Empty commit

2025-02-21 20:59:02 +00:00 · 2013-06-11 08:01:24 +00:00 · 2013-06-11 08:01:24 +00:00 · 1da89b3c82
commit 1da89b3c82
parent b4c8ebb041
23 changed files with 143 additions and 98 deletions
--- a/classes/forums.class.php
+++ b/classes/forums.class.php
@ -29,7 +29,7 @@ public static function quote_notify($Body, $PostID, $Page, $PageID) {
 			$Level = 0;
 			foreach ($Matches as $M) {
 				if ($M[0] != '[/quote]') {
-					if ($Level == 0 && isset($M[1]) && strlen($M[1]) > 0 && preg_match('/^[a-z0-9_?]{1,20}$/iD', $M[1])) {
+					if ($Level == 0 && isset($M[1]) && strlen($M[1]) > 0 && preg_match(USERNAME_REGEX, $M[1])) {
 						$Usernames[] = preg_replace('/(^[.,]*)|([.,]*$)/', '', $M[1]); // wut?
 					}
 					++$Level;
--- a/classes/regex.php
+++ b/classes/regex.php
@ -2,12 +2,13 @@
 //resource_type://username:password@domain:port/path?query_string#anchor
 define('RESOURCE_REGEX','(https?|ftps?):\/\/');
 define('IP_REGEX','(\d{1,3}\.){3}\d{1,3}');
-define('DOMAIN_REGEX','(ssl.)?(www.)?[a-z0-9-\.]{1,255}\.[a-zA-Z]{2,6}');
+define('DOMAIN_REGEX','([a-z0-9\-\_]+\.)+[a-z]{2,6}');
 define('PORT_REGEX', '\d{1,5}');
 define('URL_REGEX','('.RESOURCE_REGEX.')('.IP_REGEX.'|'.DOMAIN_REGEX.')(:'.PORT_REGEX.')?(\/\S*)*');
 define('USERNAME_REGEX', '/^[a-z0-9_?]{1,20}$/iD');
 define('EMAIL_REGEX','[_a-z0-9-]+([.+][_a-z0-9-]+)*@'.DOMAIN_REGEX);
 define('IMAGE_REGEX', URL_REGEX.'\/\S+\.(jpg|jpeg|tif|tiff|png|gif|bmp)(\?\S*)?');
-define('SITELINK_REGEX', RESOURCE_REGEX.'(ssl.)?'.preg_quote(NONSSL_SITE_URL, '/').'');
+define('SITELINK_REGEX', RESOURCE_REGEX.'(ssl.)?'.preg_quote(NONSSL_SITE_URL, '/'));
-define('TORRENT_REGEX', SITELINK_REGEX.'\/torrents.php\?(id=\d{1,10}\&)?torrentid=\d{1,10}');
+define('TORRENT_REGEX', SITELINK_REGEX.'\/torrents\.php\?(.*&)?torrentid=(\d+)'); // torrentid = group 4
-define('TORRENT_GROUP_REGEX', SITELINK_REGEX.'\/torrents.php\?id=\d{1,10}\&(torrentid=\d{1,10})?');
+define('TORRENT_GROUP_REGEX', SITELINK_REGEX.'\/torrents\.php\?(.*&)?id=(\d+)'); // id = group 4
-?>
+define('ARTIST_REGEX', SITELINK_REGEX.'\/artist\.php\?(.*&)?id=(\d+)'); // id = group 4
--- a/classes/validate.class.php
+++ b/classes/validate.class.php
@ -119,7 +119,7 @@ function ValidateForm($ValidateArray) {
 						$MinLength = 10;
 					}
-					if (!preg_match('/^(https?):\/\/([a-z0-9\-\_]+\.)+([a-z]{1,5}[^\.])(\/[^<>]+)*$/i', $ValidateVar)) {
+					if (!preg_match('/^'.URL_REGEX.'$/i', $ValidateVar)) {
 						return $Field['ErrorMessage'];
 					} elseif (strlen($ValidateVar) > $MaxLength) {
 						return $Field['ErrorMessage'];
@ -139,7 +139,7 @@ function ValidateForm($ValidateArray) {
 						$MinLength = 1;
 					}
-					if (preg_match('/[^a-z0-9_\-?]/i', $ValidateVar)) {
+					if (!preg_match('/^'.USERNAME_REGEX.'$/i', $ValidateVar)) {
 						return $Field['ErrorMessage'];
 					} elseif (strlen($ValidateVar) > $MaxLength) {
 						return $Field['ErrorMessage'];
--- a/sections/artist/change_artistid.php
+++ b/sections/artist/change_artistid.php
@ -19,20 +19,32 @@
 	error('Please enter a valid artist ID number or a valid artist name.');
 }
-$DB->query("SELECT Name FROM artists_group WHERE ArtistID = $ArtistID LIMIT 1");
+$DB->query("
 	SELECT Name
 	FROM artists_group
 	WHERE ArtistID = $ArtistID
 	LIMIT 1");
 if (!(list($ArtistName) = $DB->next_record(MYSQLI_NUM, false))) {
 	error('An error has occured.');
 }
 if ($NewArtistID > 0) {
 	// Make sure that's a real artist ID number, and grab the name
-	$DB->query("SELECT Name FROM artists_group WHERE ArtistID = $NewArtistID LIMIT 1");
+	$DB->query("
 		SELECT Name
 		FROM artists_group
 		WHERE ArtistID = $NewArtistID
 		LIMIT 1");
 	if (!(list($NewArtistName) = $DB->next_record())) {
 		error('Please enter a valid artist ID number.');
 	}
 } else {
 	// Didn't give an ID, so try to grab based on the name
-	$DB->query("SELECT ArtistID FROM artists_alias WHERE Name = '".db_string($NewArtistName)."' LIMIT 1");
+	$DB->query("
 		SELECT ArtistID
 		FROM artists_alias
 		WHERE Name = '".db_string($NewArtistName)."'
 		LIMIT 1");
 	if (!(list($NewArtistID) = $DB->next_record())) {
 		error('No artist by that name was found.');
 	}
@ -57,17 +69,26 @@
 	$Collages = $DB->collect('CollageID');
 	// And the info to avoid double-listing an artist if it and the target are on the same group
-	$DB->query("SELECT DISTINCT GroupID FROM torrents_artists WHERE ArtistID = $NewArtistID");
+	$DB->query("
 		SELECT DISTINCT GroupID
 		FROM torrents_artists
 		WHERE ArtistID = $NewArtistID");
 	$NewArtistGroups = $DB->collect('GroupID');
 	$NewArtistGroups[] = '0';
 	$NewArtistGroups = implode(',',$NewArtistGroups);
-	$DB->query("SELECT DISTINCT RequestID FROM requests_artists WHERE ArtistID = $NewArtistID");
+	$DB->query("
 		SELECT DISTINCT RequestID
 		FROM requests_artists
 		WHERE ArtistID = $NewArtistID");
 	$NewArtistRequests = $DB->collect('RequestID');
 	$NewArtistRequests[] = '0';
 	$NewArtistRequests = implode(',',$NewArtistRequests);
-	$DB->query("SELECT DISTINCT UserID from bookmarks_artists WHERE ArtistID = $NewArtistID");
+	$DB->query("
 		SELECT DISTINCT UserID
 		FROM bookmarks_artists
 		WHERE ArtistID = $NewArtistID");
 	$NewArtistBookmarks = $DB->collect('UserID');
 	$NewArtistBookmarks[] = '0';
 	$NewArtistBookmarks = implode(',',$NewArtistBookmarks);
--- a/sections/collages/add_artist.php
+++ b/sections/collages/add_artist.php
@ -65,8 +65,7 @@ function add_artist($CollageID, $ArtistID) {
 }
 if ($_REQUEST['action'] == 'add_artist') {
-	$URLRegex = '/^https?:\/\/(www\.|ssl\.)?'.preg_quote(NONSSL_SITE_URL, '/').'\/artist\.php\?(page=[0-9]+&)?id=([0-9]+)/i';
+	$Val->SetFields('url', '1','regex','The URL must be a link to a artist on the site.',array('regex' => '/^'.ARTIST_REGEX.'/i'));
 	$Val->SetFields('url', '1','regex','The URL must be a link to a artist on the site.',array('regex'=>$URLRegex));
 	$Err = $Val->ValidateForm($_POST);
 	if ($Err) {
@ -76,9 +75,8 @@ function add_artist($CollageID, $ArtistID) {
 	$URL = $_POST['url'];
 	// Get artist ID
-	$URLRegex = '/artist\.php\?(page=[0-9]+&)?id=([0-9]+)/i';
+	preg_match('/^'.ARTIST_REGEX.'/i', $URL, $Matches);
-	preg_match($URLRegex, $URL, $Matches);
+	$ArtistID = $Matches[4];
 	$ArtistID = $Matches[2];
 	if (!$ArtistID || (int) $ArtistID == 0) {
 		error(404);
 	}
@ -91,8 +89,6 @@ function add_artist($CollageID, $ArtistID) {
 	add_artist($CollageID, $ArtistID);
 } else {
 	$URLRegex = '/^https?:\/\/(www\.|ssl\.)?'.NONSSL_SITE_URL.'\/artist\.php\?(page=[0-9]+&)?id=([0-9]+)/i';
 	$URLs = explode("\n",$_REQUEST['urls']);
 	$ArtistIDs = array();
 	$Err = '';
@ -115,9 +111,9 @@ function add_artist($CollageID, $ArtistID) {
 	foreach ($URLs as $URL) {
 		$Matches = array();
-		if (preg_match($URLRegex, $URL, $Matches)) {
+		if (preg_match('/^'.ARTIST_REGEX.'/i', $URL, $Matches)) {
-			$ArtistIDs[] = $Matches[3];
+			$ArtistIDs[] = $Matches[4];
-			$ArtistID = $Matches[3];
+			$ArtistID = $Matches[4];
 		} else {
 			$Err = "One of the entered URLs ($URL) does not correspond to an artist on the site.";
 			break;
--- a/sections/collages/add_torrent.php
+++ b/sections/collages/add_torrent.php
@ -65,8 +65,7 @@ function add_torrent($CollageID, $GroupID) {
 }
 if ($_REQUEST['action'] == 'add_torrent') {
-	$URLRegex = '/^https?:\/\/(www\.|ssl\.)?'.NONSSL_SITE_URL.'\/torrents\.php\?(page=[0-9]+&)?id=([0-9]+)/i';
+	$Val->SetFields('url', '1','regex','The URL must be a link to a torrent on the site.',array('regex' => '/^'.TORRENT_GROUP_REGEX.'/i'));
 	$Val->SetFields('url', '1','regex','The URL must be a link to a torrent on the site.',array('regex'=>$URLRegex));
 	$Err = $Val->ValidateForm($_POST);
 	if ($Err) {
@ -76,9 +75,8 @@ function add_torrent($CollageID, $GroupID) {
 	$URL = $_POST['url'];
 	// Get torrent ID
-	$URLRegex = '/torrents\.php\?(page=[0-9]+&)?id=([0-9]+)/i';
+	preg_match('/^'.TORRENT_GROUP_REGEX.'/i', $URL, $Matches);
-	preg_match($URLRegex, $URL, $Matches);
+	$TorrentID = $Matches[4];
 	$TorrentID = $Matches[2];
 	if (!$TorrentID || (int)$TorrentID == 0) {
 		error(404);
 	}
@ -91,8 +89,6 @@ function add_torrent($CollageID, $GroupID) {
 	add_torrent($CollageID, $GroupID);
 } else {
 	$URLRegex = '/^https?:\/\/(www\.|ssl\.)?'.NONSSL_SITE_URL.'\/torrents\.php\?(page=[0-9]+&)?id=([0-9]+)/i';
 	$URLs = explode("\n",$_REQUEST['urls']);
 	$GroupIDs = array();
 	$Err = '';
@ -115,9 +111,9 @@ function add_torrent($CollageID, $GroupID) {
 	foreach ($URLs as $URL) {
 		$Matches = array();
-		if (preg_match($URLRegex, $URL, $Matches)) {
+		if (preg_match('/^'.TORRENT_GROUP_REGEX.'/i', $URL, $Matches)) {
-			$GroupIDs[] = $Matches[3];
+			$GroupIDs[] = $Matches[4];
-			$GroupID = $Matches[3];
+			$GroupID = $Matches[4];
 		} else {
 			$Err = "One of the entered URLs ($URL) does not correspond to a torrent on the site.";
 			break;
--- a/sections/friends/add.php
+++ b/sections/friends/add.php
@ -1,10 +1,19 @@
 <?
 authorize();
 if (!is_number($_GET['friendid'])) {
 	error(404);
 }
 $FriendID = db_string($_GET['friendid']);
 // Check if the user $FriendID exists
 $DB->query("SELECT 1 FROM users_main WHERE ID = '$FriendID'");
 if ($DB->record_count() == 0) {
 	error(404);
 }
 $DB->query("
 	INSERT IGNORE INTO friends
 		(UserID, FriendID)
 	VALUES ('$LoggedUser[ID]', '$FriendID')");
 header('Location: friends.php');
 ?>
--- a/sections/inbox/inbox.php
+++ b/sections/inbox/inbox.php
@ -67,7 +67,7 @@
 	}
 }
 $sql .= (($Section == 'sentbox') ? ' cu.InSentbox' : ' cu.InInbox');
-$sql .="='1'";
+$sql .= "='1'";
 $sql .="
 	GROUP BY c.ID
@ -80,7 +80,7 @@
 $Count = $DB->record_count();
 $Pages = Format::get_pages($Page, $NumResults, MESSAGES_PER_PAGE, 9);
-echo $Pages;
+echo "\t\t$Pages\n";
 ?>
 	</div>
@ -136,17 +136,20 @@
 				<tr class="<?=$RowClass?>">
 					<td class="center"><input type="checkbox" name="messages[]=" value="<?=$ConvID?>" /></td>
 					<td>
-<?			if ($Unread) {
+<?			echo "\t\t\t\t\t\t"; // for proper indentation of HTML
 			if ($Unread) {
 				echo '<strong>';
 			}
 			if ($Sticky) {
 				echo 'Sticky: ';
 			}
 			echo "\n";
 ?>
 						<a href="inbox.php?action=viewconv&amp;id=<?=$ConvID?>"><?=$Subject?></a>
 <?
 			echo "\t\t\t\t\t\t"; // for proper indentation of HTML
 			if ($Unread) {
-				echo '</strong>';
+				echo "</strong>\n";
 			} ?>
 					</td>
 					<td><?=Users::format_username($SenderID, true, true, true, true)?></td>
@ -164,7 +167,9 @@
 		</form>
 <? } ?>
 	</div>
-	<div class="linkbox"><?=$Pages?></div>
+	<div class="linkbox">
 <? echo "\t\t$Pages\n"; ?>
 	</div>
 </div>
 <?
 View::show_footer();
--- a/sections/inbox/takecompose.php
+++ b/sections/inbox/takecompose.php
@ -1,7 +1,6 @@
-<?
+<?php
 authorize();
 if (empty($_POST['toid'])) {
 	error(404);
 }
@ -10,7 +9,6 @@
 	error(403);
 }
 if (isset($_POST['convid']) && is_number($_POST['convid'])) {
 	$ConvID = $_POST['convid'];
 	$Subject = '';
--- a/sections/login/index.php
+++ b/sections/login/index.php
@ -168,7 +168,7 @@
 // Normal login
 else {
-	$Validate->SetFields('username',true,'regex','You did not enter a valid username.',array('regex'=>'/^[a-z0-9_?]{1,20}$/i'));
+	$Validate->SetFields('username',true,'regex','You did not enter a valid username.',array('regex' => USERNAME_REGEX));
 	$Validate->SetFields('password','1','string','You entered an invalid password.',array('minlength'=>'6','maxlength'=>'150'));
 	$DB->query("SELECT ID, Attempts, Bans, BannedUntil FROM login_attempts WHERE IP='".db_string($_SERVER['REMOTE_ADDR'])."'");
--- a/sections/register/index.php
+++ b/sections/register/index.php
@ -32,7 +32,7 @@
 	}
 } elseif (OPEN_REGISTRATION || !empty($_REQUEST['invite'])) {
-	$Val->SetFields('username', true, 'regex', 'You did not enter a valid username.', array('regex'=>'/^[a-z0-9_?]{1,20}$/iD'));
+	$Val->SetFields('username', true, 'regex', 'You did not enter a valid username.', array('regex' => USERNAME_REGEX));
 	$Val->SetFields('email', true, 'email', 'You did not enter a valid email address.');
 	$Val->SetFields('password', true, 'regex', 'A strong password is between 8 and 40 characters long, contains at least 1 lowercase and uppercase letter, and contains at least a number or symbol', array('regex'=>'/(?=^.{8,}$)(?=.*[^a-zA-Z])(?=.*[A-Z])(?=.*[a-z]).*$/'));
 	$Val->SetFields('confirm_password', true, 'compare', 'Your passwords do not match.', array('comparefield'=>'password'));
--- a/sections/reportsv2/takereport.php
+++ b/sections/reportsv2/takereport.php
@ -48,9 +48,9 @@
 }
 if (!empty($_POST['sitelink'])) {
-	if (preg_match_all('/((https?:\/\/)?([a-zA-Z0-9\-]+(\.[a-zA-Z0-9\-]+)*\.)?'.SSL_SITE_URL.'\/torrents.php\?(id=[0-9]+\&)?torrentid=([0-9]+))/is', $_POST['sitelink'], $Matches)) {
+	if (preg_match_all('/'.TORRENT_REGEX.'/i', $_POST['sitelink'], $Matches)) {
-		$ExtraIDs = implode(' ', $Matches[6]);
+		$ExtraIDs = implode(' ', $Matches[4]);
-		if (in_array($TorrentID, $Matches[6])) {
+		if (in_array($TorrentID, $Matches[4])) {
 			$Err = "The extra permalinks you gave included the link to the torrent you're reporting!";
 		}
 	} else {
@ -63,7 +63,7 @@
 if (!empty($_POST['link'])) {
 	//resource_type://domain:port/filepathname?query_string#anchor
 	//					http://		www			.foo.com								/bar
-	if (preg_match_all('/(https?:\/\/)?[a-zA-Z0-9\-]+(\.[a-zA-Z0-9\-]+)*(:[0-9]{2,5})?(\/(\S)+)?/is', $_POST['link'], $Matches)) {
+	if (preg_match_all('/'.URL_REGEX.'/is', $_POST['link'], $Matches)) {
 		$Links = implode(' ', $Matches[0]);
 	} else {
 		$Err = "The extra links you provided weren't links...";
--- a/sections/reportsv2/views.php
+++ b/sections/reportsv2/views.php
@ -215,7 +215,7 @@
 		SELECT
 			r.ResolverID,
 			um.Username,
-			COUNT(r.ID) AS Count,
+			COUNT(r.ID) AS Count
 		FROM reportsv2 AS r
 			LEFT JOIN users_main AS um ON r.ResolverID=um.ID
 		WHERE r.Status = 'InProgress'
--- a/sections/requests/takefill.php
+++ b/sections/requests/takefill.php
@ -14,22 +14,15 @@
 	$TorrentID = $_GET['torrentid'];
 } else {
 	if (empty($_POST['link'])) {
-		$Err = 'You forgot to supply a link to the filling torrent';
+		error('You forgot to supply a link to the filling torrent');
 	} else {
 		$Link = $_POST['link'];
-		if (preg_match('/'.TORRENT_REGEX.'/i', $Link, $Matches) < 1) {
+		if (!preg_match('/'.TORRENT_REGEX.'/i', $Link, $Matches)) {
-			$Err = 'Your link didn\'t seem to be a valid torrent link';
+			error('Your link didn\'t seem to be a valid torrent link');
 		} else {
-			$TorrentID = $Matches[0];
+			$TorrentID = $Matches[4];
 		}
 	}
 	if (!empty($Err)) {
 		error($Err);
 	}
 	preg_match("/torrentid=([0-9]+)/i", $Link, $Matches);
 	$TorrentID = $Matches[1];
 	if (!$TorrentID || !is_number($TorrentID)) {
 		error(404);
 	}
--- a/sections/requests/takenew_edit.php
+++ b/sections/requests/takenew_edit.php
@ -177,9 +177,8 @@
 	// GroupID
 	if (!empty($_POST['groupid'])) {
 		$GroupID = trim($_POST['groupid']);
-		$URLRegex = '/^https?:\/\/(www\.|ssl\.)?'.SSL_SITE_URL.'\/torrents\.php\?(page=[0-9]+&)?id=([0-9]+)/i';
+		if (preg_match('/^'.TORRENT_GROUP_REGEX.'/i', $GroupID, $Matches)) {
-		if (preg_match($URLRegex, $GroupID, $Matches)) {
+			$GroupID = $Matches[4];
 			$GroupID = $Matches[3];
 		}
 		if (is_number($GroupID)) {
 			$DB->query("SELECT 1 FROM torrents_group WHERE ID = '$GroupID' AND CategoryID = 1");
--- a/sections/tools/managers/bans.php
+++ b/sections/tools/managers/bans.php
@ -64,7 +64,7 @@
 	$sql .= "WHERE Reason LIKE '%".db_string($_REQUEST['notes'])."%' ";
 }
-if (!empty($_REQUEST['ip']) && preg_match('/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/', $_REQUEST['ip'])) {
+if (!empty($_REQUEST['ip']) && preg_match('/'.IP_REGEX.'/', $_REQUEST['ip'])) {
 	if (!empty($_REQUEST['notes'])) {
 		$sql .= "AND '".Tools::ip_to_unsigned($_REQUEST['ip'])."' BETWEEN FromIP AND ToIP ";
 	} else {
--- a/sections/tools/managers/recommend_add.php
+++ b/sections/tools/managers/recommend_add.php
@ -12,7 +12,7 @@
 // Make sure the URL they entered is on our site, and is a link to a torrent
 $URLRegex = '/^https?:\/\/(www\.|ssl\.)?'.NONSSL_SITE_URL.'\/torrents\.php\?id=([0-9]+)$/i';
 $Val->SetFields('url',
-			'1','regex','The URL must be a link to a torrent on the site.',array('regex'=>$URLRegex));
+			'1','regex','The URL must be a link to a torrent on the site.',array('regex' => '/^'.TORRENT_GROUP_REGEX.'/i'));
 $Err = $Val->ValidateForm($_POST); // Validate the form
 if ($Err) { // if something didn't validate
@ -22,9 +22,8 @@
 }
 // Get torrent ID
-$URLRegex = '/torrents\.php\?id=([0-9]+)$/i';
+preg_match('/^'.TORRENT_GROUP_REGEX.'/i', $URL, $Matches);
-preg_match($URLRegex, $URL, $Matches);
+$GroupID = $Matches[4];
 $GroupID = $Matches[1];
 if (empty($GroupID) || !is_number($GroupID)) {
 	 error(404);
--- a/sections/tools/managers/tokens.php
+++ b/sections/tools/managers/tokens.php
@ -10,12 +10,18 @@
 	if (!is_number($Tokens) || ($Tokens < 0)) {
 		error('Please enter a valid number of tokens.');
 	}
-	$sql = "UPDATE users_main SET FLTokens = FLTokens + $Tokens WHERE Enabled = '1'";
+	$sql = "
 		UPDATE users_main
 		SET FLTokens = FLTokens + $Tokens
 		WHERE Enabled = '1'";
 	if (!isset($_REQUEST['leechdisabled'])) {
 		$sql .= " AND can_leech = 1";
 	}
 	$DB->query($sql);
-	$sql = "SELECT ID FROM users_main WHERE Enabled = '1'";
+	$sql = "
 		SELECT ID
 		FROM users_main
 		WHERE Enabled = '1'";
 	if (!isset($_REQUEST['leechdisabled'])) {
 		$sql .= " AND can_leech = 1";
 	}
@ -39,9 +45,15 @@
 	} else {
 		$Where = "WHERE Enabled = '1' OR FLTokens > $Tokens";
 	}
-	$DB->query("SELECT ID FROM users_main $Where");
+	$DB->query("
 		SELECT ID
 		FROM users_main
 		$Where");
 	$Users = $DB->to_array();
-	$DB->query("UPDATE users_main SET FLTokens = $Tokens $Where");
+	$DB->query("
 		UPDATE users_main
 		SET FLTokens = $Tokens
 		$Where");
 	foreach ($Users as $UserID) {
 		list($UserID) = $UserID;
--- a/sections/tools/services/get_host.php
+++ b/sections/tools/services/get_host.php
@ -14,7 +14,7 @@
 $Octets = explode('.', $_GET['ip']);
 if (
 	empty($_GET['ip']) ||
-	!preg_match('/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/', $_GET['ip']) ||
+	!preg_match('/'.IP_REGEX.'/', $_GET['ip']) ||
 	$Octets[0] < 0 ||
 	$Octets[0] > 255 ||
 	$Octets[1] < 0 ||
--- a/sections/torrents/browse2.php
+++ b/sections/torrents/browse2.php
@ -56,29 +56,41 @@ function header_link($SortKey,$DefaultWay="desc") {
 // Setting default search options
 if (!empty($_GET['setdefault'])) {
-	$UnsetList = array('page','setdefault');
+	$UnsetList = array('page', 'setdefault');
-	$UnsetRegexp = '/(&|^)('.implode('|',$UnsetList).')=.*?(&|$)/i';
+	$UnsetRegexp = '/(&|^)('.implode('|', $UnsetList).')=.*?(&|$)/i';
-	$DB->query("SELECT SiteOptions FROM users_info WHERE UserID='".db_string($LoggedUser['ID'])."'");
+	$DB->query("
-	list($SiteOptions)=$DB->next_record(MYSQLI_NUM, false);
+		SELECT SiteOptions
 		FROM users_info
 		WHERE UserID='".db_string($LoggedUser['ID'])."'");
 	list($SiteOptions) = $DB->next_record(MYSQLI_NUM, false);
 	if (!empty($SiteOptions)) {
 		$SiteOptions = unserialize($SiteOptions);
 	} else {
 		$SiteOptions = array();
 	}
-	$SiteOptions['DefaultSearch'] = preg_replace($UnsetRegexp,'',$_SERVER['QUERY_STRING']);
+	$SiteOptions['DefaultSearch'] = preg_replace($UnsetRegexp, '', $_SERVER['QUERY_STRING']);
-	$DB->query("UPDATE users_info SET SiteOptions='".db_string(serialize($SiteOptions))."' WHERE UserID='".db_string($LoggedUser['ID'])."'");
+	$DB->query("
 		UPDATE users_info
 		SET SiteOptions='".db_string(serialize($SiteOptions))."'
 		WHERE UserID='".db_string($LoggedUser['ID'])."'");
 	$Cache->begin_transaction('user_info_heavy_'.$UserID);
 	$Cache->update_row(false, array('DefaultSearch'=>$SiteOptions['DefaultSearch']));
 	$Cache->commit_transaction(0);
 // Clearing default search options
 } elseif (!empty($_GET['cleardefault'])) {
-	$DB->query("SELECT SiteOptions FROM users_info WHERE UserID='".db_string($LoggedUser['ID'])."'");
+	$DB->query("
-	list($SiteOptions)=$DB->next_record(MYSQLI_NUM, false);
+		SELECT SiteOptions
-	$SiteOptions=unserialize($SiteOptions);
+		FROM users_info
-	$SiteOptions['DefaultSearch']='';
+		WHERE UserID='".db_string($LoggedUser['ID'])."'");
-	$DB->query("UPDATE users_info SET SiteOptions='".db_string(serialize($SiteOptions))."' WHERE UserID='".db_string($LoggedUser['ID'])."'");
+	list($SiteOptions) = $DB->next_record(MYSQLI_NUM, false);
 	$SiteOptions = unserialize($SiteOptions);
 	$SiteOptions['DefaultSearch'] = '';
 	$DB->query("
 		UPDATE users_info
 		SET SiteOptions='".db_string(serialize($SiteOptions))."'
 		WHERE UserID='".db_string($LoggedUser['ID'])."'");
 	$Cache->begin_transaction('user_info_heavy_'.$UserID);
 	$Cache->update_row(false, array('DefaultSearch'=>''));
 	$Cache->commit_transaction(0);
@ -146,7 +158,7 @@ function header_link($SortKey,$DefaultWay="desc") {
 /** Start preparation of property arrays **/
 array_pop($Bitrates); // remove 'other'
-$SearchBitrates = array_merge($Bitrates, array('v0','v1','v2','24bit'));
+$SearchBitrates = array_merge($Bitrates, array('v0', 'v1', 'v2', '24bit'));
 foreach ($SearchBitrates as $ID=>$Val) {
 	$SearchBitrates[$ID] = strtolower($Val);
@ -237,7 +249,7 @@ function header_link($SortKey,$DefaultWay="desc") {
 //Simple search
 if (!empty($_GET['searchstr'])) {
 	$SearchString = trim($_GET['searchstr']);
-	$Words = explode(' ',strtolower($SearchString));
+	$Words = explode(' ', strtolower($SearchString));
 	if (!empty($Words)) {
 		$FilterBitrates = $FilterFormats = array();
 		$BasicSearch = array('include' => array(), 'exclude' => array());
@ -250,7 +262,7 @@ function header_link($SortKey,$DefaultWay="desc") {
 			if ($Word[0] == '!' && strlen($Word) >= 2) {
 				if ($Word == '!100%') {
 					$_GET['haslog'] = '-1';
-				} elseif (strpos($Word,'!',1) === false) {
+				} elseif (strpos($Word, '!', 1) === false) {
 					$BasicSearch['exclude'][] = $Word;
 				} else {
 					$BasicSearch['include'][] = $Word;
@ -279,7 +291,7 @@ function header_link($SortKey,$DefaultWay="desc") {
 		}
 		if (!empty($BasicSearch['exclude'])) {
 			foreach ($BasicSearch['exclude'] as $Word) {
-				$QueryParts[] = '!'.Sphinxql::escape_string(substr($Word,1));
+				$QueryParts[] = '!'.Sphinxql::escape_string(substr($Word, 1));
 			}
 		}
 		if (!empty($FilterBitrates)) {
@ -309,7 +321,10 @@ function header_link($SortKey,$DefaultWay="desc") {
 	//Get tag aliases.
 	$TagAliases = $Cache->get_value('tag_aliases_search');
 	if (!$TagAliases) {
-		$DB->query("SELECT ID,BadTag,AliasTag FROM tag_aliases ORDER BY BadTag");
+		$DB->query("
 			SELECT ID, BadTag, AliasTag
 			FROM tag_aliases
 			ORDER BY BadTag");
 		$TagAliases = $DB->to_array();
 		//Unify tag aliases to be in_this_format as tags not in.this.format
 		array_walk_recursive($TagAliases, create_function('&$val', '$val = preg_replace("/\./","_", $val);'));
@ -400,7 +415,7 @@ function header_link($SortKey,$DefaultWay="desc") {
 	}
 	if (!empty($Words['exclude'])) {
 		foreach ($Words['exclude'] as $Word) {
-			$QueryParts[] = '!'.Sphinxql::escape_string(substr($Word,1));
+			$QueryParts[] = '!'.Sphinxql::escape_string(substr($Word, 1));
 		}
 	}
 	if (!empty($QueryParts)) {
@ -451,7 +466,7 @@ function header_link($SortKey,$DefaultWay="desc") {
 		$Filtered = true;
 	}
 }
-foreach (array('hascue','scene','vanityhouse','releasetype') as $Search) {
+foreach (array('hascue', 'scene', 'vanityhouse', 'releasetype') as $Search) {
 	if (isset($_GET[$Search]) && $_GET[$Search] !== '') {
 		$SphQL->where($Search, $_GET[$Search]);
 		// Release type is group specific
@ -459,6 +474,7 @@ function header_link($SortKey,$DefaultWay="desc") {
 			$SphQLTor->where($Search, $_GET[$Search]);
 		}
 		if ($_GET[$Search] !== 0) {
 			//TODO: Clean up this hack
 			// Hack! Deleted torrents may show up if we set to true unconditionally. Hope no one notices
 			$Filtered = true;
 		}
--- a/sections/user/advancedsearch.php
+++ b/sections/user/advancedsearch.php
@ -4,11 +4,11 @@
 * Best viewed with a wide screen monitor							  *
 **********************************************************************/
 if (!empty($_GET['search'])) {
-	if (preg_match("/^".IP_REGEX."$/", $_GET['search'])) {
+	if (preg_match('/^'.IP_REGEX.'$/', $_GET['search'])) {
 		$_GET['ip'] = $_GET['search'];
-	} elseif (preg_match("/^".EMAIL_REGEX."$/i", $_GET['search'])) {
+	} elseif (preg_match('/^'.EMAIL_REGEX.'$/i', $_GET['search'])) {
 		$_GET['email'] = $_GET['search'];
-	} elseif (preg_match('/^[a-z0-9_?]{1,20}$/iD',$_GET['search'])) {
+	} elseif (preg_match(USERNAME_REGEX,$_GET['search'])) {
 		$DB->query("
 			SELECT ID
 			FROM users_main
--- a/sections/user/connchecker.php
+++ b/sections/user/connchecker.php
@ -5,7 +5,7 @@
 	$Octets = explode(".", $_GET['ip']);
 	if (
 		empty($_GET['ip']) ||
-		!preg_match('/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/', $_GET['ip']) ||
+		!preg_match('/'.IP_REGEX.'/', $_GET['ip']) ||
 		$Octets[0] < 0 ||
 		$Octets[0] > 255 ||
 		$Octets[1] < 0 ||
--- a/sections/wiki/takelink.php
+++ b/sections/wiki/takelink.php
@ -1,10 +1,10 @@
 <?
 authorize();
-if (preg_match('/^https?:\/\/(www\.|ssl\.)?'.NONSSL_SITE_URL.'\/wiki\.php\?action=article\&id=([0-9]+)/i',$_POST['url'],$Match)) {
+if (preg_match('/^'.SITELINK_REGEX.'\/wiki\.php\?action=article\&id=([0-9]+)/i',$_POST['url'],$Match)) {
 	$ArticleID = $Match[2];
 }
-if (preg_match('/^https?:\/\/(www\.|ssl\.)?'.NONSSL_SITE_URL.'\/wiki\.php\?action=article\&name=(.+)/i',$_POST['url'],$Match)) {
+if (preg_match('/^'.SITELINK_REGEX.'\/wiki\.php\?action=article\&name=(.+)/i',$_POST['url'],$Match)) {
 	$ArticleID = $Alias->to_id($Match[2]);
 }
 if (!$ArticleID) {