From 7c417c6c16c5c864384c0d7f9ab4e982d223316d Mon Sep 17 00:00:00 2001 From: Git Date: Mon, 22 Apr 2013 08:00:58 +0000 Subject: [PATCH] Empty commit --- classes/class_text.php | 61 +++++++++++++++++++++++++------ sections/ajax/index.php | 2 +- sections/inbox/compose.php | 2 +- sections/inbox/conversation.php | 2 +- sections/requests/requests.php | 16 +++++++- sections/user/community_stats.php | 8 ++++ sections/user/user.php | 4 +- 7 files changed, 77 insertions(+), 18 deletions(-) diff --git a/classes/class_text.php b/classes/class_text.php index 9b0eb5cb..2597beaa 100644 --- a/classes/class_text.php +++ b/classes/class_text.php @@ -56,12 +56,30 @@ class TEXT { private $NoImg = 0; // If images should be turned into URLs private $Levels = 0; + + /** + * The maximum amount of nesting allowed (exclusive) + * In reality n-1 nests are shown. + * @var int $MaximumNests + */ + private $MaximumNests = 10; /** * Used to detect and disable parsing (e.g. TOC) within quotes * @var int $InQuotes */ private $InQuotes = 0; + + /** + * Used to [hide] quote trains starting with the specified depth (inclusive) + * @var int $NestsBeforeHide + * + * This defaulted to 5 but was raised to 10 to effectively "disable" it until + * an optimal number of nested [quote] tags is chosen. The variable $MaximumNests + * effectively overrides this variable, if $MaximumNests is less than the value + * of $NestsBeforeHide. + */ + private $NestsBeforeHide = 10; /** * Array of headlines for Table Of Contents (TOC) @@ -504,8 +522,7 @@ private function parse ($Str) { * Generates a navigation list for TOC * @param int $Min Minimum number of headlines required for a TOC list */ - public function parse_toc ($Min = 3) - { + public function parse_toc ($Min = 3) { if (count($this->Headlines) > $Min) { $list = '', $diff); @@ -569,17 +585,30 @@ private function headline_level (&$ItemLevel, &$Level, &$List, $i, &$Offset) private function to_html ($Array) { global $SSL; $this->Levels++; - if ($this->Levels > 10) { - return $Block['Val']; - } // Hax prevention + /* + * Hax prevention + * That's the original comment on this. + * Most likely this was implemented to avoid anyone nesting enough + * elements to reach PHP's memory limit as nested elements are + * solved recursively. + * Original value of 10, it is now replaced in favor of + * $MaximumNests. + * If this line is ever executed then something is, infact + * being haxed as the if before the block type switch for different + * tags should always be limiting ahead of this line. + * (Larger than vs. smaller than.) + */ + if ($this->Levels > $this->MaximumNests) { + return $Block['Val']; // Hax prevention, breaks upon exceeding nests. + } $Str = ''; - foreach ($Array as $Block) { if (is_string($Block)) { $Str.=$this->smileys($Block); continue; } - switch($Block['Type']) { + if ($this->Levels < $this->MaximumNests) { + switch ($Block['Type']) { case 'b': $Str.=''.$this->to_html($Block['Val']).''; break; @@ -692,17 +721,24 @@ private function to_html ($Array) { case 'quote': $this->NoImg++; // No images inside quote tags $this->InQuotes++; + if ($this->InQuotes == $this->NestsBeforeHide) { //Put quotes that are nested beyond the specified limit in [hide] tags. + $Str.='Older quotes: Show'; + $Str.='
'; // Ensure new line after quote train hiding + } $this->NoImg--; $this->InQuotes--; break; @@ -800,6 +836,7 @@ private function to_html ($Array) { } } + } $this->Levels--; return $Str; } @@ -811,7 +848,7 @@ private function raw_text ($Array) { $Str.=$Block; continue; } - switch($Block['Type']) { + switch ($Block['Type']) { case 'headline': break; case 'b': diff --git a/sections/ajax/index.php b/sections/ajax/index.php index e9ca5722..688c9329 100644 --- a/sections/ajax/index.php +++ b/sections/ajax/index.php @@ -13,7 +13,7 @@ /* AJAX_LIMIT = array(x,y) = 'x' requests every 'y' seconds. e.g. array(5,10) = 5 requests every 10 seconds */ $AJAX_LIMIT = array(5,10); -$Limited_Pages = array('tcomments','user','forum','top10','browse','usersearch','requests','artist','inbox','subscriptions','bookmarks','announcements','notifications','request','better','similar_artists','userhistory','votefavorite','wiki'); +$Limited_Pages = array('tcomments','user','forum','top10','browse','usersearch','requests','artist','inbox','subscriptions','bookmarks','announcements','notifications','request','better','similar_artists','userhistory','votefavorite','wiki','torrentgroup'); header('Content-Type: application/json; charset=utf-8'); diff --git a/sections/inbox/compose.php b/sections/inbox/compose.php index 0cc643a9..4dbe6f3d 100644 --- a/sections/inbox/compose.php +++ b/sections/inbox/compose.php @@ -32,7 +32,7 @@

Subject


Body

- +
diff --git a/sections/inbox/conversation.php b/sections/inbox/conversation.php index 210560ab..2b9e8a89 100644 --- a/sections/inbox/conversation.php +++ b/sections/inbox/conversation.php @@ -92,7 +92,7 @@ -
+
diff --git a/sections/requests/requests.php b/sections/requests/requests.php index be8bbad2..ecaf34fb 100644 --- a/sections/requests/requests.php +++ b/sections/requests/requests.php @@ -21,8 +21,20 @@ } else { switch ($_GET['type']) { case 'created': - $Title = 'My requests'; - $SS->set_filter('userid', array($LoggedUser['ID'])); + if (!empty($_GET['userid'])) { + if (is_number($_GET['userid'])) { + if (!check_paranoia('requestsvoted_list', $UserInfo['Paranoia'], $Perms['Class'], $_GET['userid'])) { + error(403); + } + $Title = 'Requests created by ' . $UserInfo['Username']; + $SS->set_filter('userid', array($_GET['userid'])); + } else { + error(404); + } + } else { + $Title = 'My requests'; + $SS->set_filter('userid', array($LoggedUser['ID'])); + } break; case 'voted': if (!empty($_GET['userid'])) { diff --git a/sections/user/community_stats.php b/sections/user/community_stats.php index ebd26def..0224bb47 100644 --- a/sections/user/community_stats.php +++ b/sections/user/community_stats.php @@ -104,12 +104,20 @@ $ViewBounty = check_paranoia_here('requestsvoted_bounty'); if ($ViewCount && !$ViewBounty && !$ViewAll) { ?> +
  • Requests created:
  • Requests voted:
  • +
  • Requests created: spent
  • Requests voted: spent
  • +
  • Requests created: for
  • Requests voted: for
  • +
  • + >Requests created: + > for + View +
  • >Requests voted: > for diff --git a/sections/user/user.php b/sections/user/user.php index fa6f26fa..b02efdd2 100644 --- a/sections/user/user.php +++ b/sections/user/user.php @@ -266,8 +266,10 @@ function check_paranoia_here($Setting) { if (check_paranoia_here('requestsvoted_count') || check_paranoia_here('requestsvoted_bounty')) { $DB->query("SELECT COUNT(rv.RequestID), SUM(rv.Bounty) FROM requests_votes AS rv WHERE rv.UserID = ".$UserID); list($RequestsVoted, $TotalSpent) = $DB->next_record(); + $DB->query('SELECT COUNT(r.ID), SUM(rv.Bounty) FROM requests AS r LEFT JOIN requests_votes AS rv ON rv.RequestID = r.ID AND rv.UserID = r.UserID WHERE r.UserID = ' . $UserID); + list($RequestsCreated, $RequestsCreatedSpent) = $DB->next_record(); } else { - $RequestsVoted = $TotalSpent = 0; + $RequestsVoted = $TotalSpent = $RequestsCreated = $RequestsCreatedSpent = 0; } if (check_paranoia_here('uploads+')) {