diff --git a/Sources/Actions/Admin/Reports.php b/Sources/Actions/Admin/Reports.php index a6fa784d73a..89c0ceffaf2 100644 --- a/Sources/Actions/Admin/Reports.php +++ b/Sources/Actions/Admin/Reports.php @@ -429,7 +429,7 @@ public function boardPerms(): void [Group::ADMIN], ); - foreach ($groups_data as $group) { + foreach ($group_data as $group) { $group->loadPermissions(); } diff --git a/Sources/Actions/BoardIndex.php b/Sources/Actions/BoardIndex.php index 82fdb71cc3b..0cea4516bbd 100644 --- a/Sources/Actions/BoardIndex.php +++ b/Sources/Actions/BoardIndex.php @@ -412,11 +412,11 @@ public static function get(array $board_index_options): array // Ensure the slug for the member has been set. if ( - !empty($row['id_member']) - && ($row['real_name'] ?? '') !== '' - && !isset(Slug::$known['member'][(int) $row['id_member']]) + !empty($row_board['id_member']) + && ($row_board['real_name'] ?? '') !== '' + && !isset(Slug::$known['member'][(int) $row_board['id_member']]) ) { - Slug::create($row['real_name'], 'member', (int) $row['id_member']); + Slug::create($row_board['real_name'], 'member', (int) $row_board['id_member']); } $parent = Board::$loaded[$row_board['id_parent']] ?? null; diff --git a/Sources/Actions/Profile/Activate.php b/Sources/Actions/Profile/Activate.php index ee9f02c3462..d9dcc1dbdae 100644 --- a/Sources/Actions/Profile/Activate.php +++ b/Sources/Actions/Profile/Activate.php @@ -20,6 +20,7 @@ use SMF\Config; use SMF\IntegrationHook; use SMF\Logging; +use SMF\Mail; use SMF\Profile; use SMF\User; use SMF\Utils; diff --git a/Sources/Poll.php b/Sources/Poll.php index c3399c07591..32c46e513f6 100644 --- a/Sources/Poll.php +++ b/Sources/Poll.php @@ -960,6 +960,63 @@ public static function checkRemovePermission(self $poll): bool return true; } + /** + * Validates and sanitizes $_POST input for creating or editing a poll. + */ + public static function sanitizeInput(array &$errors): void + { + if (!isset($_POST['question']) || trim($_POST['question']) == '') { + $errors[] = 'no_question'; + } + + $_POST['options'] = empty($_POST['options']) ? [] : Utils::htmlTrimRecursive($_POST['options']); + + // Get rid of empty ones. + foreach ($_POST['options'] as $k => $option) { + if ($option == '') { + unset($_POST['options'][$k], $_POST['options'][$k]); + } + } + + // What are you going to vote between with one choice?!? + if (count($_POST['options']) < 2) { + $errors[] = 'poll_few'; + } elseif (count($_POST['options']) > 256) { + $errors[] = 'poll_many'; + } + + if (!empty($errors)) { + return; + } + + // Make sure these things are all sane. + $_POST['poll_max_votes'] = min(max((int) ($_POST['poll_max_votes'] ?? 1), 1), count($_POST['options'] ?? [])); + $_POST['poll_expire'] = min(max((int) ($_POST['poll_expire'] ?? 0), 0), 9999); + $_POST['poll_hide'] = (int) ($_POST['poll_hide'] ?? 0); + $_POST['poll_change_vote'] = (int) !empty($_POST['poll_change_vote']); + $_POST['poll_guest_vote'] = (int) !empty($_POST['poll_guest_vote']); + + // Make sure guests are actually allowed to vote generally. + if ($_POST['poll_guest_vote']) { + $_POST['poll_guest_vote'] = self::canGuestsVote(); + } + + // If the user tries to set the poll too far in advance, don't let them. + if (!empty($_POST['poll_expire']) && $_POST['poll_expire'] < 1) { + ErrorHandler::fatalLang('poll_range_error', false); + } + // Don't allow them to select option 2 for hidden results if it's not time limited. + elseif (empty($_POST['poll_expire']) && $_POST['poll_hide'] == 2) { + $_POST['poll_hide'] = 1; + } + + // Clean up the question and answers. + $_POST['question'] = Utils::htmlspecialchars($_POST['question']); + $_POST['question'] = Utils::truncate($_POST['question'], 255); + $_POST['question'] = preg_replace('~&#(\d{4,5}|[2-9]\d{2,4}|1[2-9]\d);~', '&#$1;', $_POST['question']); + $_POST['options'] = Utils::htmlspecialcharsRecursive($_POST['options']); + } + /****************** * Internal methods ******************/ @@ -1361,65 +1418,4 @@ protected function getMostActive(int &$options): int return (int) $most_active; } - - /************************* - * Internal static methods - *************************/ - - /** - * Validates and sanitizes $_POST input for creating or editing a poll. - */ - protected static function sanitizeInput(array &$errors): void - { - if (!isset($_POST['question']) || trim($_POST['question']) == '') { - $errors[] = 'no_question'; - } - - $_POST['options'] = empty($_POST['options']) ? [] : Utils::htmlTrimRecursive($_POST['options']); - - // Get rid of empty ones. - foreach ($_POST['options'] as $k => $option) { - if ($option == '') { - unset($_POST['options'][$k], $_POST['options'][$k]); - } - } - - // What are you going to vote between with one choice?!? - if (count($_POST['options']) < 2) { - $errors[] = 'poll_few'; - } elseif (count($_POST['options']) > 256) { - $errors[] = 'poll_many'; - } - - if (!empty($errors)) { - return; - } - - // Make sure these things are all sane. - $_POST['poll_max_votes'] = min(max((int) ($_POST['poll_max_votes'] ?? 1), 1), count($_POST['options'] ?? [])); - $_POST['poll_expire'] = min(max((int) ($_POST['poll_expire'] ?? 0), 0), 9999); - $_POST['poll_hide'] = (int) ($_POST['poll_hide'] ?? 0); - $_POST['poll_change_vote'] = (int) !empty($_POST['poll_change_vote']); - $_POST['poll_guest_vote'] = (int) !empty($_POST['poll_guest_vote']); - - // Make sure guests are actually allowed to vote generally. - if ($_POST['poll_guest_vote']) { - $_POST['poll_guest_vote'] = self::canGuestsVote(); - } - - // If the user tries to set the poll too far in advance, don't let them. - if (!empty($_POST['poll_expire']) && $_POST['poll_expire'] < 1) { - ErrorHandler::fatalLang('poll_range_error', false); - } - // Don't allow them to select option 2 for hidden results if it's not time limited. - elseif (empty($_POST['poll_expire']) && $_POST['poll_hide'] == 2) { - $_POST['poll_hide'] = 1; - } - - // Clean up the question and answers. - $_POST['question'] = Utils::htmlspecialchars($_POST['question']); - $_POST['question'] = Utils::truncate($_POST['question'], 255); - $_POST['question'] = preg_replace('~&#(\d{4,5}|[2-9]\d{2,4}|1[2-9]\d);~', '&#$1;', $_POST['question']); - $_POST['options'] = Utils::htmlspecialcharsRecursive($_POST['options']); - } }