From 754a8b322f474c96eaf13986e48a56dd0beaa08f Mon Sep 17 00:00:00 2001 From: Roman Kelesidis Date: Sat, 6 Jan 2024 01:21:00 +0700 Subject: [PATCH] Updated --- library/ajax/avatar.php | 8 ++++++-- library/ajax/change_tor_status.php | 7 +++++-- library/ajax/change_user_rank.php | 6 +++++- library/ajax/index_data.php | 8 ++++++-- library/ajax/manage_admin.php | 4 +++- library/ajax/manage_user.php | 4 +++- library/ajax/mod_action.php | 3 ++- library/ajax/sitemap.php | 3 ++- library/ajax/user_register.php | 3 ++- library/attach_mod/posting_attachments.php | 10 +++++----- 10 files changed, 39 insertions(+), 17 deletions(-) diff --git a/library/ajax/avatar.php b/library/ajax/avatar.php index 90a3b6dd..5ecc63e4 100644 --- a/library/ajax/avatar.php +++ b/library/ajax/avatar.php @@ -4,7 +4,10 @@ if (!defined('IN_AJAX')) die(basename(__FILE__)); global $bb_cfg, $lang, $user; -$mode = (string) $this->request['mode']; +if (!$mode = (string) $this->request['mode']) +{ + $this->ajax_die('invalid mode (empty)'); +} $user_id = (int) $this->request['user_id']; if (!$user_id OR !$u_data = get_userdata($user_id)) @@ -25,7 +28,8 @@ switch ($mode) $response = ''. $user_id .''; break; default: - $this->ajax_die('Invalid mode'); + $this->ajax_die('Invalid mode: ' . $mode); + break; } DB()->query("UPDATE ". BB_USERS ." SET avatar_ext_id = $new_ext_id WHERE user_id = $user_id LIMIT 1"); diff --git a/library/ajax/change_tor_status.php b/library/ajax/change_tor_status.php index e70a8f19..5ece233a 100644 --- a/library/ajax/change_tor_status.php +++ b/library/ajax/change_tor_status.php @@ -7,7 +7,10 @@ global $userdata, $bb_cfg, $lang; if (!isset($this->request['attach_id'])) $this->ajax_die($lang['EMPTY_ATTACH_ID']); $attach_id = (int) $this->request['attach_id']; -$mode = (string) $this->request['mode']; +if (!$mode = (string) $this->request['mode']) +{ + $this->ajax_die('invalid mode (empty)'); +} $comment = ''; if ($bb_cfg['tor_comment']) @@ -104,7 +107,7 @@ switch ($mode) break; default: - $this->ajax_die('Invalid mode'); + $this->ajax_die('Invalid mode: ' . $mode); break; } diff --git a/library/ajax/change_user_rank.php b/library/ajax/change_user_rank.php index a35f6af3..357f2e70 100644 --- a/library/ajax/change_user_rank.php +++ b/library/ajax/change_user_rank.php @@ -4,7 +4,11 @@ if (!defined('IN_AJAX')) die(basename(__FILE__)); global $datastore, $lang; -$ranks = $datastore->get('ranks'); +if (!$ranks = $datastore->get('ranks')) +{ + $datastore->update('ranks'); + $ranks = $datastore->get('ranks'); +} $rank_id = intval($this->request['rank_id']); if (!$user_id = intval($this->request['user_id']) OR !$profiledata = get_userdata($user_id)) diff --git a/library/ajax/index_data.php b/library/ajax/index_data.php index bbe6d25b..5e4ce77b 100644 --- a/library/ajax/index_data.php +++ b/library/ajax/index_data.php @@ -4,7 +4,10 @@ if (!defined('IN_AJAX')) die(basename(__FILE__)); global $bb_cfg, $lang, $userdata, $datastore; -$mode = (string) $this->request['mode']; +if (!$mode = (string) $this->request['mode']) +{ + $this->ajax_die('invalid mode (empty)'); +} $html = ''; switch($mode) @@ -131,7 +134,8 @@ switch($mode) break; default: - $this->ajax_die('Invalid mode'); + $this->ajax_die('Invalid mode: ' . $mode); + break; } $this->response['html'] = $html; diff --git a/library/ajax/manage_admin.php b/library/ajax/manage_admin.php index a3adcc97..f274fd38 100644 --- a/library/ajax/manage_admin.php +++ b/library/ajax/manage_admin.php @@ -116,7 +116,9 @@ switch ($mode) default: - $this->ajax_die('Invalid mode'); + $this->ajax_die('Invalid mode: ' . $mode); + + break; } $this->response['mode'] = $mode; diff --git a/library/ajax/manage_user.php b/library/ajax/manage_user.php index 775ba8e8..0a282cb5 100644 --- a/library/ajax/manage_user.php +++ b/library/ajax/manage_user.php @@ -88,7 +88,9 @@ switch ($mode) default: - $this->ajax_die('Invalid mode'); + $this->ajax_die('Invalid mode: ' . $mode); + + break; } $this->response['mode'] = $mode; diff --git a/library/ajax/mod_action.php b/library/ajax/mod_action.php index cbabe163..f0dfc6ac 100644 --- a/library/ajax/mod_action.php +++ b/library/ajax/mod_action.php @@ -143,5 +143,6 @@ switch ($mode) break; default: - $this->ajax_die('Invalid mode'); + $this->ajax_die('Invalid mode: ' . $mode); + break; } diff --git a/library/ajax/sitemap.php b/library/ajax/sitemap.php index 0c1db0ed..2e6377a1 100644 --- a/library/ajax/sitemap.php +++ b/library/ajax/sitemap.php @@ -42,7 +42,8 @@ switch ($mode) break; default: - $this->ajax_die('Invalid mode'); + $this->ajax_die('Invalid mode: ' . $mode); + break; } $this->response['html'] = $html; diff --git a/library/ajax/user_register.php b/library/ajax/user_register.php index 464901a9..74f10e15 100644 --- a/library/ajax/user_register.php +++ b/library/ajax/user_register.php @@ -71,7 +71,8 @@ switch($mode) break; default: - $this->ajax_die('Invalid mode'); + $this->ajax_die('Invalid mode: ' . $mode); + break; } $this->response['html'] = $html; diff --git a/library/attach_mod/posting_attachments.php b/library/attach_mod/posting_attachments.php index 703bf1a9..e3da6b51 100644 --- a/library/attach_mod/posting_attachments.php +++ b/library/attach_mod/posting_attachments.php @@ -2,13 +2,13 @@ if (!defined('IN_FORUM')) die("Hacking attempt"); -define('FILENAME_PREFIX', true); -define('FILENAME_PREFIX_LENGTH', 6); +define('FILENAME_PREFIX', true); // Добавлять ли в начале имени файла префикс (случайная строка) +define('FILENAME_PREFIX_LENGTH', 6); // Длина префикса -define('FILENAME_CRYPTIC', false); -define('FILENAME_CRYPTIC_LENGTH', 32); +define('FILENAME_CRYPTIC', false); // Использовать в качестве названия файла случайную строку (псевдо-криптографическая) +define('FILENAME_CRYPTIC_LENGTH', 32); // Длина имени -define('FILENAME_MAX_LENGTH', 128); +define('FILENAME_MAX_LENGTH', 128); // Максимальная длина имени файла class attach_parent {