From e6edf2414495e5e8a22d54db704e36df57c570a7 Mon Sep 17 00:00:00 2001
From: Graham Cole <chckens@sucs.org>
Date: Thu, 22 Sep 2011 12:25:57 +0000
Subject: [PATCH] update PunBB to 1.2.23 (not tested yet)

---
 lib/punbb/admin_index.php       | 9 +++------
 lib/punbb/admin_prune.php       | 9 +++++----
 lib/punbb/include/common.php    | 3 ++-
 lib/punbb/include/functions.php | 6 +++---
 lib/punbb/install.php           | 2 +-
 lib/punbb/misc.php              | 2 +-
 lib/punbb/moderate.php          | 4 ++--
 lib/punbb/search.php            | 2 +-
 lib/punbb/userlist.php          | 2 +-
 lib/punbb/viewforum.php         | 3 +--
 lib/punbb/viewtopic.php         | 3 ++-
 11 files changed, 22 insertions(+), 23 deletions(-)

diff --git a/lib/punbb/admin_index.php b/lib/punbb/admin_index.php
index a720aec..2c09d63 100644
--- a/lib/punbb/admin_index.php
+++ b/lib/punbb/admin_index.php
@@ -50,13 +50,10 @@ if ($action == 'check_upgrade')
 	if ($latest_version == '')
 		message('Check for upgrade failed for unknown reasons.');
 
-	$cur_version = str_replace(array('.', 'dev', 'beta', ' '), '', strtolower($pun_config['o_cur_version']));
-	$cur_version = (strlen($cur_version) == 2) ? intval($cur_version) * 10 : intval($cur_version);
+	$latest_version = preg_replace('/(\.0)+(?!\.)|(\.0+$)/', '$2', $latest_version);
+	$cur_version = preg_replace('/(\.0)+(?!\.)|(\.0+$)/', '$2', $cur_version);
 
-	$latest_version = str_replace('.', '', strtolower($latest_version));
-	$latest_version = (strlen($latest_version) == 2) ? intval($latest_version) * 10 : intval($latest_version);
-
-	if ($cur_version >= $latest_version)
+	if (version_compare($cur_version, $latest_version, '>='))
 		message('You are running the latest version of PunBB.');
 	else
 		message('A new version of PunBB has been released. You can download the latest version at <a href="http://punbb.informer.com/">PunBB.Informer.Com</a>.');
diff --git a/lib/punbb/admin_prune.php b/lib/punbb/admin_prune.php
index 578b501..d5ae2eb 100644
--- a/lib/punbb/admin_prune.php
+++ b/lib/punbb/admin_prune.php
@@ -42,6 +42,7 @@ if (isset($_GET['action']) || isset($_POST['prune']) || isset($_POST['prune_comp
 		confirm_referrer('admin_prune.php');
 
 		$prune_from = $_POST['prune_from'];
+		$prune_sticky = isset($_POST['prune_sticky']) ? '1' : '0';
 		$prune_days = intval($_POST['prune_days']);
 		$prune_date = ($prune_days) ? time() - ($prune_days*86400) : -1;
 
@@ -56,14 +57,14 @@ if (isset($_GET['action']) || isset($_POST['prune']) || isset($_POST['prune_comp
 			{
 				$fid = $db->result($result, $i);
 
-				prune($fid, $_POST['prune_sticky'], $prune_date);
+				prune($fid, $prune_sticky, $prune_date);
 				update_forum($fid);
 			}
 		}
 		else
 		{
 			$prune_from = intval($prune_from);
-			prune($prune_from, $_POST['prune_sticky'], $prune_date);
+			prune($prune_from, $prune_sticky, $prune_date);
 			update_forum($prune_from);
 		}
 
@@ -93,7 +94,7 @@ if (isset($_GET['action']) || isset($_POST['prune']) || isset($_POST['prune_comp
 	// Concatenate together the query for counting number or topics to prune
 	$sql = 'SELECT COUNT(id) FROM '.$db->prefix.'topics WHERE last_post<'.$prune_date.' AND moved_to IS NULL';
 
-	if ($_POST['prune_sticky'] == '0')
+	if (!$prune_sticky)
 		$sql .= ' AND sticky=\'0\'';
 
 	if ($prune_from != 'all')
@@ -127,7 +128,7 @@ if (isset($_GET['action']) || isset($_POST['prune']) || isset($_POST['prune_comp
 			<form method="post" action="admin_prune.php?action=foo">
 				<div class="inform">
 					<input type="hidden" name="prune_days" value="<?php echo $prune_days ?>" />
-					<input type="hidden" name="prune_sticky" value="<?php echo $_POST['prune_sticky'] ?>" />
+					<input type="hidden" name="prune_sticky" value="<?php echo $prune_sticky ?>" />
 					<input type="hidden" name="prune_from" value="<?php echo $prune_from ?>" />
 					<fieldset>
 						<legend>Confirm prune posts</legend>
diff --git a/lib/punbb/include/common.php b/lib/punbb/include/common.php
index cb4916e..75aaa7a 100644
--- a/lib/punbb/include/common.php
+++ b/lib/punbb/include/common.php
@@ -55,7 +55,8 @@ $pun_start = ((float)$usec + (float)$sec);
 error_reporting(E_ALL ^ E_NOTICE);
 
 // Turn off magic_quotes_runtime
-set_magic_quotes_runtime(0);
+if (get_magic_quotes_runtime())
+	set_magic_quotes_runtime(0);
 
 // Strip slashes from GET/POST/COOKIE (if magic_quotes_gpc is enabled)
 if (get_magic_quotes_gpc())
diff --git a/lib/punbb/include/functions.php b/lib/punbb/include/functions.php
index ee04d1a..8bb9f1c 100644
--- a/lib/punbb/include/functions.php
+++ b/lib/punbb/include/functions.php
@@ -109,8 +109,8 @@ function check_cookie(&$pun_user)
 	$cookie = array('user_id' => 1, 'password_hash' => 'Guest');
 
 	// If a cookie is set, we get the user_id and password hash from it
-	if (isset($_COOKIE[$cookie_name]))
-		list($cookie['user_id'], $cookie['password_hash']) = @unserialize($_COOKIE[$cookie_name]);
+	if (isset($_COOKIE[$cookie_name]) && preg_match('/a:2:{i:0;s:\d+:"(\d+)";i:1;s:\d+:"([0-9a-f]+)";}/', $_COOKIE[$cookie_name], $matches))
+		list(, $cookie['user_id'], $cookie['password_hash']) = $matches;
 
 	if ($cookie['user_id'] > 1)
 	{
@@ -441,7 +441,7 @@ function update_forum($forum_id)
 	{
 		list($last_post, $last_post_id, $last_poster) = $db->fetch_row($result);
 
-		$db->query('UPDATE '.$db->prefix.'forums SET num_topics='.$num_topics.', num_posts='.$num_posts.', last_post='.$last_post.', last_post_id='.$last_post_id.', last_poster=\''.$db->escape($last_poster).'\' WHERE id='.$forum_id) or error('Unable to update last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error());
+			$db->query('UPDATE '.$db->prefix.'forums SET num_topics='.$num_topics.', num_posts='.$num_posts.', last_post='.$last_post.', last_post_id='.$last_post_id.', last_poster=\''.$db->escape($last_poster).'\' WHERE id='.$forum_id) or error('Unable to update last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error());
 	}
 	else	// There are no topics
 		$db->query('UPDATE '.$db->prefix.'forums SET num_topics='.$num_topics.', num_posts='.$num_posts.', last_post=NULL, last_post_id=NULL, last_poster=NULL WHERE id='.$forum_id) or error('Unable to update last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error());
diff --git a/lib/punbb/install.php b/lib/punbb/install.php
index 5adc615..00836fc 100644
--- a/lib/punbb/install.php
+++ b/lib/punbb/install.php
@@ -27,7 +27,7 @@ pun_exit();
 
 
 // The PunBB version this script installs
-$punbb_version = '1.2.19';
+$punbb_version = '1.2.23';
 
 
 define('PUN_ROOT', './');
diff --git a/lib/punbb/misc.php b/lib/punbb/misc.php
index 0ae9de3..f5df5be 100644
--- a/lib/punbb/misc.php
+++ b/lib/punbb/misc.php
@@ -253,7 +253,7 @@ else if (isset($_GET['subscribe']))
 		message($lang_common['Bad request']);
 
 	// Make sure the user can view the topic
-	$result = $db->query('SELECT 1 FROM '.$db->prefix.'topics AS t LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=t.forum_id AND fp.group_id=1) WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id='.$topic_id.' AND t.moved_to IS NULL') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
+	$result = $db->query('SELECT 1 FROM '.$db->prefix.'topics AS t LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=t.forum_id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id='.$topic_id.' AND t.moved_to IS NULL') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
 	if (!$db->num_rows($result))
 		message($lang_common['Bad request']);
 
diff --git a/lib/punbb/moderate.php b/lib/punbb/moderate.php
index 2a367f8..be00499 100644
--- a/lib/punbb/moderate.php
+++ b/lib/punbb/moderate.php
@@ -170,7 +170,7 @@ if (isset($_GET['tid']))
 	// Determine the post offset (based on $_GET['p'])
 	$num_pages = ceil(($cur_topic['num_replies'] + 1) / $pun_user['disp_posts']);
 
-	$p = (!isset($_GET['p']) || $_GET['p'] <= 1 || $_GET['p'] > $num_pages) ? 1 : $_GET['p'];
+	$p = (!isset($_GET['p']) || !is_numeric($_GET['p']) || $_GET['p'] <= 1 || $_GET['p'] > $num_pages) ? 1 : $_GET['p'];
 	$start_from = $pun_user['disp_posts'] * ($p - 1);
 
 	// Generate paging links
@@ -566,7 +566,7 @@ require PUN_ROOT.'header.php';
 // Determine the topic offset (based on $_GET['p'])
 $num_pages = ceil($cur_forum['num_topics'] / $pun_user['disp_topics']);
 
-$p = (!isset($_GET['p']) || $_GET['p'] <= 1 || $_GET['p'] > $num_pages) ? 1 : $_GET['p'];
+$p = (!isset($_GET['p']) || !is_numeric($_GET['p']) || $_GET['p'] <= 1 || $_GET['p'] > $num_pages) ? 1 : $_GET['p'];
 $start_from = $pun_user['disp_topics'] * ($p - 1);
 
 // Generate paging links
diff --git a/lib/punbb/search.php b/lib/punbb/search.php
index 01ec2e2..9552495 100644
--- a/lib/punbb/search.php
+++ b/lib/punbb/search.php
@@ -466,7 +466,7 @@ if (isset($_GET['action']) || isset($_GET['search_id']))
 		$per_page = ($show_as == 'posts') ? $pun_user['disp_posts'] : $pun_user['disp_topics'];
 		$num_pages = ceil($num_hits / $per_page);
 
-		$p = (!isset($_GET['p']) || $_GET['p'] <= 1 || $_GET['p'] > $num_pages) ? 1 : $_GET['p'];
+		$p = (!isset($_GET['p']) || !is_numeric($_GET['p']) || $_GET['p'] <= 1 || $_GET['p'] > $num_pages) ? 1 : $_GET['p'];
 		$start_from = $per_page * ($p - 1);
 
 		// Generate paging links
diff --git a/lib/punbb/userlist.php b/lib/punbb/userlist.php
index ad56a07..b667ec9 100644
--- a/lib/punbb/userlist.php
+++ b/lib/punbb/userlist.php
@@ -125,7 +125,7 @@ $num_users = $db->result($result);
 // Determine the user offset (based on $_GET['p'])
 $num_pages = ceil($num_users / 50);
 
-$p = (!isset($_GET['p']) || $_GET['p'] <= 1 || $_GET['p'] > $num_pages) ? 1 : $_GET['p'];
+$p = (!isset($_GET['p']) || !is_numeric($_GET['p']) || $_GET['p'] <= 1 || $_GET['p'] > $num_pages) ? 1 : $_GET['p'];
 $start_from = 50 * ($p - 1);
 
 // Generate paging links
diff --git a/lib/punbb/viewforum.php b/lib/punbb/viewforum.php
index 6e3f3e7..5ec8674 100644
--- a/lib/punbb/viewforum.php
+++ b/lib/punbb/viewforum.php
@@ -69,7 +69,7 @@ else
 // Determine the topic offset (based on $_GET['p'])
 $num_pages = ceil($cur_forum['num_topics'] / $pun_user['disp_topics']);
 
-$p = (!isset($_GET['p']) || $_GET['p'] <= 1 || $_GET['p'] > $num_pages) ? 1 : $_GET['p'];
+$p = (!isset($_GET['p']) || !is_numeric($_GET['p']) || $_GET['p'] <= 1 || $_GET['p'] > $num_pages) ? 1 : $_GET['p'];
 $start_from = $pun_user['disp_topics'] * ($p - 1);
 
 // Generate paging links
@@ -253,4 +253,3 @@ else
 $forum_id = $id;
 $footer_style = 'viewforum';
 require PUN_ROOT.'footer.php';
-
diff --git a/lib/punbb/viewtopic.php b/lib/punbb/viewtopic.php
index 5f1c3c9..584906e 100644
--- a/lib/punbb/viewtopic.php
+++ b/lib/punbb/viewtopic.php
@@ -128,7 +128,8 @@ else
 // Determine the post offset (based on $_GET['p'])
 $num_pages = ceil(($cur_topic['num_replies'] + 1) / $pun_user['disp_posts']);
 
-$p = (!isset($_GET['p']) || $_GET['p'] <= 1 || $_GET['p'] > $num_pages) ? 1 : $_GET['p'];
+$p = (!isset($_GET['p']) || !is_numeric($_GET['p']) || $_GET['p'] <= 1 || $_GET['p'] > $num_pages) ? 1 : $_GET['p'];
+
 $start_from = $pun_user['disp_posts'] * ($p - 1);
 
 // Generate paging links
-- 
GitLab