diff --git a/composer.json b/composer.json index 91ae5225..f02ad64e 100644 --- a/composer.json +++ b/composer.json @@ -40,7 +40,7 @@ "geoip2/geoip2": "~2.0", "hashids/hashids": "^4.1", "imdbphp/imdbphp": "^7.0", - "laravel/framework": "^9.0", + "laravel/framework": "9.20.0", "laravel/octane": "^1.2", "laravel/sanctum": "^2.10", "laravel/tinker": "^2.5", diff --git a/include/constants.php b/include/constants.php index ecfc6b07..36ca958d 100644 --- a/include/constants.php +++ b/include/constants.php @@ -1,6 +1,6 @@ 20) { + if ($length < 3 || $length > 20) { return false; } diff --git a/public/cheaterbox.php b/public/cheaterbox.php index 8015a412..c5a6b46a 100644 --- a/public/cheaterbox.php +++ b/public/cheaterbox.php @@ -12,18 +12,25 @@ if (!empty($_POST['setdealt'])) { if (empty($_POST['delcheater'])) { stderr("Error", $lang_functions['select_at_least_one_record']); } - $res = sql_query ("SELECT id FROM cheaters WHERE dealtwith=0 AND id IN (" . implode(", ", $_POST['delcheater']) . ")"); - while ($arr = mysql_fetch_assoc($res)) - sql_query ("UPDATE cheaters SET dealtwith=1, dealtby = {$CURUSER['id']} WHERE id = {$arr['id']}") or sqlerr(); +// $res = sql_query ("SELECT id FROM cheaters WHERE dealtwith=0 AND id IN (" . implode(", ", $_POST['delcheater']) . ")"); +// while ($arr = mysql_fetch_assoc($res)) +// sql_query ("UPDATE cheaters SET dealtwith=1, dealtby = {$CURUSER['id']} WHERE id = {$arr['id']}") or sqlerr(); + + \App\Models\Cheater::query()->whereIn('id', $_POST['delcheater']) + ->where('dealtwith', 0) + ->update(['dealtwith' => 1, 'dealtby' => $CURUSER['id']]) + ; $Cache->delete_value('staff_new_cheater_count'); } elseif (!empty($_POST['delete'])) { if (empty($_POST['delcheater'])) { stderr("Error", $lang_functions['select_at_least_one_record']); } - $res = sql_query ("SELECT id FROM cheaters WHERE id IN (" . implode(", ", $_POST['delcheater']) . ")"); - while ($arr = mysql_fetch_assoc($res)) - sql_query ("DELETE from cheaters WHERE id = {$arr['id']}") or sqlerr(); +// $res = sql_query ("SELECT id FROM cheaters WHERE id IN (" . implode(", ", $_POST['delcheater']) . ")"); +// while ($arr = mysql_fetch_assoc($res)) +// sql_query ("DELETE from cheaters WHERE id = {$arr['id']}") or sqlerr(); + + \App\Models\Cheater::query()->whereIn('id', $_POST['delcheater'])->delete(); $Cache->delete_value('staff_new_cheater_count'); } diff --git a/public/details.php b/public/details.php index b6a440bd..4b653451 100644 --- a/public/details.php +++ b/public/details.php @@ -243,7 +243,7 @@ JS; while($a = mysql_fetch_assoc($r)) { $lang = "\"""; - $lang .= "  ". $a["title"]. "".(user_can('submanage') || (user_can('delownsub') && $a["uppedby"] == $CURUSER["id"]) ? " [".$lang_details['text_delete']."]" : "")."  ".($a["anonymous"] == 'yes' ? $lang_details['text_anonymous'] . (user_can('viewanonymous') ? get_username($a['uppedby'],false,true,true,false,true) : "") : get_username($a['uppedby'])).""; + $lang .= "  ". htmlspecialchars($a["title"]) . "".(user_can('submanage') || (user_can('delownsub') && $a["uppedby"] == $CURUSER["id"]) ? " [".$lang_details['text_delete']."]" : "")."  ".($a["anonymous"] == 'yes' ? $lang_details['text_anonymous'] . (user_can('viewanonymous') ? get_username($a['uppedby'],false,true,true,false,true) : "") : get_username($a['uppedby'])).""; print($lang); } } diff --git a/public/forums.php b/public/forums.php index 131a01c2..99e7f926 100644 --- a/public/forums.php +++ b/public/forums.php @@ -376,9 +376,13 @@ if ($action == "post") //------ Make sure sure user has write access in forum $arr = get_forum_row($forumid) or die($lang_forums['std_bad_forum_id']); - if (get_user_class() < $arr["minclasswrite"] || ($type =='new' && get_user_class() < $arr["minclasscreate"])) - permissiondenied(); - + if ( + get_user_class() < $arr["minclassread"] + || get_user_class() < $arr["minclasswrite"] + || ($type =='new' && get_user_class() < $arr["minclasscreate"]) + ) { + permissiondenied(); + } if ($body == "") stderr($lang_forums['std_error'], $lang_forums['std_no_body_text']); @@ -396,6 +400,12 @@ if ($action == "post") if ($type == 'edit') { + $postid = $id; + $topicInfo = \App\Models\Topic::query()->findOrFail($topicid); + $postInfo = \App\Models\Post::query()->findOrFail($id); + if ($postInfo->userid != $CURUSER['id'] && !is_forum_moderator($postid, 'post') && !user_can('postmanage')) { + permissiondenied(); + } if ($hassubject){ sql_query("UPDATE topics SET subject=".sqlesc($subject)." WHERE id=".sqlesc($topicid)) or sqlerr(__FILE__, __LINE__); $forum_last_replied_topic_row = $Cache->get_value('forum_'.$forumid.'_last_replied_topic_content'); @@ -403,11 +413,8 @@ if ($action == "post") $Cache->delete_value('forum_'.$forumid.'_last_replied_topic_content'); } sql_query("UPDATE posts SET body=".sqlesc($body).", editdate=".sqlesc($date).", editedby=".sqlesc($CURUSER['id'])." WHERE id=".sqlesc($id)) or sqlerr(__FILE__, __LINE__); - $postid = $id; $Cache->delete_value('post_'.$postid.'_content'); //send pm - $topicInfo = \App\Models\Topic::query()->findOrFail($topicid); - $postInfo = \App\Models\Post::query()->findOrFail($id); $postUrl = sprintf('[url=forums.php?action=viewtopic&topicid=%s&page=p%s#pid%s]%s[/url]', $topicid, $id, $id, $topicInfo->subject); if ($postInfo->userid != $CURUSER['id']) { $receiver = $postInfo->user; diff --git a/public/log.php b/public/log.php index 070ff87f..96ba144f 100644 --- a/public/log.php +++ b/public/log.php @@ -8,6 +8,8 @@ if (!user_can('log')) stderr($lang_log['std_sorry'],$lang_log['std_permission_denied_only'].get_user_class_name($log_class,false,true,true).$lang_log['std_or_above_can_view'],false); } +$q = htmlspecialchars(trim($_GET['query'] ?? '')); + function permissiondeny(){ global $lang_log; stderr($lang_log['std_sorry'],$lang_log['std_permission_denied'],false); @@ -29,11 +31,11 @@ function logmenu($selected = "dailylog"){ } function searchtable($title, $action, $opts = array()){ - global $lang_log; + global $lang_log, $q; print("\n"); print("\n"); print("
".$title."
\n"); - print("\n"); + print("\n"); if ($opts) { print($lang_log['text_in']."\n"; - +$secret = htmlspecialchars($_GET['secret'] ?? ''); $langs = langlist("site_lang", true); foreach ($langs as $row) { @@ -33,7 +33,7 @@ foreach ($langs as $row) $s .= "\n"; ?> - + ".$lang_login['text_select_lang']. $s . ""); ?> @@ -50,7 +50,7 @@ if (!empty($_GET["returnto"])) { } ?> - +


[]

diff --git a/public/moresmilies.php b/public/moresmilies.php index 5ab32ea4..18076610 100644 --- a/public/moresmilies.php +++ b/public/moresmilies.php @@ -29,7 +29,7 @@ for($i=1; $i<192; $i++) { if ($count % 3==0) print("\n"); - print("\n\t"); + print("\n\t"); $count++; if ($count % 3==0) diff --git a/public/myhr.php b/public/myhr.php index e5730e0f..dc91190e 100644 --- a/public/myhr.php +++ b/public/myhr.php @@ -34,7 +34,7 @@ foreach ($allStatus as $key => $value) { } print("

" . implode(' | ', $headerFilters) . "

"); -$q = $_GET['q'] ?? ''; +$q = htmlspecialchars($_GET['q'] ?? ''); $filterForm = << diff --git a/public/nowarn.php b/public/nowarn.php index d4c42466..71b33f6f 100644 --- a/public/nowarn.php +++ b/public/nowarn.php @@ -19,23 +19,34 @@ if (empty($_POST["usernw"]) && empty($_POST["desact"]) && empty($_POST["delete"] if (!empty($_POST["usernw"])) { -$msg = sqlesc("Your Warning Has Been Removed By: " . $CURUSER['username'] . "."); -$added = sqlesc(date("Y-m-d H:i:s")); -$userid = implode(", ", $_POST['usernw']); -//sql_query("INSERT INTO messages (sender, receiver, msg, added) VALUES (0, $userid, $msg, $added)") or sqlerr(__FILE__, __LINE__); +//$msg = sqlesc("Your Warning Has Been Removed By: " . $CURUSER['username'] . "."); +//$added = sqlesc(date("Y-m-d H:i:s")); +//$userid = implode(", ", $_POST['usernw']); +////sql_query("INSERT INTO messages (sender, receiver, msg, added) VALUES (0, $userid, $msg, $added)") or sqlerr(__FILE__, __LINE__); +// +//$r = sql_query("SELECT modcomment FROM users WHERE id IN (" . implode(", ", $_POST['usernw']) . ")")or sqlerr(__FILE__, __LINE__); +//$user = mysql_fetch_array($r); +//$exmodcomment = $user["modcomment"]; +//$modcomment = date("Y-m-d") . " - Warning Removed By " . $CURUSER['username'] . ".\n". $modcomment . $exmodcomment; +//sql_query("UPDATE users SET modcomment=" . sqlesc($modcomment) . " WHERE id IN (" . implode(", ", $_POST['usernw']) . ")") or sqlerr(__FILE__, __LINE__); +// +//$do="UPDATE users SET warned='no', warneduntil=null WHERE id IN (" . implode(", ", $_POST['usernw']) . ")"; +//$res=sql_query($do); -$r = sql_query("SELECT modcomment FROM users WHERE id IN (" . implode(", ", $_POST['usernw']) . ")")or sqlerr(__FILE__, __LINE__); -$user = mysql_fetch_array($r); -$exmodcomment = $user["modcomment"]; -$modcomment = date("Y-m-d") . " - Warning Removed By " . $CURUSER['username'] . ".\n". $modcomment . $exmodcomment; -sql_query("UPDATE users SET modcomment=" . sqlesc($modcomment) . " WHERE id IN (" . implode(", ", $_POST['usernw']) . ")") or sqlerr(__FILE__, __LINE__); - -$do="UPDATE users SET warned='no', warneduntil=null WHERE id IN (" . implode(", ", $_POST['usernw']) . ")"; -$res=sql_query($do);} +$modcomment = date("Y-m-d") . " - Warning Removed By " . $CURUSER['username']; +\App\Models\User::query()->whereIn('id', $_POST['usernw']) + ->update([ + 'warned' => 'no', + 'warneduntil' => null, + 'modcomment' => \Nexus\Database\NexusDB::raw("if(modcomment = '', '$modcomment', concat_ws('\n', '$modcomment', modcomment))") + ]); +} if (!empty($_POST["desact"])){ -$do="UPDATE users SET enabled='no' WHERE id IN (" . implode(", ", $_POST['desact']) . ")"; -$res=sql_query($do);} +//$do="UPDATE users SET enabled='no' WHERE id IN (" . implode(", ", $_POST['desact']) . ")"; +//$res=sql_query($do); + \App\Models\User::query()->whereIn('id', $_POST['desact'])->update(['enabled' => 'no']); +} } } header("Refresh: 0; url=warned.php"); diff --git a/public/takeconfirm.php b/public/takeconfirm.php index fbcbdef2..a15a8f9b 100644 --- a/public/takeconfirm.php +++ b/public/takeconfirm.php @@ -5,12 +5,16 @@ require_once(get_langfile_path()); $id = isset($_POST['id']) ? intval($_POST['id']) : (isset($_GET['id']) ? intval($_GET['id']) : die()); int_check($id,true); $email = unesc(htmlspecialchars(trim($_POST["email"]))); -if(isset($_POST['conusr'])) - sql_query("UPDATE users SET status = 'confirmed', editsecret = '' WHERE id IN (" . implode(", ", $_POST['conusr']) . ") AND status='pending'"); -else - stderr($lang_takeconfirm['std_sorry'],$lang_takeconfirm['std_no_buddy_to_confirm']. - "".$lang_takeconfirm['std_here_to_go_back'],false); - +if(!empty($_POST['conusr'])) { +// sql_query("UPDATE users SET status = 'confirmed', editsecret = '' WHERE id IN (" . implode(", ", $_POST['conusr']) . ") AND status='pending'"); + \App\Models\User::query()->whereIn('id', $_POST['conusr']) + ->where('status', 'pending') + ->update(['status' => 'confirmed', 'editsecret' => '']) + ; +} else { + stderr($lang_takeconfirm['std_sorry'],$lang_takeconfirm['std_no_buddy_to_confirm']. + "".$lang_takeconfirm['std_here_to_go_back'],false); +} $title = $SITENAME.$lang_takeconfirm['mail_title']; $baseUrl = getSchemeAndHttpHost(); $body = <<where('username', 'like', "%{$q}%"); } diff --git a/public/viewrequests.php b/public/viewrequests.php index 6b4b3e1b..a332d3a6 100644 --- a/public/viewrequests.php +++ b/public/viewrequests.php @@ -6,7 +6,9 @@ require_once(get_langfile_path('details.php')); loggedinorreturn(); parked(); - +if (isset($_GET['id'])) { + $_GET['id'] = htmlspecialchars($_GET['id']); +} $action = isset($_POST['action']) ? htmlspecialchars($_POST['action']) : (isset($_GET['action']) ? htmlspecialchars($_GET['action']) : ''); $allowed_actions = array("list", "new", "newmessage", "view", "edit", "takeedit", "takeadded", "res", "takeres", "addamount", "delete", "confirm", "message", "search"); if (!$action)
\"\"\"\"