                        return array($user->lang['NO_FORUM_ACTION']);
                    }
                }
                $forum_data_sql['forum_posts'] = $forum_data_sql['forum_topics'] = $forum_data_sql['forum_topics_real'] = $forum_data_sql['forum_last_post_id'] = $forum_data_sql['forum_last_poster_id'] = $forum_data_sql['forum_last_post_time'] = 0;
                $forum_data_sql['forum_last_poster_name'] = $forum_data_sql['forum_last_poster_colour'] = '';
            } else {
                if ($row['forum_type'] == FORUM_CAT && $forum_data_sql['forum_type'] == FORUM_LINK) {
                    // Has subforums?
                    if ($row['right_id'] - $row['left_id'] > 1) {
                        // We are turning a category into a link - but need to decide what to do with the subforums.
                        $action_subforums = request_var('action_subforums', '');
                        $subforums_to_id = request_var('subforums_to_id', 0);
                        if ($action_subforums == 'delete') {
                            $rows = get_forum_branch($row['forum_id'], 'children', 'descending', false);
                            foreach ($rows as $_row) {
                                // Do not remove the forum id we are about to change. ;)
                                if ($_row['forum_id'] == $row['forum_id']) {
                                    continue;
                                }
                                $forum_ids[] = $_row['forum_id'];
                                $errors = array_merge($errors, $this->delete_forum_content($_row['forum_id']));
                            }
                            if (sizeof($errors)) {
                                return $errors;
                            }
                            if (sizeof($forum_ids)) {
                                $sql = 'DELETE FROM ' . FORUMS_TABLE . '
								WHERE ' . $db->sql_in_set('forum_id', $forum_ids);
                                $db->sql_query($sql);
                                $sql = 'DELETE FROM ' . ACL_GROUPS_TABLE . '
								WHERE ' . $db->sql_in_set('forum_id', $forum_ids);
                                $db->sql_query($sql);
                                $sql = 'DELETE FROM ' . ACL_USERS_TABLE . '
								WHERE ' . $db->sql_in_set('forum_id', $forum_ids);
                                $db->sql_query($sql);
                                // Delete forum ids from extension groups table
                                $sql = 'SELECT group_id, allowed_forums
								FROM ' . EXTENSION_GROUPS_TABLE;
                                $result = $db->sql_query($sql);
                                while ($_row = $db->sql_fetchrow($result)) {
                                    if (!$_row['allowed_forums']) {
                                        continue;
                                    }
                                    $allowed_forums = unserialize(trim($_row['allowed_forums']));
                                    $allowed_forums = array_diff($allowed_forums, $forum_ids);
                                    $sql = 'UPDATE ' . EXTENSION_GROUPS_TABLE . "\n\t\t\t\t\t\t\t\t\tSET allowed_forums = '" . (sizeof($allowed_forums) ? serialize($allowed_forums) : '') . "'\n\t\t\t\t\t\t\t\t\tWHERE group_id = {$_row['group_id']}";
                                    $db->sql_query($sql);
                                }
                                $db->sql_freeresult($result);
                                $cache->destroy('_extensions');
                            }
                        } else {
                            if ($action_subforums == 'move') {
                                if (!$subforums_to_id) {
                                    return array($user->lang['NO_DESTINATION_FORUM']);
                                }
                                $sql = 'SELECT forum_name
							FROM ' . FORUMS_TABLE . '
							WHERE forum_id = ' . $subforums_to_id;
                                $result = $db->sql_query($sql);
                                $_row = $db->sql_fetchrow($result);
                                $db->sql_freeresult($result);
                                if (!$_row) {
                                    return array($user->lang['NO_FORUM']);
                                }
                                $subforums_to_name = $_row['forum_name'];
                                $sql = 'SELECT forum_id
							FROM ' . FORUMS_TABLE . "\n\t\t\t\t\t\t\tWHERE parent_id = {$row['forum_id']}";
                                $result = $db->sql_query($sql);
                                while ($_row = $db->sql_fetchrow($result)) {
                                    $this->move_forum($_row['forum_id'], $subforums_to_id);
                                }
                                $db->sql_freeresult($result);
                                $sql = 'UPDATE ' . FORUMS_TABLE . "\n\t\t\t\t\t\t\tSET parent_id = {$subforums_to_id}\n\t\t\t\t\t\t\tWHERE parent_id = {$row['forum_id']}";
                                $db->sql_query($sql);
                            }
                        }
                        // Adjust the left/right id
                        $sql = 'UPDATE ' . FORUMS_TABLE . '
						SET right_id = left_id + 1
						WHERE forum_id = ' . $row['forum_id'];
                        $db->sql_query($sql);
                    }
                } else {
                    if ($row['forum_type'] == FORUM_CAT && $forum_data_sql['forum_type'] == FORUM_POST) {
                        // Changing a category to a forum? Reset the data (you can't post directly in a cat, you must use a forum)
                        $forum_data_sql['forum_posts'] = 0;
                        $forum_data_sql['forum_topics'] = 0;
                        $forum_data_sql['forum_topics_real'] = 0;
                        $forum_data_sql['forum_last_post_id'] = 0;
                        $forum_data_sql['forum_last_post_subject'] = '';
                        $forum_data_sql['forum_last_post_time'] = 0;
                        $forum_data_sql['forum_last_poster_id'] = 0;
                        $forum_data_sql['forum_last_poster_name'] = '';
                        $forum_data_sql['forum_last_poster_colour'] = '';
                    }
                }
            }
            if (sizeof($errors)) {
                return $errors;
            }
            if ($row['parent_id'] != $forum_data_sql['parent_id']) {
                if ($row['forum_id'] != $forum_data_sql['parent_id']) {
                    $errors = $this->move_forum($forum_data_sql['forum_id'], $forum_data_sql['parent_id']);
                } else {
                    $forum_data_sql['parent_id'] = $row['parent_id'];
                }
            }
            if (sizeof($errors)) {
                return $errors;
            }
            unset($forum_data_sql['type_action']);
            if ($row['forum_name'] != $forum_data_sql['forum_name']) {
                // the forum name has changed, clear the parents list of all forums (for safety)
                $sql = 'UPDATE ' . FORUMS_TABLE . "\n\t\t\t\t\tSET forum_parents = ''";
                $db->sql_query($sql);
            }
            // Setting the forum id to the forum id is not really received well by some dbs. ;)
            $forum_id = $forum_data_sql['forum_id'];
            unset($forum_data_sql['forum_id']);
            $sql = 'UPDATE ' . FORUMS_TABLE . '
				SET ' . $db->sql_build_array('UPDATE', $forum_data_sql) . '
				WHERE forum_id = ' . $forum_id;
            $db->sql_query($sql);
            // Add it back
            $forum_data['forum_id'] = $forum_id;
            add_log('admin', 'LOG_FORUM_EDIT', $forum_data['forum_name']);
        }
        return $errors;
    }
Esempio n. 2
0
echo '<br/>Passed<br/><hr/>';
/* checks if the variable length/value falls within the minimum/maximum range provided 
   method validates both string and numeric values 
   if string is provided, string's length is matched
   if numeric is provided, the value of the numeric is matched
   true is returned whenever the matched value is equals to the min/max, more than equals to min, or lesser than equals to max
   if any other cases false is returned.
*/
echo 'Signature: validate_range($variable, $min, $max)<br/>';
echo '//can pass in string (calculates length), numeric (check number range) - min/max inclusive<br/>';
echo 'validate_range($variable_range("xyz", 0, 3): ' . (validate_range('xyz', 0, 3) ? 'true' : 'false') . '<br/>';
echo 'validate_range($variable_range("", 1, 3): ' . (validate_range('', 1, 3) ? 'true' : 'false') . '<br/>';
echo 'validate_range($variable_range("xyz", 0, 2): ' . (validate_range('xyz', 0, 2) ? 'true' : 'false') . '<br/>';
echo 'validate_range($variable_range(-1, 0, 2): ' . (validate_range(-1, 0, 2) ? 'true' : 'false') . '<br/>';
echo 'validate_range($variable_range(3, 0, 2): ' . (validate_range(3, 0, 2) ? 'true' : 'false') . '<br/>';
echo 'validate_range($variable_range("201", 0, 2): ' . (validate_range("201", 0, 200) ? 'true' : 'false') . '//numeric in string will be converted in numeric <br/>';
echo '<br/>Passed<br/><hr/>';
/* retrieves the variable name of the passed in variable as a string 
   however function does not return the correct variable is value is same. */
echo 'Signature: variable_name($variable)<br/>';
echo '//returns the variable name that was passed in';
$selected_item = 'item';
$arraylist_item = array('lalala');
echo 'variable_name($selected_item): ' . variable_name($selected_item) . '<br/>';
echo 'variable_name("test_item"): "' . variable_name("test_item") . '" >br/> //returns empty if variable is not an item<br/>';
echo 'variable_name($arraylist_item): ' . variable_name($arraylist_item) . '<br/>';
echo '<br/>Passed<br/><hr/>';
/* validates if input is a valid md5 string, checks for corresponding regex in /tools/contants/regex when defined in /tools/constants/constants $allowed_hash_types */
echo 'Signature: validate_hash($hash, $hash_type = "md5")<br/>';
echo '#checks if hash type is valid based on list in constants.php, checks if hash given matches the relevant regex<br/><br/>';
echo 'validate_hash("123asd", "md5): ' . (validate_hash('123asd', 'md5') ? 'true' : 'false') . '<br/>';
Esempio n. 3
0
function enforce_inputs()
{
    $function = array('class_name' => __NAMESPACE__, 'method_name' => __METHOD__);
    $message = '';
    $variable = '';
    $line = '';
    //retrieve last item as return type if available
    $array = func_get_args();
    $return_type = end($array);
    if (is_string($return_type) == false) {
        $return_type = Constants::get('default_return_type');
    } else {
        $allowed_return_types = Constants::get('allowed_return_types');
        if (array_contains($return_type, $allowed_return_types) == false) {
            $return_type = Constants::get('default_return_type');
        }
    }
    //loop through every item to validate, sets a message to throw the error at the end of the method
    foreach ($array as $list) {
        if (is_ready($list)) {
            //every list must be ready
            if (is_array($list)) {
                //ensure that item is an array
                if (count($list) == 5) {
                    //every list contains the required items
                    $variable = set_default($list[0], null);
                    $type = set_default($list[1], ':');
                    $min = set_default($list[2], null);
                    $max = set_default($list[3], null);
                    $nullable = set_default($list[4], false);
                    $validation_list = null;
                    if (isset($variable)) {
                        //ensure that variable is set
                        //ensures that valid variable list type is request
                        if (list_contains($type, Constants::get('variable_list')) == false) {
                            $message = 'Invalid variable validation requirement - type (' . $type . ') unrecognized.';
                            $line = __LINE__;
                        }
                        //if either one is not a numeric, check for array
                        if (validate_type($min, 'numeric') == false || validate_type($max, 'numeric') == false) {
                            if (validate_type($min, 'array') == true || validate_type($max, 'array') == true) {
                                $validation_list = (is_null($min) == true || isset($min) == false) && validate_type($max, 'array') ? $max : $min;
                                if (validate_type($validation_list, 'array') == false) {
                                    $message = 'Invalid variable validation requirement - an array to validate is required.';
                                    $line = __LINE__;
                                }
                            } else {
                                if (is_null($min) == false || is_null($max) == false) {
                                    $message = 'Invalid variable validation requirement - min/max must be numeric or an array of list in either one or both nulls.';
                                    $line = __LINE__;
                                }
                            }
                            //ensure than max is less than min
                        } else {
                            if ($max < $min) {
                                $message = 'Invalid variable validation requirement - min is more than max.';
                                $line = __LINE__;
                            }
                        }
                        //ensure that nullable is boolean
                        if (validate_type($nullable, 'bool') == false) {
                            $message = 'Invalid variable validation requirement - nullable must be boolean.';
                            $line = __LINE__;
                        }
                        //verify variable if not null
                        if (!is_null($variable)) {
                            if (validate_type($variable, $type) == false) {
                                $message = 'Variable is not a ' . $type . '.';
                                $line = __LINE__;
                            }
                            if (is_null($validation_list) == false && isset($validation_list) == true) {
                                if (array_contains($variable, $validation_list) == false) {
                                    $message = 'Variable is not found in the list provided.';
                                    $line = __LINE__;
                                }
                            } else {
                                if (validate_type($variable, 'string:numeric') == true) {
                                    if (is_null($min) == false || is_null($max) == false) {
                                        if (validate_range($variable, $min, $max) == false) {
                                            $message = 'Variable does not meet the min/max requirement.';
                                            $line = __LINE__;
                                        }
                                    }
                                }
                            }
                        }
                    } else {
                        if ($nullable == false) {
                            $message = 'Variable is not set, unable to validate variable';
                            $line = __LINE__;
                        }
                    }
                } else {
                    $message = 'Incomplete variable validation list. [variable, type, min, max, nullable*]';
                    $line = __LINE__;
                }
            }
        } else {
            $message = 'Invalid variable validation list, an array is required. [variable, type, min, max, nullable*]';
            $line = __LINE__;
        }
    }
    if (compare_string($message, '') == false) {
        $variable_name = variable_name($variable);
        if (isset($variable_name) == true && $variable_name != '') {
            $variable_name = '$' . $variable_name;
        } else {
            $variable_name = $type != 'password' ? $variable : '*password*';
        }
        if ($variable_name != '') {
            $variable_name = ' [' . $variable_name . ']';
        }
        $error = Tool::prepare($message . $variable_name, '', $line, $return_type, Constants::get('default_error_code'));
        Tool::error($function, $error, false);
    }
}
function sss_settings_auto_advance_speed_val($inp, $user_default = false)
{
    return validate_range($inp, 'auto_advance_speed', 1000, 30000, $user_default);
}
Esempio n. 5
0
 /**
  * @dataProvider validate_range_data_too_long
  */
 public function test_validate_range_too_long($test_data)
 {
     $phpbb_error = array();
     validate_range($test_data, $phpbb_error);
     $this->assertEquals(array('SETTING_TOO_LONG'), $phpbb_error);
 }