makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-27 21:58:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge commit 'release-3.0.1-RC1'

Browse source
This commit is contained in:
Nils Adermann 2010-03-02 01:05:38 +01:00
commit 0434ccf303
156 changed files with 2140 additions and 1370 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

105
phpBB/adm/index.php
View file

@ -45,8 +45,8 @@ define('IN_ADMIN', true);
$phpbb_admin_path = (defined('PHPBB_ADMIN_PATH')) ? PHPBB_ADMIN_PATH : './';
// Some oft used variables
$safe_mode = (@ini_get('safe_mode') || @strtolower(ini_get('safe_mode')) == 'on') ? true : false;
$file_uploads = (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on') ? true : false;
$safe_mode = (@ini_get('safe_mode') == '1' || @strtolower(ini_get('safe_mode')) === 'on') ? true : false;
$file_uploads = (@ini_get('file_uploads') == '1' || strtolower(@ini_get('file_uploads')) === 'on') ? true : false;
$module_id = request_var('i', '');
$mode = request_var('mode', '');
@ -184,7 +184,7 @@ function adm_page_footer($copyright_html = true)
{
global $base_memory_usage;
$memory_usage -= $base_memory_usage;
$memory_usage = ($memory_usage >= 1048576) ? round((round($memory_usage / 1048576 * 100) / 100), 2) . ' ' . $user->lang['MB'] : (($memory_usage >= 1024) ? round((round($memory_usage / 1024 * 100) / 100), 2) . ' ' . $user->lang['KB'] : $memory_usage . ' ' . $user->lang['BYTES']);
$memory_usage = get_formatted_filesize($memory_usage);
$debug_output .= ' | Memory Usage: ' . $memory_usage;
}
@ -367,33 +367,64 @@ function build_cfg_template($tpl_type, $key, &$new, $config_key, $vars)
}
/**
* Going through a config array and validate values, writing errors to $error.
* Going through a config array and validate values, writing errors to $error. The validation method accepts parameters separated by ':' for string and int.
* The first parameter defines the type to be used, the second the lower bound and the third the upper bound. Only the type is required.
*/
function validate_config_vars($config_vars, &$cfg_array, &$error)
{
global $phpbb_root_path, $user;
$type = 0;
$min = 1;
$max = 2;
foreach ($config_vars as $config_name => $config_definition)
{
if (!isset($cfg_array[$config_name]) || strpos($config_name, 'legend') !== false)
{
continue;
}
if (!isset($config_definition['validate']))
{
continue;
}
$validator = explode(':', $config_definition['validate']);
// Validate a bit. ;) String is already checked through request_var(), therefore we do not check this again
switch ($config_definition['validate'])
// Validate a bit. ;) (0 = type, 1 = min, 2= max)
switch ($validator[$type])
{
case 'string':
$length = strlen($cfg_array[$config_name]);
// the column is a VARCHAR
$validator[$max] = (isset($validator[$max])) ? min(255, $validator[$max]) : 255;
if (isset($validator[$min]) && $length < $validator[$min])
{
$error[] = sprintf($user->lang['SETTING_TOO_SHORT'], $user->lang[$config_definition['lang']], $validator[$min]);
}
else if (isset($validator[$max]) && $length > $validator[2])
{
$error[] = sprintf($user->lang['SETTING_TOO_LONG'], $user->lang[$config_definition['lang']], $validator[$max]);
}
break;
case 'bool':
$cfg_array[$config_name] = ($cfg_array[$config_name]) ? 1 : 0;
break;
case 'int':
$cfg_array[$config_name] = (int) $cfg_array[$config_name];
if (isset($validator[$min]) && $cfg_array[$config_name] < $validator[$min])
{
$error[] = sprintf($user->lang['SETTING_TOO_LOW'], $user->lang[$config_definition['lang']], $validator[$min]);
}
else if (isset($validator[$max]) && $cfg_array[$config_name] > $validator[$max])
{
$error[] = sprintf($user->lang['SETTING_TOO_BIG'], $user->lang[$config_definition['lang']], $validator[$max]);
}
break;
// Absolute path
@ -508,4 +539,62 @@ function validate_config_vars($config_vars, &$cfg_array, &$error)
return;
}
/**
* Checks whatever or not a variable is OK for use in the Database
* param mixed $value_ary An array of the form array(array('lang' => ..., 'value' => ..., 'column_type' =>))'
* param mixed $error The error array
*/
function validate_range($value_ary, &$error)
{
global $user;
$column_types = array(
'BOOL' => array('php_type' => 'int', 'min' => 0, 'max' => 1),
'USINT' => array('php_type' => 'int', 'min' => 0, 'max' => 65535),
'UINT' => array('php_type' => 'int', 'min' => 0, 'max' => (int) 0x7fffffff),
'INT' => array('php_type' => 'int', 'min' => (int) 0x80000000, 'max' => (int) 0x7fffffff),
'TINT' => array('php_type' => 'int', 'min' => -128, 'max' => 127),
'VCHAR' => array('php_type' => 'string', 'min' => 0, 'max' => 255),
);
foreach ($value_ary as $value)
{
$column = explode(':', $value['column_type']);
$max = $min = 0;
$type = 0;
if (!isset($column_types[$column[0]]))
{
continue;
}
else
{
$type = $column_types[$column[0]];
}
switch ($type['php_type'])
{
case 'string' :
$max = (isset($column[1])) ? min($column[1],$type['max']) : $type['max'];
if (strlen($value['value']) > $max)
{
$error[] = sprintf($user->lang['SETTING_TOO_LONG'], $user->lang[$value['lang']], $max);
}
break;
case 'int':
$min = (isset($column[1])) ? max($column[1],$type['min']) : $type['min'];
$max = (isset($column[2])) ? min($column[2],$type['max']) : $type['max'];
if ($value['value'] < $min)
{
$error[] = sprintf($user->lang['SETTING_TOO_LOW'], $user->lang[$value['lang']], $min);
}
else if ($value['value'] > $max)
{
$error[] = sprintf($user->lang['SETTING_TOO_BIG'], $user->lang[$value['lang']], $max);
}
break;
}
}
}
?>

6
phpBB/adm/style/acp_attachments.html
View file

@ -122,11 +122,11 @@
{
if (newimage == 'no_image')
{
document.image_upload_icon.src = "{PHPBB_ROOT_PATH}images/spacer.gif";
document.getElementById('image_upload_icon').src = "{PHPBB_ROOT_PATH}images/spacer.gif";
}
else
{
document.image_upload_icon.src = "{PHPBB_ROOT_PATH}{IMG_PATH}/" + newimage;
document.getElementById('image_upload_icon').src = "{PHPBB_ROOT_PATH}{IMG_PATH}/" + newimage;
}
}
@ -192,7 +192,7 @@
<dd><select name="upload_icon" id="upload_icon" onchange="update_image(this.options[selectedIndex].value);">
<option value="no_image"<!-- IF S_NO_IMAGE --> selected="selected"<!-- ENDIF -->>{L_NO_IMAGE}</option>{S_FILENAME_LIST}
</select></dd>
<dd>&nbsp;<img <!-- IF S_NO_IMAGE -->src="{PHPBB_ROOT_PATH}images/spacer.gif"<!-- ELSE -->src="{UPLOAD_ICON_SRC}"<!-- ENDIF --> name="image_upload_icon" alt="" title="" />&nbsp;</dd>
<dd>&nbsp;<img <!-- IF S_NO_IMAGE -->src="{PHPBB_ROOT_PATH}images/spacer.gif"<!-- ELSE -->src="{UPLOAD_ICON_SRC}"<!-- ENDIF --> id="image_upload_icon" alt="" title="" />&nbsp;</dd>
</dl>
<dl>
<dt><label for="extgroup_filesize">{L_MAX_EXTGROUP_FILESIZE}:</label></dt>

4
phpBB/adm/style/acp_bbcodes.html
View file

@ -103,6 +103,10 @@
<td style="text-align: center;">{bbcodes.BBCODE_TAG}</td>
<td style="text-align: right; width: 40px;"><a href="{bbcodes.U_EDIT}">{ICON_EDIT}</a> <a href="{bbcodes.U_DELETE}">{ICON_DELETE}</a></td>
</tr>
<!-- BEGINELSE -->
<tr class="row3">
<td colspan="2">{L_ACP_NO_ITEMS}</td>
</tr>
<!-- END bbcodes -->
</tbody>
</table>

24
phpBB/adm/style/acp_database.html
View file

@ -7,8 +7,9 @@
<p>{L_ACP_RESTORE_EXPLAIN}</p>
<!-- IF .files -->
<form id="acp_backup" method="post" action="{U_ACTION}">
<fieldset>
<legend>{L_RESTORE_OPTIONS}</legend>
<dl>
@ -16,16 +17,19 @@
<dd><select id="file" name="file" size="10"><!-- BEGIN files --><option value="{files.FILE}"<!-- IF files.S_LAST_ROW --> selected="selected"<!-- ENDIF -->>{files.NAME}</option><!-- END files --></select></dd>
</dl>
<!-- IF .files -->
<p class="submit-buttons">
<input class="button1" type="submit" id="submit" name="submit" value="{L_START_RESTORE}" />&nbsp;
<input class="button2" type="submit" id="delete" name="delete" value="{L_DELETE_BACKUP}" />&nbsp;
<input class="button2" type="submit" id="download" name="download" value="{L_DOWNLOAD_BACKUP}" />
</p>
<!-- ENDIF -->
{S_FORM_TOKEN}
<p class="submit-buttons">
<input class="button1" type="submit" id="submit" name="submit" value="{L_START_RESTORE}" />&nbsp;
<input class="button2" type="submit" id="delete" name="delete" value="{L_DELETE_BACKUP}" />&nbsp;
<input class="button2" type="submit" id="download" name="download" value="{L_DOWNLOAD_BACKUP}" />
</p>
{S_FORM_TOKEN}
</fieldset>
</form>
<!-- ELSE -->
<div class="errorbox">
<p>{L_ACP_NO_ITEMS}</p>
</div>
<!-- ENDIF -->
<!-- ELSE -->
<h1>{L_ACP_BACKUP}</h1>
@ -77,7 +81,7 @@
<option value="{tables.TABLE}">{tables.TABLE}</option>
<!-- END tables -->
</select></dd>
<dd><a href="#" onclick="selector(true)">{L_SELECT_ALL}</a> :: <a href="#" onclick="selector(false)">{L_DESELECT_ALL}</a></dd>
<dd><a href="#" onclick="selector(true); return false;">{L_SELECT_ALL}</a> :: <a href="#" onclick="selector(false); return false;">{L_DESELECT_ALL}</a></dd>
</dl>
<p class="submit-buttons">

7
phpBB/adm/style/acp_forums.html
View file

@ -202,6 +202,11 @@
<dt><label for="forum_status">{L_FORUM_STATUS}:</label></dt>
<dd><select id="forum_status" name="forum_status">{S_STATUS_OPTIONS}</select></dd>
</dl>
<dl>
<dt><label for="display_subforum_list">{L_LIST_SUBFORUMS}:</label><br /><span>{L_LIST_SUBFORUMS_EXPLAIN}</span></dt>
<dd><label><input type="radio" class="radio" name="display_subforum_list" value="1"<!-- IF S_DISPLAY_SUBFORUM_LIST --> id="display_subforum_list" checked="checked"<!-- ENDIF --> /> {L_YES}</label>
<label><input type="radio" class="radio" name="display_subforum_list" value="0"<!-- IF not S_DISPLAY_SUBFORUM_LIST --> id="display_subforum_list" checked="checked"<!-- ENDIF --> /> {L_NO}</label></dd>
</dl>
<dl>
<dt><label for="display_on_index">{L_LIST_INDEX}:</label><br /><span>{L_LIST_INDEX_EXPLAIN}</span></dt>
<dd><label><input type="radio" class="radio" name="display_on_index" value="1"<!-- IF S_DISPLAY_ON_INDEX --> id="display_on_index" checked="checked"<!-- ENDIF --> /> {L_YES}</label>
@ -445,7 +450,7 @@
<!-- IF forums.S_FIRST_ROW && not forums.S_LAST_ROW -->
{ICON_MOVE_UP_DISABLED}
<a href="{forums.U_MOVE_DOWN}">{ICON_MOVE_DOWN}</a>
<!-- ELSEIF not forums.S_FIRST_ROW && not forums.S_LAST_ROW-->
<!-- ELSEIF not forums.S_FIRST_ROW && not forums.S_LAST_ROW -->
<a href="{forums.U_MOVE_UP}">{ICON_MOVE_UP}</a>
<a href="{forums.U_MOVE_DOWN}">{ICON_MOVE_DOWN}</a>
<!-- ELSEIF forums.S_LAST_ROW && not forums.S_FIRST_ROW -->

20
phpBB/adm/style/acp_icons.html
View file

@ -43,19 +43,19 @@
function toggle_select(icon, display, select)
{
var disp = document.getElementById('order_disp[' + icon + ']');
var nodisp = document.getElementById('order_no_disp[' + icon + ']');
var disp = document.getElementById('order_disp_' + select);
var nodisp = document.getElementById('order_no_disp_' + select);
disp.disabled = !display;
nodisp.disabled = display;
if (display)
{
document.getElementById(select).selectedIndex = 0;
document.getElementById('order_' + select).selectedIndex = 0;
nodisp.className = 'disabled-options';
disp.className = '';
}
else
{
document.getElementById(select).selectedIndex = {S_ORDER_LIST_DISPLAY_COUNT};
document.getElementById('order_' + select).selectedIndex = {S_ORDER_LIST_DISPLAY_COUNT};
disp.className = 'disabled-options';
nodisp.className = '';
}
@ -111,15 +111,15 @@
<td><input class="text post" type="text" size="3" name="width[{items.IMG}]" value="{items.WIDTH}" /></td>
<td><input class="text post" type="text" size="3" name="height[{items.IMG}]" value="{items.HEIGHT}" /></td>
<td>
<input type="checkbox" class="radio" name="display_on_posting[{items.IMG}]"{items.POSTING_CHECKED} onclick="toggle_select('{items.A_IMG}', this.checked, 'order[{items.A_IMG}]');"/>
<input type="checkbox" class="radio" name="display_on_posting[{items.IMG}]"{items.POSTING_CHECKED} onclick="toggle_select('{items.A_IMG}', this.checked, '{items.S_ROW_COUNT}');"/>
<!-- IF items.S_ID -->
<input type="hidden" name="id[{items.IMG}]" value="{items.ID}" />
<!-- ENDIF -->
</td>
<!-- IF ID or S_ADD -->
<td><select id="order[{items.IMG}]" name="order[{items.IMG}]">
<optgroup id="order_disp[{items.IMG}]" label="{L_DISPLAY_POSTING}" <!-- IF not items.POSTING_CHECKED -->disabled="disabled" class="disabled-options" <!-- ENDIF -->>{S_ORDER_LIST_DISPLAY}</optgroup>
<optgroup id="order_no_disp[{items.IMG}]" label="{L_DISPLAY_POSTING_NO}" <!-- IF items.POSTING_CHECKED -->disabled="disabled" class="disabled-options" <!-- ENDIF -->>{S_ORDER_LIST_UNDISPLAY}</optgroup>
<td><select id="order_{items.S_ROW_COUNT}" name="order[{items.IMG}]">
<optgroup id="order_disp_{items.S_ROW_COUNT}" label="{L_DISPLAY_POSTING}" <!-- IF not items.POSTING_CHECKED -->disabled="disabled" class="disabled-options" <!-- ENDIF -->>{S_ORDER_LIST_DISPLAY}</optgroup>
<optgroup id="order_no_disp_{items.S_ROW_COUNT}" label="{L_DISPLAY_POSTING_NO}" <!-- IF items.POSTING_CHECKED -->disabled="disabled" class="disabled-options" <!-- ENDIF -->>{S_ORDER_LIST_UNDISPLAY}</optgroup>
</select></td>
<!-- ENDIF -->
<!-- IF S_ADD -->
@ -248,6 +248,10 @@
&nbsp;<a href="{items.U_EDIT}">{ICON_EDIT}</a> <a href="{items.U_DELETE}">{ICON_DELETE}</a>
</td>
</tr>
<!-- BEGINELSE -->
<tr class="row3">
<td colspan="{COLSPAN}">{L_ACP_NO_ITEMS}</td>
</tr>
<!-- END items -->
</tbody>
</table>

2
phpBB/adm/style/acp_language.html
View file

@ -121,9 +121,11 @@
<!--[if lt IE 8]>
<style type="text/css">
/* <![CDATA[ */
input.langvalue, textarea.langvalue {
width: 450px;
}
/* ]]> */
</style>
<![endif]-->

15
phpBB/adm/style/acp_permission_roles.html
View file

@ -28,11 +28,11 @@
<p>{L_EXPLAIN}</p>
<form id="acp_roles" method="post" action="{U_ACTION}">
<br />
<a href="#acl">&raquo; {L_SET_ROLE_PERMISSIONS}</a>
<form id="acp_roles" method="post" action="{U_ACTION}">
<fieldset>
<legend>{L_ROLE_DETAILS}</legend>
<dl>
@ -46,6 +46,7 @@
<p class="quick">
<input type="submit" class="button1" name="submit" value="{L_SUBMIT}" />
{S_FORM_TOKEN}
</p>
</fieldset>
@ -57,11 +58,15 @@
<!-- ENDIF -->
<p>
<a name="acl"></a>
<a href="#maincontent">&raquo; {L_BACK_TO_TOP}</a><br />
<br /><br />
</p>
<h1>{L_ACL_TYPE}</h1>
<fieldset class="perm nolegend">
@ -107,9 +112,9 @@
<!-- IF auth.mask.S_ROW_COUNT is even --><tr class="row4"><!-- ELSE --><tr class="row3"><!-- ENDIF -->
<th class="permissions-name<!-- IF auth.mask.S_ROW_COUNT is even --> row4<!-- ELSE --> row3<!-- ENDIF -->">{auth.mask.PERMISSION}</th>
<td class="permissions-yes"><label for="{auth.mask.FIELD_NAME}_y"><input onchange="set_colours('00{auth.S_ROW_COUNT}', false)" id="setting[{auth.mask.FIELD_NAME}]_y" name="setting[{auth.mask.FIELD_NAME}]" class="radio" type="radio"<!-- IF auth.mask.S_YES --> checked="checked"<!-- ENDIF --> value="1" /></label></td>
<td class="permissions-no"><label for="{auth.mask.FIELD_NAME}_u"><input onchange="set_colours('00{auth.S_ROW_COUNT}', false)" id="setting[{auth.mask.FIELD_NAME}]_u" name="setting[{auth.mask.FIELD_NAME}]" class="radio" type="radio"<!-- IF auth.mask.S_NO --> checked="checked"<!-- ENDIF --> value="-1" /></label></td>
<td class="permissions-never"><label for="{auth.mask.FIELD_NAME}_n"><input onchange="set_colours('00{auth.S_ROW_COUNT}', false)" id="setting[{auth.mask.FIELD_NAME}]_n" name="setting[{auth.mask.FIELD_NAME}]" class="radio" type="radio"<!-- IF auth.mask.S_NEVER --> checked="checked"<!-- ENDIF --> value="0" /></label></td>
<td class="permissions-yes"><label for="setting_{auth.mask.FIELD_NAME}_y"><input onchange="set_colours('00{auth.S_ROW_COUNT}', false)" id="setting_{auth.mask.FIELD_NAME}_y" name="setting[{auth.mask.FIELD_NAME}]" class="radio" type="radio"<!-- IF auth.mask.S_YES --> checked="checked"<!-- ENDIF --> value="1" /></label></td>
<td class="permissions-no"><label for="setting_{auth.mask.FIELD_NAME}_u"><input onchange="set_colours('00{auth.S_ROW_COUNT}', false)" id="setting_{auth.mask.FIELD_NAME}_u" name="setting[{auth.mask.FIELD_NAME}]" class="radio" type="radio"<!-- IF auth.mask.S_NO --> checked="checked"<!-- ENDIF --> value="-1" /></label></td>
<td class="permissions-never"><label for="setting_{auth.mask.FIELD_NAME}_n"><input onchange="set_colours('00{auth.S_ROW_COUNT}', false)" id="setting_{auth.mask.FIELD_NAME}_n" name="setting[{auth.mask.FIELD_NAME}]" class="radio" type="radio"<!-- IF auth.mask.S_NEVER --> checked="checked"<!-- ENDIF --> value="0" /></label></td>
</tr>
<!-- END mask -->
</tbody>

2
phpBB/adm/style/acp_prune_forums.html
View file

@ -44,7 +44,7 @@
<p>{L_LOOK_UP_FORUMS_EXPLAIN}</p>
<dl>
<dt><label for="forum">{L_LOOK_UP_FORUM}:</label></dt>
<dd><select name="f[]" multiple="multiple" size="10">{S_FORUM_OPTIONS}</select></dd>
<dd><select id="forum" name="f[]" multiple="multiple" size="10">{S_FORUM_OPTIONS}</select></dd>
<dd><label><input type="checkbox" class="radio" name="all_forums" value="1" /> {L_ALL_FORUMS}</label></dd>
</dl>

2
phpBB/adm/style/acp_styles.html
View file

@ -459,7 +459,7 @@
</dl>
<dl>
<dt><label for="copyright">{L_COPYRIGHT}:</label></dt>
<dd><!-- IF S_INSTALL --><b id="name">{COPYRIGHT}</b><!-- ELSE --><input type="text" id="copyright" name="copyright" value="{COPYRIGHT}" /><!-- ENDIF --></dd>
<dd><!-- IF S_INSTALL --><b id="copyright">{COPYRIGHT}</b><!-- ELSE --><input type="text" id="copyright" name="copyright" value="{COPYRIGHT}" /><!-- ENDIF --></dd>
</dl>
<!-- IF S_STYLE and not S_BASIS -->
<dl>

4
phpBB/adm/style/acp_words.html
View file

@ -62,6 +62,10 @@
<td style="text-align: center;">{words.REPLACEMENT}</td>
<td>&nbsp;<a href="{words.U_EDIT}">{ICON_EDIT}</a>&nbsp;&nbsp;<a href="{words.U_DELETE}">{ICON_DELETE}</a>&nbsp;</td>
</tr>
<!-- BEGINELSE -->
<tr class="row3">
<td colspan="3">{L_ACP_NO_ITEMS}</td>
</tr>
<!-- END words -->
</tbody>
</table>

4
phpBB/adm/style/colour_swatch.html
View file

@ -8,7 +8,7 @@
<title>{L_COLOUR_SWATCH}</title>
<style type="text/css">
<!--
/* <![CDATA[ */
body {
background-color: #404040;
color: #fff;
@ -29,7 +29,7 @@
img {
border: 0;
}
//-->
/* ]]> */
</style>
</head>

4
phpBB/adm/style/install_update_diff.html
View file

@ -32,7 +32,7 @@ function resize_panel()
</script>
<style type="text/css">
<!--
/* <![CDATA[ */
#main {
font-size: 1em;
@ -198,7 +198,7 @@ table.hrdiff caption span {
<!-- ENDIF -->
//-->
/* ]]> */
</style>
</head>

8
phpBB/common.php
View file

@ -131,7 +131,7 @@ if (!defined('PHPBB_INSTALLED'))
// Redirect the user to the installer
// We have to generate a full HTTP/1.1 header here since we can't guarantee to have any of the information
// available as used by the redirect function
$server_name = (!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME');
$server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'));
$server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT');
$secure = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 1 : 0;
@ -150,7 +150,11 @@ if (!defined('PHPBB_INSTALLED'))
if ($server_port && (($secure && $server_port <> 443) || (!$secure && $server_port <> 80)))
{
$url .= ':' . $server_port;
// HTTP HOST can carry a port number...
if (strpos($server_name, ':') === false)
{
$url .= ':' . $server_port;
}
}
$url .= $script_path;

5
phpBB/develop/create_schema_files.php
View file

@ -1072,6 +1072,7 @@ function get_schema_struct()
'forum_last_poster_name'=> array('VCHAR_UNI', ''),
'forum_last_poster_colour'=> array('VCHAR:6', ''),
'forum_flags' => array('TINT:4', 32),
'display_subforum_list' => array('BOOL', 1),
'display_on_index' => array('BOOL', 1),
'enable_indexing' => array('BOOL', 1),
'enable_icons' => array('BOOL', 1),
@ -1143,7 +1144,7 @@ function get_schema_struct()
),
'PRIMARY_KEY' => 'group_id',
'KEYS' => array(
'group_legend' => array('INDEX', 'group_legend'),
'group_legend_name' => array('INDEX', array('group_legend', 'group_name')),
),
);
@ -1519,6 +1520,7 @@ function get_schema_struct()
'COLUMNS' => array(
'session_id' => array('CHAR:32', ''),
'session_user_id' => array('UINT', 0),
'session_forum_id' => array('UINT', 0),
'session_last_visit' => array('TIMESTAMP', 0),
'session_start' => array('TIMESTAMP', 0),
'session_time' => array('TIMESTAMP', 0),
@ -1534,6 +1536,7 @@ function get_schema_struct()
'KEYS' => array(
'session_time' => array('INDEX', 'session_time'),
'session_user_id' => array('INDEX', 'session_user_id'),
'session_forum_id' => array('INDEX', 'session_forum_id'),
),
);

72
phpBB/docs/CHANGELOG.html
View file

@ -53,6 +53,7 @@
<ol>
<li><a href="#changelog">Changelog</a>
<ol style="list-style-type: lower-roman;">
<li><a href="#v300">Changes since 3.0.0</a></li>
<li><a href="#v30rc8">Changes since RC-8</a></li>
<li><a href="#v30rc7">Changes since RC-7</a></li>
<li><a href="#v30rc6">Changes since RC-6</a></li>
@ -70,7 +71,7 @@
<span class="corners-bottom"><span></span></span></div>
</div>
<hr />
<a name="changelog"></a><h2>1. Changelog</h2>
@ -80,6 +81,75 @@
<div class="content">
<a name="v300"></a><h3>1.i. Changes since 3.0.0</h3>
<ul>
<li>[Change] Validate birthdays (Bug #15004)</li>
<li>[Fix] Allow correct avatar caching for CGI installations. (thanks wildbill)</li>
<li>[Fix] Fix disabling of word censor, now possible again</li>
<li>[Fix] Allow single quotes in db password to be stored within config.php in installer</li>
<li>[Fix] Correctly quote db password for re-display in installer (Bug #16695 / thanks to m313 for reporting too - #s17235)</li>
<li>[Fix] Correctly handle empty imageset entries (Bug #16865)</li>
<li>[Fix] Correctly check empty subjects/messages (Bug #17915)</li>
<li>[Change] Do not check usernames against word censor list. Disallowed usernames is already checked and word censor belong to posts. (Bug #17745)</li>
<li>[Fix] Additionally include non-postable forums for moderators forums shown within the teams list. (Bug #17265)</li>
<li>[Change] Sped up viewforum considerably (also goes towards mcp_forum)</li>
<li>[Fix] Do not split topic list for topics being promoted to announcements after been moved to another forum (Bug #18635)</li>
<li>[Fix] Allow editing usernames within database_update on username cleanup (Bug #18415)</li>
<li>[Fix] Fixing wrong sync() calls if moving all posts by a member in ACP (Bug #18385)</li>
<li>[Fix] Check entered imagemagick path for trailing slash (Bug #18205)</li>
<li>[Fix] Use proper title on index for new/unread posts (Bug #13101) - patch provided by Pyramide</li>
<li>[Fix] Allow calls to $user->set_cookie() define no cookie time for setting session cookies (Bug #18025)</li>
<li>[Fix] Stricter checks on smilie packs (Bug #19675)</li>
<li>[Fix] Gracefully return from cancelling pm drafts (Bug #19675)</li>
<li>[Fix] Possible login problems with IE7 if browser check is activated (Bug #20135)</li>
<li>[Fix] Fix possible database transaction errors if code returns on error and rollback happened (Bug #17025)</li>
<li>[Change] Allow numbers in permission names for modifications, as well as uppercase letters for the request_ part (Bug #20125)</li>
<li>[Fix] Use HTTP_HOST in favor of SERVER_NAME for determining server url for redirection and installation (Bug #19955)</li>
<li>[Fix] Removing s_watching_img from watch_topic_forum() function (Bug #20445)</li>
<li>[Fix] Changing order for post review if more than one post affected (Bug #15249)</li>
<li>[Fix] Language typos/fixes (Bug #20425, #15719, #15429, #14669, #13479, #20795, #21095, #21405, #21715, #21725, #21755, #21865, #15689)</li>
<li>[Fix] Style/Template fixes (Bug #20065, #19405, #19205, #15028, #14934, #14821, #14752, #14497, #13707, #14738, #19725)</li>
<li>[Fix] Tiny code fixes (Bug #20165, #20025, #19795, #14804)</li>
<li>[Fix] Prepend phpbb_root_path to ranks path for displaying ranks (Bug #19075)</li>
<li>[Fix] Allow forum notifications if topic notifications are disabled but forum notifications enabled (Bug #14765)</li>
<li>[Fix] Fixing realpath issues for provider returning the passed value instead of disabling it. This fixes issues with confirm boxes for those hosted on Network Solutions for example. (Bug #20435)</li>
<li>[Fix] Try to sort last active date on memberlist correctly at least on current page (Bug #18665)</li>
<li>[Fix] Handle generation of form tokens when maximum time is set to -1</li>
<li>[Fix] Correctly delete unapproved posts without deleting the topic (Bug #15120)</li>
<li>[Fix] Respect signature permissions in posting (Bug #16029)</li>
<li>[Fix] Users allowed to resign only from open and freely open groups (Bug #19355)</li>
<li>[Fix] Assign a last viewed date to converted topics (Bug #16565)</li>
<li>[Fix] Many minor and/or cosmetic fixes (Including, but not limited to: #21315, #18575, #18435, #21215)</li>
<li>[Feature] New option to hide the entire list of subforums on listforums</li>
<li>[Fix] Custom BBCode {EMAIL}-Token usage (Bug #21155)</li>
<li>[Fix] Do not rely on parameter returned by unlink() for verifying cache directory write permission (Bug #19565)</li>
<li>[Change] Use correct string for filesize (MiB instead of MB for example)</li>
<li>[Change] Remove left join for query used to retrieve already assigned users and groups within permission panel (Bug #20235)</li>
<li>[Fix] Correctly return sole whitespaces if used with BBCodes (Bug #19535)</li>
<li>[Fix] Quote bbcode parsing adding too much closing tags on special conditions (Bug #20735)</li>
<li>[Change] Added sanity checks to various ACP settings</li>
<li>[Change] Removed minimum form times</li>
<li>[Fix] Check topics_per_page value in acp_forums (Bug #15539)</li>
<li>[Fix] Custom profile fields with date type should be timezone independend (Bug #15003)</li>
<li>[Fix] Fixing some XHTML errors/warnings within the ACP (Bug #22875)</li>
<li>[Fix] Warnings if poll title/options exceed maximum characters per post (Bug #22865)</li>
<li>[Fix] Do not allow selecting non-authorized groups within memberlist by adjusting URL (Bug #22805 - patch provided by ToonArmy)</li>
<li>[Fix] Correctly specify &quot;close report action&quot; (Bug #22685)</li>
<li>[Fix] Display &quot;empty password error&quot; within the login box instead of issuing a general error (Bug #22525)</li>
<li>[Fix] Clean up who is online code in page_header (Bug #22715, thanks HighwayofLife)</li>
<li>[Fix] Pertain select single link on memberlist (Bug #23235 - patch provided by Schumi)</li>
<li>[Fix] Allow &amp; and | in local part of email addresses (Bug #22995)</li>
<li>[Fix] Do not error out if php_uname function disabled / Authenticating on SMTP Server (Bug #22235 - patch by HoL)</li>
<li>[Fix] Correctly obtain to be ignored users within topic/forum notification (Bug #21795 - patch provided by dr.death)</li>
<li>[Fix] Correctly update board statistics for attaching orphaned files to existing posts (Bug #20185)</li>
<li>[Fix] Do not detect the board URL as a link twice in posts (Bug #19215)</li>
<li>[Fix] Set correct error reporting in style.php to avoid blank pages after CSS changes (Bug #23885)</li>
<li>[Fix] If pruning users based on last activity, do not include users never logged in before (Bug #18105)</li>
<li>[Sec] Only allow searching by email address in memberlist for users having the a_user permission (reported by evil&lt;3)</li>
<li>[Sec] Limit private message attachments to be viewable only by the recipient(s)/sender (Report #s23535) - reported by AlleyKat</li>
</ul>
<a name="v30rc8"></a><h3>1.i. Changes since 3.0.RC8</h3>
<ul>

6
phpBB/docs/INSTALL.html
View file

@ -281,9 +281,9 @@
<a name="update_patch"></a><h3>4.iii. Patch file</h3>
<p>The patch file package is for those wanting to update through the patch application, and being compfortable with it.</p>
<p>The patch file package is for those wanting to update through the patch application, and being comfortable with it.</p>
<p>The patch file is one solution for those with many Modifications (MODs) or other changes who do not want to re-add them back to all the changed files if they use the method explained above. To use this you will need command line access to a standard UNIX type <strong>patch</strong> application. If you do not have access to such an application but still want to use this update approach, we strongly recommend the <a href="update_auto">Automatic update package</a> explained below. It is also the preferred update method.</p>
<p>The patch file is one solution for those with many Modifications (MODs) or other changes who do not want to re-add them back to all the changed files if they use the method explained above. To use this you will need command line access to a standard UNIX type <strong>patch</strong> application. If you do not have access to such an application but still want to use this update approach, we strongly recommend the <a href="#update_auto">Automatic update package</a> explained below. It is also the preferred update method.</p>
<p>A number of patch files are provided to allow you to update from previous stable releases. Select the correct patch, e.g. if your current version is 3.0.0 you need the phpBB-3.0.0_to_3.0.1.patch file. Place the correct patch in the parent directory containing the phpBB3 core files (i.e. index.php, viewforum.php, etc.). With this done you should run the following command: <strong>patch -cl -d [PHPBB DIRECTORY] -p1 &lt; [PATCH NAME]</strong> (where PHPBB DIRECTORY is the directory name your phpBB Installation resides in, for example phpBB3, and where PATCH NAME is the relevant filename of the selected patch file). This should complete quickly, hopefully without any HUNK FAILED comments.</p>
@ -369,7 +369,7 @@
<p><strong>Password conversion</strong> Due to the utf-8 based handling of passwords in phpBB3, it is not always possible to transfer all passwords. For passwords "lost in translation" the easiest workaround is to use the "forgotten password" function.</p>
<p><strong>Path to your former board</strong> The converter expects the relative path to your old board's files. So, -for instance - if the new board is located at <code>http://www.yourdomain.com/forum</code> and the phpBB3 is located at <code>http://www.yourdomain.com/phpBB3</code>, then the correct value would be <code>../forum</code>. Note that the webserver user must be able to access the source installation's files.</p>
<p><strong>Path to your former board</strong> The converter expects the relative path to your old board's files. So, - for instance - if the old board is located at <code>http://www.yourdomain.com/forum</code> and the phpBB3 installation is located at <code>http://www.yourdomain.com/phpBB3</code>, then the correct value would be <code>../forum</code>. Note that the webserver user must be able to access the source installation's files.</p>
<p><strong>Missing images</strong> If your default board language's language pack does not include all images, then some images might be missing in your installation. Always use a complete language pack as default language.</p>

4
phpBB/docs/coding-guidelines.html
View file

@ -110,7 +110,7 @@
<p>If entered with tabs (replace the {TAB}) both equal signs need to be on the same column.</p>
<h3>Linefeeds:</h3>
<p>Ensure that your editor is saving files in the UNIX format. This means lines are terminated with a newline, not with a CR/LF combo as they are on Win32, or whatever the Mac uses. Any decent editor should be able to do this, but it might not always be the default. Know your editor. If you want advice on Windows text editors, just ask one of the developers. Some of them do their editing on Win32.</p>
<p>Ensure that your editor is saving files in the UNIX (LF) line ending format. This means that lines are terminated with a newline, not with Windows Line endings (CR/LF combo) as they are on Win32 or Classic Mac (CR) Line endings. Any decent editor should be able to do this, but it might not always be the default setting. Know your editor. If you want advice for an editor for your Operating System, just ask one of the developers. Some of them do their editing on Win32.
<a name="fileheader"></a><h3>1.ii. File Header</h3>
@ -1059,7 +1059,7 @@ append_sid(&quot;{$phpbb_root_path}memberlist.$phpEx&quot;, 'mode=group&amp;amp;
<span class="comment">&lt;!-- END loopname --&gt;</span>
</pre></div>
<p>A bit later loops will be explained further. To not irretate you we will explain conditionals as well as other statements first.</p>
<p>A bit later loops will be explained further. To not irritate you we will explain conditionals as well as other statements first.</p>
<h4>Including files</h4>
<p>Something that existed in 2.0.x which no longer exists in 3.0.x is the ability to assign a template to a variable. This was used (for example) to output the jumpbox. Instead (perhaps better, perhaps not but certainly more flexible) we now have INCLUDE. This takes the simple form:</p>

4
phpBB/docs/hook_system.html
View file

@ -14,7 +14,7 @@
<title>phpBB3 &bull; Hook System</title>
<style type="text/css">
<!--
/* <![CDATA[ */
/*
The original "prosilver" theme for phpBB3
@ -309,7 +309,7 @@ a:active { color: #368AD2; }
margin-left: 25px;
}
//-->
/* ]]> */
</style>
</head>

66
phpBB/download/file.php
View file

@ -32,7 +32,7 @@ if (isset($_GET['avatar']))
exit;
}
unset($dbpasswd);
// worst-case default
$browser = (!empty($_SERVER['HTTP_USER_AGENT'])) ? htmlspecialchars((string) $_SERVER['HTTP_USER_AGENT']) : 'msie 6.0';
@ -44,11 +44,11 @@ if (isset($_GET['avatar']))
$avatar_group = true;
$filename = substr($filename, 1);
}
// '==' is not a bug - . as the first char is as bad as no dot at all
if (strpos($filename, '.') == false)
{
header('HTTP/1.0 403 forbidden');
header('HTTP/1.0 403 Forbidden');
if (!empty($cache))
{
$cache->unload();
@ -56,33 +56,40 @@ if (isset($_GET['avatar']))
$db->sql_close();
exit;
}
$ext = substr(strrchr($filename, '.'), 1);
$stamp = (int) substr(stristr($filename, '_'), 1);
$filename = (int) $filename;
// let's see if we have to send the file at all
$last_load = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? strtotime(trim($_SERVER['HTTP_IF_MODIFIED_SINCE'])) : false;
if (strpos(strtolower($browser), 'msie 6.0') === false)
{
if ($last_load !== false && $last_load <= $stamp)
{
header('Not Modified', true, 304);
if (@php_sapi_name() === 'CGI')
{
header('Status: 304 Not Modified', true, 304);
}
else
{
header('HTTP/1.0 304 Not Modified', true, 304);
}
// seems that we need those too ... browsers
header('Pragma: public');
header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time() + 31536000));
exit();
}
}
else
{
header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $stamp) . ' GMT');
}
}
if (!in_array($ext, array('png', 'gif', 'jpg', 'jpeg')))
{
// no way such an avatar could exist. They are not following the rules, stop the show.
header("HTTP/1.0 403 forbidden");
header("HTTP/1.0 403 Forbidden");
if (!empty($cache))
{
$cache->unload();
@ -90,11 +97,11 @@ if (isset($_GET['avatar']))
$db->sql_close();
exit;
}
if (!$filename)
{
// no way such an avatar could exist. They are not following the rules, stop the show.
header("HTTP/1.0 403 forbidden");
header("HTTP/1.0 403 Forbidden");
if (!empty($cache))
{
$cache->unload();
@ -201,8 +208,32 @@ else
$row['forum_id'] = false;
if (!$auth->acl_get('u_pm_download'))
{
header('HTTP/1.0 403 Forbidden');
trigger_error('SORRY_AUTH_VIEW_ATTACH');
}
// Check if the attachment is within the users scope...
$sql = 'SELECT user_id, author_id
FROM ' . PRIVMSGS_TO_TABLE . '
WHERE msg_id = ' . $attachment['post_msg_id'];
$result = $db->sql_query($sql);
$allowed = false;
while ($user_row = $db->sql_fetchrow($result))
{
if ($user->data['user_id'] == $user_row['user_id'] || $user->data['user_id'] == $user_row['author_id'])
{
$allowed = true;
break;
}
}
$db->sql_freeresult($result);
if (!$allowed)
{
header('HTTP/1.0 403 Forbidden');
trigger_error('ERROR_NO_ATTACHMENT');
}
}
// disallowed?
@ -215,6 +246,7 @@ else
if (!download_allowed())
{
header('HTTP/1.0 403 Forbidden');
trigger_error($user->lang['LINKAGE_FORBIDDEN']);
}
@ -273,7 +305,7 @@ else
{
trigger_error($user->lang['PHYSICAL_DOWNLOAD_NOT_POSSIBLE']);
}
redirect($phpbb_root_path . $config['upload_path'] . '/' . $attachment['physical_filename']);
exit;
}
@ -460,7 +492,7 @@ function send_file_to_browser($attachment, $upload_dir, $category)
{
header('Content-Disposition: ' . ((strpos($attachment['mimetype'], 'image') === 0) ? 'inline' : 'attachment') . '; ' . header_filename(htmlspecialchars_decode($attachment['real_filename'])));
}
if ($size)
{
header("Content-Length: $size");
@ -549,9 +581,9 @@ function download_allowed()
}
}
}
// Check for own server...
$server_name = (!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME');
$server_name = $user->host;
// Forcing server vars is the only way to specify/override the protocol
if ($config['force_server_vars'] || !$server_name)
@ -563,7 +595,7 @@ function download_allowed()
{
$allowed = true;
}
// Get IP's and Hostnames
if (!$allowed)
{
@ -613,7 +645,7 @@ function download_allowed()
}
$db->sql_freeresult($result);
}
return $allowed;
}

BIN
phpBB/images/smilies/icon_arrow.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 170 B

After

Width:  |  Height:  |  Size: 407 B

BIN
phpBB/images/smilies/icon_cool.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 172 B

After

Width:  |  Height:  |  Size: 408 B

BIN
phpBB/images/smilies/icon_cry.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 498 B

After

Width:  |  Height:  |  Size: 1.6 KiB

BIN
phpBB/images/smilies/icon_e_biggrin.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 413 B

After

Width:  |  Height:  |  Size: 627 B

BIN
phpBB/images/smilies/icon_e_confused.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 410 B

After

Width:  |  Height:  |  Size: 628 B

BIN
phpBB/images/smilies/icon_e_geek.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 410 B

After

Width:  |  Height:  |  Size: 623 B

BIN
phpBB/images/smilies/icon_e_sad.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 420 B

After

Width:  |  Height:  |  Size: 628 B

BIN
phpBB/images/smilies/icon_e_smile.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 416 B

After

Width:  |  Height:  |  Size: 630 B

BIN
phpBB/images/smilies/icon_e_surprised.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 427 B

After

Width:  |  Height:  |  Size: 415 B

BIN
phpBB/images/smilies/icon_e_ugeek.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 422 B

After

Width:  |  Height:  |  Size: 631 B

BIN
phpBB/images/smilies/icon_e_wink.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 413 B

After

Width:  |  Height:  |  Size: 630 B

BIN
phpBB/images/smilies/icon_eek.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 170 B

After

Width:  |  Height:  |  Size: 619 B

BIN
phpBB/images/smilies/icon_evil.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 236 B

After

Width:  |  Height:  |  Size: 648 B

BIN
phpBB/images/smilies/icon_exclaim.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 236 B

After

Width:  |  Height:  |  Size: 632 B

BIN
phpBB/images/smilies/icon_idea.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 176 B

After

Width:  |  Height:  |  Size: 411 B

BIN
phpBB/images/smilies/icon_lol.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 336 B

After

Width:  |  Height:  |  Size: 707 B

BIN
phpBB/images/smilies/icon_mad.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 174 B

After

Width:  |  Height:  |  Size: 646 B

BIN
phpBB/images/smilies/icon_mrgreen.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 349 B

After

Width:  |  Height:  |  Size: 608 B

BIN
phpBB/images/smilies/icon_neutral.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 171 B

After

Width:  |  Height:  |  Size: 621 B

BIN
phpBB/images/smilies/icon_question.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 248 B

After

Width:  |  Height:  |  Size: 643 B

BIN
phpBB/images/smilies/icon_razz.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 176 B

After

Width:  |  Height:  |  Size: 645 B

BIN
phpBB/images/smilies/icon_redface.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 650 B

After

Width:  |  Height:  |  Size: 2.9 KiB

BIN
phpBB/images/smilies/icon_rolleyes.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 485 B

After

Width:  |  Height:  |  Size: 1.1 KiB

BIN
phpBB/images/smilies/icon_twisted.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 238 B

After

Width:  |  Height:  |  Size: 636 B

10
phpBB/includes/acm/acm_file.php
View file

@ -312,7 +312,7 @@ class acm
if ($var_name[0] == '_')
{
$this->remove_file($this->cache_dir . 'data' . $var_name . ".$phpEx");
$this->remove_file($this->cache_dir . 'data' . $var_name . ".$phpEx", true);
}
else if (isset($this->vars[$var_name]))
{
@ -375,7 +375,7 @@ class acm
}
else if ($expired)
{
$this->remove_file($this->cache_dir . 'sql_' . md5($query) . ".$phpEx");
$this->remove_file($this->cache_dir . 'sql_' . md5($query) . ".$phpEx", true);
return false;
}
@ -489,13 +489,15 @@ class acm
/**
* Removes/unlinks file
*/
function remove_file($filename)
function remove_file($filename, $check = false)
{
if (!@unlink($filename))
if ($check && !@is_writeable($this->cache_dir))
{
// E_USER_ERROR - not using language entry - intended.
trigger_error('Unable to remove files within ' . $this->cache_dir . '. Please check directory permissions.', E_USER_ERROR);
}
return @unlink($filename);
}
}

67
phpBB/includes/acp/acp_attachments.php
View file

@ -23,7 +23,7 @@ class acp_attachments
{
var $u_action;
var $new_config;
function main($id, $mode)
{
global $db, $user, $auth, $template, $cache;
@ -56,7 +56,7 @@ class acp_attachments
case 'ext_groups':
$l_title = 'ACP_EXTENSION_GROUPS';
break;
case 'orphan':
$l_title = 'ACP_ORPHAN_ATTACHMENTS';
break;
@ -152,7 +152,7 @@ class acp_attachments
if (in_array($config_name, array('attachment_quota', 'max_filesize', 'max_filesize_pm')))
{
$size_var = request_var($config_name, '');
$this->new_config[$config_name] = $config_value = ($size_var == 'kb') ? round($config_value * 1024) : (($size_var == 'mb') ? round($config_value * 1048576) : $config_value);
$this->new_config[$config_name] = $config_value = ($size_var == 'kb') ? ($config_value << 10) : (($size_var == 'mb') ? ($config_value << 20) : $config_value);
}
if ($submit)
@ -184,7 +184,18 @@ class acp_attachments
}
// We strip eventually manual added convert program, we only want the patch
$this->new_config['img_imagick'] = str_replace(array('convert', '.exe'), array('', ''), $this->new_config['img_imagick']);
if ($this->new_config['img_imagick'])
{
// Change path separator
$this->new_config['img_imagick'] = str_replace('\\', '/', $this->new_config['img_imagick']);
$this->new_config['img_imagick'] = str_replace(array('convert', '.exe'), array('', ''), $this->new_config['img_imagick']);
// Check for trailing slash
if (substr($this->new_config['img_imagick'], -1) !== '/')
{
$this->new_config['img_imagick'] .= '/';
}
}
$supported_types = get_supported_image_types();
@ -201,7 +212,7 @@ class acp_attachments
// Secure Download Options - Same procedure as with banning
$allow_deny = ($this->new_config['secure_allow_deny']) ? 'ALLOWED' : 'DISALLOWED';
$sql = 'SELECT *
FROM ' . SITELIST_TABLE;
$result = $db->sql_query($sql);
@ -271,7 +282,7 @@ class acp_attachments
'CONTENT' => build_cfg_template($type, $config_key, $this->new_config, $config_key, $vars),
)
);
unset($display_vars['vars'][$config_key]);
}
@ -323,7 +334,7 @@ class acp_attachments
FROM ' . EXTENSIONS_TABLE . '
WHERE ' . $db->sql_in_set('extension_id', $extension_id_list);
$result = $db->sql_query($sql);
$extension_list = '';
while ($row = $db->sql_fetchrow($result))
{
@ -353,7 +364,7 @@ class acp_attachments
FROM ' . EXTENSIONS_TABLE . "
WHERE extension = '" . $db->sql_escape($add_extension) . "'";
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result))
{
$error[] = sprintf($user->lang['EXTENSION_EXIST'], $add_extension);
@ -489,7 +500,7 @@ class acp_attachments
$allowed_forums = request_var('allowed_forums', array(0));
$allow_in_pm = (isset($_POST['allow_in_pm'])) ? true : false;
$max_filesize = request_var('max_filesize', 0);
$max_filesize = ($size_select == 'kb') ? round($max_filesize * 1024) : (($size_select == 'mb') ? round($max_filesize * 1048576) : $max_filesize);
$max_filesize = ($size_select == 'kb') ? ($max_filesize << 10) : (($size_select == 'mb') ? ($max_filesize << 20) : $max_filesize);
$allow_group = (isset($_POST['allow_group'])) ? true : false;
if ($max_filesize == $config['max_filesize'])
@ -592,7 +603,7 @@ class acp_attachments
SET group_id = 0
WHERE group_id = $group_id";
$db->sql_query($sql);
add_log('admin', 'LOG_ATTACH_EXTGROUP_DEL', $group_name);
$cache->destroy('_extensions');
@ -662,8 +673,7 @@ class acp_attachments
}
$size_format = ($ext_group_row['max_filesize'] >= 1048576) ? 'mb' : (($ext_group_row['max_filesize'] >= 1024) ? 'kb' : 'b');
$ext_group_row['max_filesize'] = ($ext_group_row['max_filesize'] >= 1048576) ? round($ext_group_row['max_filesize'] / 1048576 * 100) / 100 : (($ext_group_row['max_filesize'] >= 1024) ? round($ext_group_row['max_filesize'] / 1024 * 100) / 100 : $ext_group_row['max_filesize']);
$ext_group_row['max_filesize'] = get_formatted_filesize($ext_group_row['max_filesize'], false);
$img_path = $config['upload_icons_path'];
@ -889,7 +899,7 @@ class acp_attachments
$upload_list = array();
foreach ($add_files as $attach_id)
{
if (!in_array($attach_id, array_keys($delete_files)) && !empty($post_ids[$attach_id]))
if (!isset($delete_files[$attach_id]) && !empty($post_ids[$attach_id]))
{
$upload_list[$attach_id] = $post_ids[$attach_id];
}
@ -930,6 +940,7 @@ class acp_attachments
AND is_orphan = 1';
$result = $db->sql_query($sql);
$files_added = $space_taken = 0;
while ($row = $db->sql_fetchrow($result))
{
$post_row = $post_info[$upload_list[$row['attach_id']]];
@ -969,9 +980,18 @@ class acp_attachments
WHERE topic_id = ' . $post_row['topic_id'];
$db->sql_query($sql);
$space_taken += $row['filesize'];
$files_added++;
add_log('admin', 'LOG_ATTACH_FILEUPLOAD', $post_row['post_id'], $row['real_filename']);
}
$db->sql_freeresult($result);
if ($files_added)
{
set_config('upload_dir_size', $config['upload_dir_size'] + $space_taken, true);
set_config('num_files', $config['num_files'] + $files_added, true);
}
}
}
@ -989,11 +1009,8 @@ class acp_attachments
while ($row = $db->sql_fetchrow($result))
{
$size_lang = ($row['filesize'] >= 1048576) ? $user->lang['MB'] : (($row['filesize'] >= 1024) ? $user->lang['KB'] : $user->lang['BYTES']);
$row['filesize'] = ($row['filesize'] >= 1048576) ? round((round($row['filesize'] / 1048576 * 100) / 100), 2) : (($row['filesize'] >= 1024) ? round((round($row['filesize'] / 1024 * 100) / 100), 2) : $row['filesize']);
$template->assign_block_vars('orphan', array(
'FILESIZE' => $row['filesize'] . ' ' . $size_lang,
'FILESIZE' => get_formatted_filesize($row['filesize']),
'FILETIME' => $user->format_date($row['filetime']),
'REAL_FILENAME' => basename($row['real_filename']),
'PHYSICAL_FILENAME' => basename($row['physical_filename']),
@ -1039,7 +1056,7 @@ class acp_attachments
ATTACHMENT_CATEGORY_FLASH => $user->lang['CAT_FLASH_FILES'],
ATTACHMENT_CATEGORY_QUICKTIME => $user->lang['CAT_QUICKTIME_FILES'],
);
if ($group_id)
{
$sql = 'SELECT cat_id
@ -1055,7 +1072,7 @@ class acp_attachments
{
$cat_type = ATTACHMENT_CATEGORY_NONE;
}
$group_select = '<select name="' . $select_name . '"' . (($key) ? ' id="' . $key . '"' : '') . '>';
foreach ($types as $type => $mode)
@ -1075,7 +1092,7 @@ class acp_attachments
function group_select($select_name, $default_group = false, $key = '')
{
global $db, $user;
$group_select = '<select name="' . $select_name . '"' . (($key) ? ' id="' . $key . '"' : '') . '>';
$sql = 'SELECT group_id, group_name
@ -1093,7 +1110,7 @@ class acp_attachments
$row['group_id'] = 0;
$row['group_name'] = $user->lang['NOT_ASSIGNED'];
$group_name[] = $row;
for ($i = 0; $i < sizeof($group_name); $i++)
{
if ($default_group === false)
@ -1127,14 +1144,14 @@ class acp_attachments
if (empty($magic_home))
{
$locations = array('C:/WINDOWS/', 'C:/WINNT/', 'C:/WINDOWS/SYSTEM/', 'C:/WINNT/SYSTEM/', 'C:/WINDOWS/SYSTEM32/', 'C:/WINNT/SYSTEM32/', '/usr/bin/', '/usr/sbin/', '/usr/local/bin/', '/usr/local/sbin/', '/opt/', '/usr/imagemagick/', '/usr/bin/imagemagick/');
$path_locations = str_replace('\\', '/', (explode(($exe) ? ';' : ':', getenv('PATH'))));
$path_locations = str_replace('\\', '/', (explode(($exe) ? ';' : ':', getenv('PATH'))));
$locations = array_merge($path_locations, $locations);
foreach ($locations as $location)
{
// The path might not end properly, fudge it
if (substr($location, -1, 1) !== '/')
if (substr($location, -1) !== '/')
{
$location .= '/';
}
@ -1341,7 +1358,7 @@ class acp_attachments
$db->sql_query($sql);
}
}
if (!empty($ip_list_log))
{
// Update log
@ -1399,7 +1416,7 @@ class acp_attachments
{
// Determine size var and adjust the value accordingly
$size_var = ($value >= 1048576) ? 'mb' : (($value >= 1024) ? 'kb' : 'b');
$value = ($value >= 1048576) ? round($value / 1048576 * 100) / 100 : (($value >= 1024) ? round($value / 1024 * 100) / 100 : $value);
$value = get_formatted_filesize($value, false);
return '<input type="text" id="' . $key . '" size="8" maxlength="15" name="config[' . $key . ']" value="' . $value . '" /> <select name="' . $key . '">' . size_select_options($size_var) . '</select>';
}

4
phpBB/includes/acp/acp_bbcodes.php
View file

@ -312,7 +312,7 @@ class acp_bbcodes
'!(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('relative_url')) . ')!e' => "\$this->bbcode_specialchars('$1')"
),
'EMAIL' => array(
'!([a-z0-9]+[a-z0-9\-\._]*@(?:(?:[0-9]{1,3}\.){3,5}[0-9]{1,3}|[a-z0-9]+[a-z0-9\-\._]*\.[a-z]+))!i' => "\$this->bbcode_specialchars('$1')"
'!(' . get_preg_expression('email') . ')!ie' => "\$this->bbcode_specialchars('$1')"
),
'TEXT' => array(
'!(.*?)!es' => "str_replace(array(\"\\r\\n\", '\\\"', '\\'', '(', ')'), array(\"\\n\", '\"', '&#39;', '&#40;', '&#41;'), trim('\$1'))"
@ -334,7 +334,7 @@ class acp_bbcodes
$sp_tokens = array(
'URL' => '(?i)((?:' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('url')) . ')|(?:' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('www_url')) . '))(?-i)',
'LOCAL_URL' => '(?i)(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('relative_url')) . ')(?-i)',
'EMAIL' => '([a-zA-Z0-9]+[a-zA-Z0-9\-\._]*@(?:(?:[0-9]{1,3}\.){3,5}[0-9]{1,3}|[a-zA-Z0-9]+[a-zA-Z0-9\-\._]*\.[a-zA-Z]+))',
'EMAIL' => '(' . get_preg_expression('email') . ')',
'TEXT' => '(.*?)',
'SIMPLETEXT' => '([a-zA-Z0-9-+.,_ ]+)',
'IDENTIFIER' => '([a-zA-Z0-9-_]+)',

106
phpBB/includes/acp/acp_board.php
View file

@ -107,9 +107,9 @@ class acp_board
'allow_avatar_local' => array('lang' => 'ALLOW_LOCAL', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
'allow_avatar_remote' => array('lang' => 'ALLOW_REMOTE', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'allow_avatar_upload' => array('lang' => 'ALLOW_UPLOAD', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
'avatar_filesize' => array('lang' => 'MAX_FILESIZE', 'validate' => 'int', 'type' => 'text:4:10', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']),
'avatar_min' => array('lang' => 'MIN_AVATAR_SIZE', 'validate' => 'int', 'type' => 'dimension:3:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
'avatar_max' => array('lang' => 'MAX_AVATAR_SIZE', 'validate' => 'int', 'type' => 'dimension:3:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
'avatar_filesize' => array('lang' => 'MAX_FILESIZE', 'validate' => 'int:0', 'type' => 'text:4:10', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']),
'avatar_min' => array('lang' => 'MIN_AVATAR_SIZE', 'validate' => 'int:0', 'type' => 'dimension:3:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
'avatar_max' => array('lang' => 'MAX_AVATAR_SIZE', 'validate' => 'int:0', 'type' => 'dimension:3:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
'avatar_path' => array('lang' => 'AVATAR_STORAGE_PATH', 'validate' => 'rwpath', 'type' => 'text:20:255', 'explain' => true),
'avatar_gallery_path' => array('lang' => 'AVATAR_GALLERY_PATH', 'validate' => 'rpath', 'type' => 'text:20:255', 'explain' => true)
)
@ -123,11 +123,11 @@ class acp_board
'vars' => array(
'legend1' => 'GENERAL_SETTINGS',
'allow_privmsg' => array('lang' => 'BOARD_PM', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'pm_max_boxes' => array('lang' => 'BOXES_MAX', 'validate' => 'int', 'type' => 'text:4:4', 'explain' => true),
'pm_max_msgs' => array('lang' => 'BOXES_LIMIT', 'validate' => 'int', 'type' => 'text:4:4', 'explain' => true),
'pm_max_boxes' => array('lang' => 'BOXES_MAX', 'validate' => 'int:0', 'type' => 'text:4:4', 'explain' => true),
'pm_max_msgs' => array('lang' => 'BOXES_LIMIT', 'validate' => 'int:0', 'type' => 'text:4:4', 'explain' => true),
'full_folder_action' => array('lang' => 'FULL_FOLDER_ACTION', 'validate' => 'int', 'type' => 'select', 'method' => 'full_folder_select', 'explain' => true),
'pm_edit_time' => array('lang' => 'PM_EDIT_TIME', 'validate' => 'int', 'type' => 'text:5:5', 'explain' => true, 'append' => ' ' . $user->lang['MINUTES']),
'pm_edit_time' => array('lang' => 'PM_EDIT_TIME', 'validate' => 'int:0', 'type' => 'text:5:5', 'explain' => true, 'append' => ' ' . $user->lang['MINUTES']),
'legend2' => 'GENERAL_OPTIONS',
'allow_mass_pm' => array('lang' => 'ALLOW_MASS_PM', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
'auth_bbcode_pm' => array('lang' => 'ALLOW_BBCODE_PM', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
@ -160,21 +160,21 @@ class acp_board
'legend2' => 'POSTING',
'bump_type' => false,
'edit_time' => array('lang' => 'EDIT_TIME', 'validate' => 'int', 'type' => 'text:5:5', 'explain' => true, 'append' => ' ' . $user->lang['MINUTES']),
'edit_time' => array('lang' => 'EDIT_TIME', 'validate' => 'int:0', 'type' => 'text:5:5', 'explain' => true, 'append' => ' ' . $user->lang['MINUTES']),
'display_last_edited' => array('lang' => 'DISPLAY_LAST_EDITED', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'flood_interval' => array('lang' => 'FLOOD_INTERVAL', 'validate' => 'int', 'type' => 'text:3:10', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
'bump_interval' => array('lang' => 'BUMP_INTERVAL', 'validate' => 'int', 'type' => 'custom', 'method' => 'bump_interval', 'explain' => true),
'topics_per_page' => array('lang' => 'TOPICS_PER_PAGE', 'validate' => 'int', 'type' => 'text:3:4', 'explain' => false),
'posts_per_page' => array('lang' => 'POSTS_PER_PAGE', 'validate' => 'int', 'type' => 'text:3:4', 'explain' => false),
'hot_threshold' => array('lang' => 'HOT_THRESHOLD', 'validate' => 'int', 'type' => 'text:3:4', 'explain' => true),
'max_poll_options' => array('lang' => 'MAX_POLL_OPTIONS', 'validate' => 'int', 'type' => 'text:4:4', 'explain' => false),
'max_post_chars' => array('lang' => 'CHAR_LIMIT', 'validate' => 'int', 'type' => 'text:4:6', 'explain' => true),
'max_post_smilies' => array('lang' => 'SMILIES_LIMIT', 'validate' => 'int', 'type' => 'text:4:4', 'explain' => true),
'max_post_urls' => array('lang' => 'MAX_POST_URLS', 'validate' => 'int', 'type' => 'text:5:4', 'explain' => true),
'max_post_font_size' => array('lang' => 'MAX_POST_FONT_SIZE', 'validate' => 'int', 'type' => 'text:5:4', 'explain' => true, 'append' => ' %'),
'max_quote_depth' => array('lang' => 'QUOTE_DEPTH_LIMIT', 'validate' => 'int', 'type' => 'text:4:4', 'explain' => true),
'max_post_img_width' => array('lang' => 'MAX_POST_IMG_WIDTH', 'validate' => 'int', 'type' => 'text:5:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
'max_post_img_height' => array('lang' => 'MAX_POST_IMG_HEIGHT', 'validate' => 'int', 'type' => 'text:5:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
'flood_interval' => array('lang' => 'FLOOD_INTERVAL', 'validate' => 'int:0', 'type' => 'text:3:10', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
'bump_interval' => array('lang' => 'BUMP_INTERVAL', 'validate' => 'int:0', 'type' => 'custom', 'method' => 'bump_interval', 'explain' => true),
'topics_per_page' => array('lang' => 'TOPICS_PER_PAGE', 'validate' => 'int:1', 'type' => 'text:3:4', 'explain' => false),
'posts_per_page' => array('lang' => 'POSTS_PER_PAGE', 'validate' => 'int:1', 'type' => 'text:3:4', 'explain' => false),
'hot_threshold' => array('lang' => 'HOT_THRESHOLD', 'validate' => 'int:0', 'type' => 'text:3:4', 'explain' => true),
'max_poll_options' => array('lang' => 'MAX_POLL_OPTIONS', 'validate' => 'int:0', 'type' => 'text:4:4', 'explain' => false),
'max_post_chars' => array('lang' => 'CHAR_LIMIT', 'validate' => 'int:0', 'type' => 'text:4:6', 'explain' => true),
'max_post_smilies' => array('lang' => 'SMILIES_LIMIT', 'validate' => 'int:0', 'type' => 'text:4:4', 'explain' => true),
'max_post_urls' => array('lang' => 'MAX_POST_URLS', 'validate' => 'int:0', 'type' => 'text:5:4', 'explain' => true),
'max_post_font_size' => array('lang' => 'MAX_POST_FONT_SIZE', 'validate' => 'int:0', 'type' => 'text:5:4', 'explain' => true, 'append' => ' %'),
'max_quote_depth' => array('lang' => 'QUOTE_DEPTH_LIMIT', 'validate' => 'int:0', 'type' => 'text:4:4', 'explain' => true),
'max_post_img_width' => array('lang' => 'MAX_POST_IMG_WIDTH', 'validate' => 'int:0', 'type' => 'text:5:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
'max_post_img_height' => array('lang' => 'MAX_POST_IMG_HEIGHT', 'validate' => 'int:0', 'type' => 'text:5:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
)
);
break;
@ -192,12 +192,12 @@ class acp_board
'allow_sig_links' => array('lang' => 'ALLOW_SIG_LINKS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'legend2' => 'GENERAL_SETTINGS',
'max_sig_chars' => array('lang' => 'MAX_SIG_LENGTH', 'validate' => 'int', 'type' => 'text:5:4', 'explain' => true),
'max_sig_urls' => array('lang' => 'MAX_SIG_URLS', 'validate' => 'int', 'type' => 'text:5:4', 'explain' => true),
'max_sig_font_size' => array('lang' => 'MAX_SIG_FONT_SIZE', 'validate' => 'int', 'type' => 'text:5:4', 'explain' => true, 'append' => ' %'),
'max_sig_smilies' => array('lang' => 'MAX_SIG_SMILIES', 'validate' => 'int', 'type' => 'text:5:4', 'explain' => true),
'max_sig_img_width' => array('lang' => 'MAX_SIG_IMG_WIDTH', 'validate' => 'int', 'type' => 'text:5:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
'max_sig_img_height' => array('lang' => 'MAX_SIG_IMG_HEIGHT', 'validate' => 'int', 'type' => 'text:5:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
'max_sig_chars' => array('lang' => 'MAX_SIG_LENGTH', 'validate' => 'int:0', 'type' => 'text:5:4', 'explain' => true),
'max_sig_urls' => array('lang' => 'MAX_SIG_URLS', 'validate' => 'int:0', 'type' => 'text:5:4', 'explain' => true),
'max_sig_font_size' => array('lang' => 'MAX_SIG_FONT_SIZE', 'validate' => 'int:0', 'type' => 'text:5:4', 'explain' => true, 'append' => ' %'),
'max_sig_smilies' => array('lang' => 'MAX_SIG_SMILIES', 'validate' => 'int:0', 'type' => 'text:5:4', 'explain' => true),
'max_sig_img_width' => array('lang' => 'MAX_SIG_IMG_WIDTH', 'validate' => 'int:0', 'type' => 'text:5:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
'max_sig_img_height' => array('lang' => 'MAX_SIG_IMG_HEIGHT', 'validate' => 'int:0', 'type' => 'text:5:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
)
);
break;
@ -207,24 +207,22 @@ class acp_board
'title' => 'ACP_REGISTER_SETTINGS',
'vars' => array(
'legend1' => 'GENERAL_SETTINGS',
'max_name_chars' => false,
'max_pass_chars' => false,
'max_name_chars' => array('lang' => 'USERNAME_LENGTH', 'validate' => 'int:8:180', 'type' => false, 'method' => false, 'explain' => false,),
'max_pass_chars' => array('lang' => 'PASSWORD_LENGTH', 'validate' => 'int:8:255', 'type' => false, 'method' => false, 'explain' => false,),
'require_activation' => array('lang' => 'ACC_ACTIVATION', 'validate' => 'int', 'type' => 'custom', 'method' => 'select_acc_activation', 'explain' => true),
'min_name_chars' => array('lang' => 'USERNAME_LENGTH', 'validate' => 'int', 'type' => 'custom', 'method' => 'username_length', 'explain' => true),
'min_pass_chars' => array('lang' => 'PASSWORD_LENGTH', 'validate' => 'int', 'type' => 'custom', 'method' => 'password_length', 'explain' => true),
'min_name_chars' => array('lang' => 'USERNAME_LENGTH', 'validate' => 'int:1', 'type' => 'custom:5:180', 'method' => 'username_length', 'explain' => true),
'min_pass_chars' => array('lang' => 'PASSWORD_LENGTH', 'validate' => 'int:1', 'type' => 'custom', 'method' => 'password_length', 'explain' => true),
'allow_name_chars' => array('lang' => 'USERNAME_CHARS', 'validate' => 'string', 'type' => 'select', 'method' => 'select_username_chars', 'explain' => true),
'pass_complex' => array('lang' => 'PASSWORD_TYPE', 'validate' => 'string', 'type' => 'select', 'method' => 'select_password_chars', 'explain' => true),
'chg_passforce' => array('lang' => 'FORCE_PASS_CHANGE', 'validate' => 'int', 'type' => 'text:3:3', 'explain' => true, 'append' => ' ' . $user->lang['DAYS']),
'chg_passforce' => array('lang' => 'FORCE_PASS_CHANGE', 'validate' => 'int:0', 'type' => 'text:3:3', 'explain' => true, 'append' => ' ' . $user->lang['DAYS']),
'legend2' => 'GENERAL_OPTIONS',
'allow_namechange' => array('lang' => 'ALLOW_NAME_CHANGE', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
'allow_emailreuse' => array('lang' => 'ALLOW_EMAIL_REUSE', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'enable_confirm' => array('lang' => 'VISUAL_CONFIRM_REG', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'max_login_attempts' => array('lang' => 'MAX_LOGIN_ATTEMPTS', 'validate' => 'int', 'type' => 'text:3:3', 'explain' => true),
'max_reg_attempts' => array('lang' => 'REG_LIMIT', 'validate' => 'int', 'type' => 'text:4:4', 'explain' => true),
'min_time_reg' => array('lang' => 'MIN_TIME_REG', 'validate' => 'int', 'type' => 'text:3:3', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
'min_time_terms' => array('lang' => 'MIN_TIME_TERMS', 'validate' => 'int', 'type' => 'text:3:3', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
'max_login_attempts' => array('lang' => 'MAX_LOGIN_ATTEMPTS', 'validate' => 'int:0', 'type' => 'text:3:3', 'explain' => true),
'max_reg_attempts' => array('lang' => 'REG_LIMIT', 'validate' => 'int:0', 'type' => 'text:4:4', 'explain' => true),
'legend3' => 'COPPA',
'coppa_enable' => array('lang' => 'ENABLE_COPPA', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
@ -253,9 +251,9 @@ class acp_board
'vars' => array(
'legend1' => 'GENERAL_SETTINGS',
'limit_load' => array('lang' => 'LIMIT_LOAD', 'validate' => 'string', 'type' => 'text:4:4', 'explain' => true),
'session_length' => array('lang' => 'SESSION_LENGTH', 'validate' => 'int', 'type' => 'text:5:10', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
'active_sessions' => array('lang' => 'LIMIT_SESSIONS', 'validate' => 'int', 'type' => 'text:4:4', 'explain' => true),
'load_online_time' => array('lang' => 'ONLINE_LENGTH', 'validate' => 'int', 'type' => 'text:4:3', 'explain' => true, 'append' => ' ' . $user->lang['MINUTES']),
'session_length' => array('lang' => 'SESSION_LENGTH', 'validate' => 'int:60', 'type' => 'text:5:10', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
'active_sessions' => array('lang' => 'LIMIT_SESSIONS', 'validate' => 'int:0', 'type' => 'text:4:4', 'explain' => true),
'load_online_time' => array('lang' => 'ONLINE_LENGTH', 'validate' => 'int:0', 'type' => 'text:4:3', 'explain' => true, 'append' => ' ' . $user->lang['MINUTES']),
'legend2' => 'GENERAL_OPTIONS',
'load_db_track' => array('lang' => 'YES_POST_MARKING', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
@ -269,7 +267,7 @@ class acp_board
'load_jumpbox' => array('lang' => 'YES_JUMPBOX', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
'load_user_activity' => array('lang' => 'LOAD_USER_ACTIVITY', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'load_tplcompile' => array('lang' => 'RECOMPILE_STYLES', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'legend3' => 'CUSTOM_PROFILE_FIELDS',
'load_cpf_memberlist' => array('lang' => 'LOAD_CPF_MEMBERLIST', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
'load_cpf_viewprofile' => array('lang' => 'LOAD_CPF_VIEWPROFILE', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
@ -305,7 +303,7 @@ class acp_board
'force_server_vars' => array('lang' => 'FORCE_SERVER_VARS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'server_protocol' => array('lang' => 'SERVER_PROTOCOL', 'validate' => 'string', 'type' => 'text:10:10', 'explain' => true),
'server_name' => array('lang' => 'SERVER_NAME', 'validate' => 'string', 'type' => 'text:40:255', 'explain' => true),
'server_port' => array('lang' => 'SERVER_PORT', 'validate' => 'int', 'type' => 'text:5:5', 'explain' => true),
'server_port' => array('lang' => 'SERVER_PORT', 'validate' => 'int:0', 'type' => 'text:5:5', 'explain' => true),
'script_path' => array('lang' => 'SCRIPT_PATH', 'validate' => 'script_path', 'type' => 'text::255', 'explain' => true),
)
);
@ -317,18 +315,17 @@ class acp_board
'vars' => array(
'legend1' => 'ACP_SECURITY_SETTINGS',
'allow_autologin' => array('lang' => 'ALLOW_AUTOLOGIN', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'max_autologin_time' => array('lang' => 'AUTOLOGIN_LENGTH', 'validate' => 'int', 'type' => 'text:5:5', 'explain' => true, 'append' => ' ' . $user->lang['DAYS']),
'max_autologin_time' => array('lang' => 'AUTOLOGIN_LENGTH', 'validate' => 'int:0', 'type' => 'text:5:5', 'explain' => true, 'append' => ' ' . $user->lang['DAYS']),
'ip_check' => array('lang' => 'IP_VALID', 'validate' => 'int', 'type' => 'custom', 'method' => 'select_ip_check', 'explain' => true),
'browser_check' => array('lang' => 'BROWSER_VALID', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'forwarded_for_check' => array('lang' => 'FORWARDED_FOR_VALID', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'check_dnsbl' => array('lang' => 'CHECK_DNSBL', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'email_check_mx' => array('lang' => 'EMAIL_CHECK_MX', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'pass_complex' => array('lang' => 'PASSWORD_TYPE', 'validate' => 'string', 'type' => 'select', 'method' => 'select_password_chars', 'explain' => true),
'chg_passforce' => array('lang' => 'FORCE_PASS_CHANGE', 'validate' => 'int', 'type' => 'text:3:3', 'explain' => true, 'append' => ' ' . $user->lang['DAYS']),
'max_login_attempts' => array('lang' => 'MAX_LOGIN_ATTEMPTS', 'validate' => 'int', 'type' => 'text:3:3', 'explain' => true),
'chg_passforce' => array('lang' => 'FORCE_PASS_CHANGE', 'validate' => 'int:0', 'type' => 'text:3:3', 'explain' => true, 'append' => ' ' . $user->lang['DAYS']),
'max_login_attempts' => array('lang' => 'MAX_LOGIN_ATTEMPTS', 'validate' => 'int:0', 'type' => 'text:3:3', 'explain' => true),
'tpl_allow_php' => array('lang' => 'TPL_ALLOW_PHP', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'form_token_lifetime' => array('lang' => 'FORM_TIME_MAX', 'validate' => 'int', 'type' => 'text:5:5', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
'form_token_mintime' => array('lang' => 'FORM_TIME_MIN', 'validate' => 'int', 'type' => 'text:5:5', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
'form_token_lifetime' => array('lang' => 'FORM_TIME_MAX', 'validate' => 'int:-1', 'type' => 'text:5:5', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
'form_token_sid_guests' => array('lang' => 'FORM_SID_GUESTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
)
@ -343,7 +340,7 @@ class acp_board
'email_enable' => array('lang' => 'ENABLE_EMAIL', 'validate' => 'bool', 'type' => 'radio:enabled_disabled', 'explain' => true),
'board_email_form' => array('lang' => 'BOARD_EMAIL_FORM', 'validate' => 'bool', 'type' => 'radio:enabled_disabled', 'explain' => true),
'email_function_name' => array('lang' => 'EMAIL_FUNCTION_NAME', 'validate' => 'string', 'type' => 'text:20:50', 'explain' => true),
'email_package_size' => array('lang' => 'EMAIL_PACKAGE_SIZE', 'validate' => 'int', 'type' => 'text:5:5', 'explain' => true),
'email_package_size' => array('lang' => 'EMAIL_PACKAGE_SIZE', 'validate' => 'int:0', 'type' => 'text:5:5', 'explain' => true),
'board_contact' => array('lang' => 'CONTACT_EMAIL', 'validate' => 'string', 'type' => 'text:25:100', 'explain' => true),
'board_email' => array('lang' => 'ADMIN_EMAIL', 'validate' => 'string', 'type' => 'text:25:100', 'explain' => true),
'board_email_sig' => array('lang' => 'EMAIL_SIG', 'validate' => 'string', 'type' => 'textarea:5:30', 'explain' => true),
@ -352,7 +349,7 @@ class acp_board
'legend2' => 'SMTP_SETTINGS',
'smtp_delivery' => array('lang' => 'USE_SMTP', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'smtp_host' => array('lang' => 'SMTP_SERVER', 'validate' => 'string', 'type' => 'text:25:50', 'explain' => false),
'smtp_port' => array('lang' => 'SMTP_PORT', 'validate' => 'int', 'type' => 'text:4:5', 'explain' => true),
'smtp_port' => array('lang' => 'SMTP_PORT', 'validate' => 'int:0', 'type' => 'text:4:5', 'explain' => true),
'smtp_auth_method' => array('lang' => 'SMTP_AUTH_METHOD', 'validate' => 'string', 'type' => 'select', 'method' => 'mail_auth_select', 'explain' => true),
'smtp_username' => array('lang' => 'SMTP_USERNAME', 'validate' => 'string', 'type' => 'text:25:255', 'explain' => true),
'smtp_password' => array('lang' => 'SMTP_PASSWORD', 'validate' => 'string', 'type' => 'password:25:255', 'explain' => true)
@ -555,7 +552,14 @@ class acp_board
{
$l_explain = (isset($user->lang[$vars['lang'] . '_EXPLAIN'])) ? $user->lang[$vars['lang'] . '_EXPLAIN'] : '';
}
$content = build_cfg_template($type, $config_key, $this->new_config, $config_key, $vars);
if (empty($content))
{
continue;
}
$template->assign_block_vars('options', array(
'KEY' => $config_key,
'TITLE' => (isset($user->lang[$vars['lang']])) ? $user->lang[$vars['lang']] : $vars['lang'],
@ -564,7 +568,7 @@ class acp_board
'CONTENT' => build_cfg_template($type, $config_key, $this->new_config, $config_key, $vars),
)
);
unset($display_vars['vars'][$config_key]);
}
@ -795,7 +799,7 @@ class acp_board
}
$dateformat_options .= '<option value="custom"';
if (!in_array($value, array_keys($user->lang['dateformats'])))
if (!isset($user->lang['dateformats'][$value]))
{
$dateformat_options .= ' selected="selected"';
}

10
phpBB/includes/acp/acp_forums.php
View file

@ -132,6 +132,7 @@ class acp_forums
'forum_rules_link' => request_var('forum_rules_link', ''),
'forum_image' => request_var('forum_image', ''),
'forum_style' => request_var('forum_style', 0),
'display_subforum_list' => request_var('display_subforum_list', false),
'display_on_index' => request_var('display_on_index', false),
'forum_topics_per_page' => request_var('topics_per_page', 0),
'enable_indexing' => request_var('enable_indexing', true),
@ -471,6 +472,7 @@ class acp_forums
'forum_rules_link' => '',
'forum_image' => '',
'forum_style' => 0,
'display_subforum_list' => true,
'display_on_index' => false,
'forum_topics_per_page' => 0,
'enable_indexing' => true,
@ -670,6 +672,7 @@ class acp_forums
'S_FORUM_CAT' => ($forum_data['forum_type'] == FORUM_CAT) ? true : false,
'S_ENABLE_INDEXING' => ($forum_data['enable_indexing']) ? true : false,
'S_TOPIC_ICONS' => ($forum_data['enable_icons']) ? true : false,
'S_DISPLAY_SUBFORUM_LIST' => ($forum_data['display_subforum_list']) ? true : false,
'S_DISPLAY_ON_INDEX' => ($forum_data['display_on_index']) ? true : false,
'S_PRUNE_ENABLE' => ($forum_data['enable_prune']) ? true : false,
'S_FORUM_LINK_TRACK' => ($forum_data['forum_flags'] & FORUM_FLAG_LINK_TRACK) ? true : false,
@ -915,6 +918,13 @@ class acp_forums
$forum_data['prune_days'] = $forum_data['prune_viewed'] = $forum_data['prune_freq'] = 0;
$errors[] = $user->lang['FORUM_DATA_NEGATIVE'];
}
$range_test_ary = array(
array('lang' => 'FORUM_TOPICS_PAGE', 'value' => $forum_data['forum_topics_per_page'], 'column_type' => 'TINT:0'),
);
validate_range($range_test_ary, $errors);
// Set forum flags
// 1 = link tracking

20
phpBB/includes/acp/acp_icons.php
View file

@ -337,11 +337,16 @@ class acp_icons
}
$icons_updated = 0;
$errors = array();
foreach ($images as $image)
{
if (($mode == 'smilies' && ($image_emotion[$image] == '' || $image_code[$image] == '')) ||
($action == 'create' && !isset($image_add[$image])))
if ($mode == 'smilies' && ($image_emotion[$image] == '' || $image_code[$image] == ''))
{
$errors[$image] = 'SMILIE_NO_' . (($image_emotion[$image] == '') ? 'EMOTION' : 'CODE');
}
else if ($action == 'create' && !isset($image_add[$image]))
{
// skip images where add wasn't checked
}
else
{
@ -431,13 +436,18 @@ class acp_icons
default:
$suc_lang = $lang;
}
$errormsgs = '<br />';
foreach ($errors as $img => $error)
{
$errormsgs .= '<br />' . sprintf($user->lang[$error], $img);
}
if ($action == 'modify')
{
trigger_error($user->lang[$suc_lang . '_EDITED'] . adm_back_link($this->u_action), $level);
trigger_error($user->lang[$suc_lang . '_EDITED'] . $errormsgs . adm_back_link($this->u_action), $level);
}
else
{
trigger_error($user->lang[$suc_lang . '_ADDED'] . adm_back_link($this->u_action), $level);
trigger_error($user->lang[$suc_lang . '_ADDED'] . $errormsgs .adm_back_link($this->u_action), $level);
}
break;
@ -462,7 +472,7 @@ class acp_icons
if (preg_match_all("#'(.*?)', ?#", $pak_entry, $data))
{
if ((sizeof($data[1]) != 4 && $mode == 'icons') ||
(sizeof($data[1]) != 6 && $mode == 'smilies'))
((sizeof($data[1]) != 6 || (empty($data[1][4]) || empty($data[1][5]))) && $mode == 'smilies' ))
{
trigger_error($user->lang['WRONG_PAK_TYPE'] . adm_back_link($this->u_action), E_USER_WARNING);
}

11
phpBB/includes/acp/acp_main.php
View file

@ -310,8 +310,8 @@ class acp_main
$users_per_day = sprintf('%.2f', $total_users / $boarddays);
$files_per_day = sprintf('%.2f', $total_files / $boarddays);
$upload_dir_size = ($config['upload_dir_size'] >= 1048576) ? sprintf('%.2f ' . $user->lang['MB'], ($config['upload_dir_size'] / 1048576)) : (($config['upload_dir_size'] >= 1024) ? sprintf('%.2f ' . $user->lang['KB'], ($config['upload_dir_size'] / 1024)) : sprintf('%.2f ' . $user->lang['BYTES'], $config['upload_dir_size']));
$upload_dir_size = get_formatted_filesize($config['upload_dir_size']);
$avatar_dir_size = 0;
if ($avatar_dir = @opendir($phpbb_root_path . $config['avatar_path']))
@ -325,10 +325,7 @@ class acp_main
}
closedir($avatar_dir);
// This bit of code translates the avatar directory size into human readable format
// Borrowed the code from the PHP.net annoted manual, origanally written by:
// Jesse (jesse@jess.on.ca)
$avatar_dir_size = ($avatar_dir_size >= 1048576) ? sprintf('%.2f ' . $user->lang['MB'], ($avatar_dir_size / 1048576)) : (($avatar_dir_size >= 1024) ? sprintf('%.2f ' . $user->lang['KB'], ($avatar_dir_size / 1024)) : sprintf('%.2f ' . $user->lang['BYTES'], $avatar_dir_size));
$avatar_dir_size = get_formatted_filesize($avatar_dir_size);
}
else
{
@ -392,7 +389,7 @@ class acp_main
'DATABASE_INFO' => $db->sql_server_info(),
'BOARD_VERSION' => $config['version'],
'U_ACTION' => append_sid("{$phpbb_admin_path}index.$phpEx"),
'U_ACTION' => $this->u_action,
'U_ADMIN_LOG' => append_sid("{$phpbb_admin_path}index.$phpEx", 'i=logs&amp;mode=admin'),
'U_INACTIVE_USERS' => append_sid("{$phpbb_admin_path}index.$phpEx", 'i=inactive&amp;mode=list'),

97
phpBB/includes/acp/acp_permissions.php
View file

@ -48,7 +48,7 @@ class acp_permissions
$this->tpl_name = 'permission_trace';
if ($user_id && isset($auth_admin->option_ids[$permission]) && $auth->acl_get('a_viewauth'))
if ($user_id && isset($auth_admin->acl_options['id'][$permission]) && $auth->acl_get('a_viewauth'))
{
$this->page_title = sprintf($user->lang['TRACE_PERMISSION'], $user->lang['acl_' . $permission]['lang']);
$this->permission_trace($user_id, $forum_id, $permission);
@ -124,7 +124,7 @@ class acp_permissions
$forum_id = array();
while ($row = $db->sql_fetchrow($result))
{
$forum_id[] = $row['forum_id'];
$forum_id[] = (int) $row['forum_id'];
}
$db->sql_freeresult($result);
}
@ -133,7 +133,7 @@ class acp_permissions
$forum_id = array();
foreach (get_forum_branch($subforum_id, 'children') as $row)
{
$forum_id[] = $row['forum_id'];
$forum_id[] = (int) $row['forum_id'];
}
}
@ -598,7 +598,7 @@ class acp_permissions
$ids = array();
while ($row = $db->sql_fetchrow($result))
{
$ids[] = $row[$sql_id];
$ids[] = (int) $row[$sql_id];
}
$db->sql_freeresult($result);
}
@ -1117,31 +1117,51 @@ class acp_permissions
global $db, $user;
$sql_forum_id = ($permission_scope == 'global') ? 'AND a.forum_id = 0' : ((sizeof($forum_id)) ? 'AND ' . $db->sql_in_set('a.forum_id', $forum_id) : 'AND a.forum_id <> 0');
$sql_permission_option = ' AND o.auth_option ' . $db->sql_like_expression($permission_type . $db->any_char);
$sql = $db->sql_build_query('SELECT_DISTINCT', array(
'SELECT' => 'u.username, u.username_clean, u.user_regdate, u.user_id',
'FROM' => array(
USERS_TABLE => 'u',
ACL_OPTIONS_TABLE => 'o',
ACL_USERS_TABLE => 'a'
),
// Permission options are only able to be a permission set... therefore we will pre-fetch the possible options and also the possible roles
$option_ids = $role_ids = array();
'LEFT_JOIN' => array(
array(
'FROM' => array(ACL_ROLES_DATA_TABLE => 'r'),
'ON' => 'a.auth_role_id = r.role_id'
)
),
$sql = 'SELECT auth_option_id
FROM ' . ACL_OPTIONS_TABLE . '
WHERE auth_option ' . $db->sql_like_expression($permission_type . $db->any_char);
$result = $db->sql_query($sql);
'WHERE' => "(a.auth_option_id = o.auth_option_id OR r.auth_option_id = o.auth_option_id)
$sql_permission_option
while ($row = $db->sql_fetchrow($result))
{
$option_ids[] = (int) $row['auth_option_id'];
}
$db->sql_freeresult($result);
if (sizeof($option_ids))
{
$sql = 'SELECT DISTINCT role_id
FROM ' . ACL_ROLES_DATA_TABLE . '
WHERE ' . $db->sql_in_set('auth_option_id', $option_ids);
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
$role_ids[] = (int) $row['role_id'];
}
$db->sql_freeresult($result);
}
if (sizeof($option_ids) && sizeof($role_ids))
{
$sql_where = 'AND (' . $db->sql_in_set('a.auth_option_id', $option_ids) . ' OR ' . $db->sql_in_set('a.auth_role_id', $role_ids) . ')';
}
else
{
$sql_where = 'AND ' . $db->sql_in_set('a.auth_option_id', $option_ids);
}
// Not ideal, due to the filesort, non-use of indexes, etc.
$sql = 'SELECT DISTINCT u.user_id, u.username
FROM ' . USERS_TABLE . ' u, ' . ACL_USERS_TABLE . " a
WHERE u.user_id = a.user_id
$sql_forum_id
AND u.user_id = a.user_id",
'ORDER_BY' => 'u.username_clean, u.user_regdate ASC'
));
$sql_where
ORDER BY u.username_clean, u.user_regdate ASC";
$result = $db->sql_query($sql);
$s_defined_user_options = '';
@ -1153,29 +1173,12 @@ class acp_permissions
}
$db->sql_freeresult($result);
$sql = $db->sql_build_query('SELECT_DISTINCT', array(
'SELECT' => 'g.group_type, g.group_name, g.group_id',
'FROM' => array(
GROUPS_TABLE => 'g',
ACL_OPTIONS_TABLE => 'o',
ACL_GROUPS_TABLE => 'a'
),
'LEFT_JOIN' => array(
array(
'FROM' => array(ACL_ROLES_DATA_TABLE => 'r'),
'ON' => 'a.auth_role_id = r.role_id'
)
),
'WHERE' => "(a.auth_option_id = o.auth_option_id OR r.auth_option_id = o.auth_option_id)
$sql_permission_option
$sql = 'SELECT DISTINCT g.group_type, g.group_name, g.group_id
FROM ' . GROUPS_TABLE . ' g, ' . ACL_GROUPS_TABLE . " a
WHERE g.group_id = a.group_id
$sql_forum_id
AND g.group_id = a.group_id",
'ORDER_BY' => 'g.group_type DESC, g.group_name ASC'
));
$sql_where
ORDER BY g.group_type DESC, g.group_name ASC";
$result = $db->sql_query($sql);
$s_defined_group_options = '';

10
phpBB/includes/acp/acp_prune.php
View file

@ -405,7 +405,15 @@ class acp_prune
$where_sql .= ($email) ? ' AND user_email ' . $db->sql_like_expression(str_replace('*', $db->any_char, $email)) . ' ' : '';
$where_sql .= (sizeof($joined)) ? " AND user_regdate " . $key_match[$joined_select] . ' ' . gmmktime(0, 0, 0, (int) $joined[1], (int) $joined[2], (int) $joined[0]) : '';
$where_sql .= ($count !== '') ? " AND user_posts " . $key_match[$count_select] . ' ' . (int) $count . ' ' : '';
$where_sql .= (sizeof($active)) ? " AND user_lastvisit " . $key_match[$active_select] . " " . gmmktime(0, 0, 0, (int) $active[1], (int) $active[2], (int) $active[0]) : '';
if (sizeof($active) && $active_select != 'lt')
{
$where_sql .= ' AND user_lastvisit ' . $key_match[$active_select] . ' ' . gmmktime(0, 0, 0, (int) $active[1], (int) $active[2], (int) $active[0]);
}
else if (sizeof($active))
{
$where_sql .= ' AND (user_lastvisit > 0 AND user_lastvisit < ' . gmmktime(0, 0, 0, (int) $active[1], (int) $active[2], (int) $active[0]) . ')';
}
}
// Protect the admin, do not prune if no options are given...

24
phpBB/includes/acp/acp_search.php
View file

@ -183,6 +183,26 @@ class acp_search
}
}
$search = null;
$error = false;
if (!$this->init_search($config['search_type'], $search, $error))
{
if ($updated)
{
if (method_exists($search, 'config_updated'))
{
if ($search->config_updated())
{
trigger_error($error . adm_back_link($this->u_action), E_USER_WARNING);
}
}
}
}
else
{
trigger_error($error . adm_back_link($this->u_action), E_USER_WARNING);
}
trigger_error($user->lang['CONFIG_UPDATED'] . $extra_message . adm_back_link($this->u_action));
}
unset($cfg_array);
@ -518,9 +538,9 @@ class acp_search
function close_popup_js()
{
return "<script type=\"text/javascript\">\n" .
"<!--\n" .
"// <![CDATA[\n" .
" close_waitscreen = 1;\n" .
"//-->\n" .
"// ]]>\n" .
"</script>\n";
}

2
phpBB/includes/acp/acp_styles.php
View file

@ -1003,7 +1003,7 @@ parse_css_file = {PARSE_CSS_FILE}
'CACHED' => $user->format_date(filemtime("{$phpbb_root_path}cache/$filename")),
'FILENAME' => $file,
'FILESIZE' => sprintf('%.1f KB', filesize("{$phpbb_root_path}cache/$filename") / 1024),
'FILESIZE' => sprintf('%.1f ' . $user->lang['KIB'], filesize("{$phpbb_root_path}cache/$filename") / 1024),
'MODIFIED' => $user->format_date((!$template_row['template_storedb']) ? filemtime("{$phpbb_root_path}styles/{$template_row['template_path']}/template/$tpl_file.html") : $filemtime[$file . '.html']))
);
}

71
phpBB/includes/acp/acp_users.php
View file

@ -411,7 +411,7 @@ class acp_users
$sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
WHERE user_id = $user_id";
$db->sql_query($sql);
add_log('admin', 'LOG_USER_DEL_SIG', $user_row['username']);
add_log('user', $user_id, 'LOG_USER_DEL_SIG_USER');
@ -492,9 +492,9 @@ class acp_users
'update' => true))
);
}
break;
case 'moveposts':
if (!check_form_key($form_name))
@ -630,7 +630,7 @@ class acp_users
}
$forum_id_ary = array_unique($forum_id_ary);
$topic_id_ary = array_unique(array_merge($topic_id_ary, $new_topic_id_ary));
$topic_id_ary = array_unique(array_merge(array_keys($topic_id_ary), $new_topic_id_ary));
if (sizeof($topic_id_ary))
{
@ -835,9 +835,9 @@ class acp_users
{
$quick_tool_ary += array('active' => (($user_row['user_type'] == USER_INACTIVE) ? 'ACTIVATE' : 'DEACTIVATE'));
}
$quick_tool_ary += array('delsig' => 'DEL_SIG', 'delavatar' => 'DEL_AVATAR', 'moveposts' => 'MOVE_POSTS', 'delposts' => 'DEL_POSTS', 'delattach' => 'DEL_ATTACH');
if ($config['email_enable'] && ($user_row['user_type'] == USER_NORMAL || $user_row['user_type'] == USER_INACTIVE))
{
$quick_tool_ary['reactivate'] = 'FORCE';
@ -923,7 +923,7 @@ class acp_users
case 'feedback':
$user->add_lang('mcp');
// Set up general vars
$start = request_var('start', 0);
$deletemark = (isset($_POST['delmarked'])) ? true : false;
@ -980,7 +980,7 @@ class acp_users
trigger_error($user->lang['USER_FEEDBACK_ADDED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
}
// Sorting
$limit_days = array(0 => $user->lang['ALL_ENTRIES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
$sort_by_text = array('u' => $user->lang['SORT_USERNAME'], 't' => $user->lang['SORT_DATE'], 'i' => $user->lang['SORT_IP'], 'o' => $user->lang['SORT_ACTION']);
@ -1060,9 +1060,11 @@ class acp_users
list($data['bday_day'], $data['bday_month'], $data['bday_year']) = explode('-', $user_row['user_birthday']);
}
$data['bday_day'] = request_var('bday_day', $data['bday_day']);
$data['bday_month'] = request_var('bday_month', $data['bday_month']);
$data['bday_year'] = request_var('bday_year', $data['bday_year']);
$data['bday_day'] = request_var('bday_day', $data['bday_day']);
$data['bday_month'] = request_var('bday_month', $data['bday_month']);
$data['bday_year'] = request_var('bday_year', $data['bday_year']);
$data['user_birthday'] = sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']);
if ($submit)
{
@ -1085,6 +1087,7 @@ class acp_users
'bday_day' => array('num', true, 1, 31),
'bday_month' => array('num', true, 1, 12),
'bday_year' => array('num', true, 1901, gmdate('Y', time())),
'user_birthday' => array('date', true),
));
// validate custom profile fields
@ -1111,7 +1114,7 @@ class acp_users
'user_from' => $data['location'],
'user_occ' => $data['occupation'],
'user_interests'=> $data['interests'],
'user_birthday' => sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']),
'user_birthday' => $data['user_birthday'],
);
$sql = 'UPDATE ' . USERS_TABLE . '
@ -1213,7 +1216,7 @@ class acp_users
'S_BIRTHDAY_DAY_OPTIONS' => $s_birthday_day_options,
'S_BIRTHDAY_MONTH_OPTIONS' => $s_birthday_month_options,
'S_BIRTHDAY_YEAR_OPTIONS' => $s_birthday_year_options,
'S_PROFILE' => true)
);
@ -1344,7 +1347,7 @@ class acp_users
$s_custom = false;
$dateformat_options .= '<option value="custom"';
if (!in_array($data['dateformat'], array_keys($user->lang['dateformats'])))
if (!isset($user->lang['dateformats'][$data['dateformat']]))
{
$dateformat_options .= ' selected="selected"';
$s_custom = true;
@ -1392,7 +1395,7 @@ class acp_users
$template->assign_vars(array(
'S_PREFS' => true,
'S_JABBER_DISABLED' => ($config['jab_enable'] && $user_row['user_jabber'] && @extension_loaded('xml')) ? false : true,
'VIEW_EMAIL' => $data['viewemail'],
'MASS_EMAIL' => $data['massemail'],
'ALLOW_PM' => $data['allowpm'],
@ -1413,7 +1416,7 @@ class acp_users
'VIEW_SIGS' => $data['view_sigs'],
'VIEW_AVATARS' => $data['view_avatars'],
'VIEW_WORDCENSOR' => $data['view_wordcensor'],
'S_TOPIC_SORT_DAYS' => $s_limit_topic_days,
'S_TOPIC_SORT_KEY' => $s_sort_topic_key,
'S_TOPIC_SORT_DIR' => $s_sort_topic_dir,
@ -1506,7 +1509,7 @@ class acp_users
trigger_error($user->lang['USER_RANK_UPDATED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
}
$sql = 'SELECT *
FROM ' . RANKS_TABLE . '
WHERE rank_special = 1
@ -1528,9 +1531,9 @@ class acp_users
);
break;
case 'sig':
include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
include_once($phpbb_root_path . 'includes/functions_display.' . $phpEx);
@ -1549,7 +1552,7 @@ class acp_users
// Allowing Quote BBCode
$message_parser->parse($enable_bbcode, $enable_urls, $enable_smilies, $config['allow_sig_img'], $config['allow_sig_flash'], true, $config['allow_sig_links'], true, 'sig');
if (sizeof($message_parser->warn_msg))
{
$error[] = implode('<br />', $message_parser->warn_msg);
@ -1575,13 +1578,13 @@ class acp_users
trigger_error($user->lang['USER_SIG_UPDATED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
}
// Replace "error" strings with their real, localised form
$error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
}
$signature_preview = '';
if ($preview)
{
// Now parse it for displaying
@ -1744,7 +1747,7 @@ class acp_users
'REAL_FILENAME' => $row['real_filename'],
'COMMENT' => nl2br($row['attach_comment']),
'EXTENSION' => $row['extension'],
'SIZE' => ($row['filesize'] >= 1048576) ? ($row['filesize'] >> 20) . ' ' . $user->lang['MB'] : (($row['filesize'] >= 1024) ? ($row['filesize'] >> 10) . ' ' . $user->lang['KB'] : $row['filesize'] . ' ' . $user->lang['BYTES']),
'SIZE' => get_formatted_filesize($row['filesize']),
'DOWNLOAD_COUNT' => $row['download_count'],
'POST_TIME' => $user->format_date($row['filetime']),
'TOPIC_TITLE' => ($row['in_message']) ? $row['message_title'] : $row['topic_title'],
@ -1752,7 +1755,7 @@ class acp_users
'ATTACH_ID' => $row['attach_id'],
'POST_ID' => $row['post_msg_id'],
'TOPIC_ID' => $row['topic_id'],
'S_IN_MESSAGE' => $row['in_message'],
'U_DOWNLOAD' => append_sid("{$phpbb_root_path}download/file.$phpEx", 'mode=view&amp;id=' . $row['attach_id']),
@ -1760,7 +1763,7 @@ class acp_users
);
}
$db->sql_freeresult($result);
$template->assign_vars(array(
'S_ATTACHMENTS' => true,
'S_ON_PAGE' => on_page($num_attachments, $config['topics_per_page'], $start),
@ -1771,14 +1774,14 @@ class acp_users
);
break;
case 'groups':
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
$user->add_lang(array('groups', 'acp/groups'));
$group_id = request_var('g', 0);
if ($group_id)
{
// Check the founder only entry for this group to make sure everything is well
@ -1788,7 +1791,7 @@ class acp_users
$result = $db->sql_query($sql);
$founder_manage = (int) $db->sql_fetchfield('group_founder_manage');
$db->sql_freeresult($result);
if ($user->data['user_type'] != USER_FOUNDER && $founder_manage)
{
trigger_error($user->lang['NOT_ALLOWED_MANAGE_GROUP'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
@ -1798,7 +1801,7 @@ class acp_users
{
$founder_manage = 0;
}
switch ($action)
{
case 'demote':
@ -1829,7 +1832,7 @@ class acp_users
{
trigger_error($user->lang[$error] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
}
$error = array();
}
else
@ -1842,7 +1845,7 @@ class acp_users
'g' => $group_id))
);
}
break;
}
@ -1977,7 +1980,7 @@ class acp_users
$result = $db->sql_query($sql);
$hold_ary = array();
while ($row = $db->sql_fetchrow($result))
{
$hold_ary = $auth_admin->get_mask('view', $user_id, false, false, $row['auth_option'], 'global', ACL_NEVER);
@ -2017,7 +2020,7 @@ class acp_users
'U_USER_PERMISSIONS' => append_sid("{$phpbb_admin_path}index.$phpEx" ,'i=permissions&amp;mode=setting_user_global&amp;user_id[]=' . $user_id),
'U_USER_FORUM_PERMISSIONS' => append_sid("{$phpbb_admin_path}index.$phpEx", 'i=permissions&amp;mode=setting_user_local&amp;user_id[]=' . $user_id))
);
break;
}

48
phpBB/includes/acp/auth.php
View file

@ -22,8 +22,6 @@ if (!defined('IN_PHPBB'))
*/
class auth_admin extends auth
{
var $option_ids = array();
/**
* Init auth settings
*/
@ -33,7 +31,7 @@ class auth_admin extends auth
if (($this->acl_options = $cache->get('_acl_options')) === false)
{
$sql = 'SELECT auth_option, is_global, is_local
$sql = 'SELECT auth_option_id, auth_option, is_global, is_local
FROM ' . ACL_OPTIONS_TABLE . '
ORDER BY auth_option_id';
$result = $db->sql_query($sql);
@ -51,25 +49,14 @@ class auth_admin extends auth
{
$this->acl_options['local'][$row['auth_option']] = $local++;
}
$this->acl_options['id'][$row['auth_option']] = (int) $row['auth_option_id'];
$this->acl_options['option'][(int) $row['auth_option_id']] = $row['auth_option'];
}
$db->sql_freeresult($result);
$cache->put('_acl_options', $this->acl_options);
}
if (!sizeof($this->option_ids))
{
$sql = 'SELECT auth_option_id, auth_option
FROM ' . ACL_OPTIONS_TABLE;
$result = $db->sql_query($sql);
$this->option_ids = array();
while ($row = $db->sql_fetchrow($result))
{
$this->option_ids[$row['auth_option']] = $row['auth_option_id'];
}
$db->sql_freeresult($result);
}
}
/**
@ -126,7 +113,7 @@ class auth_admin extends auth
while ($row = $db->sql_fetchrow($result))
{
$forum_ids[] = $row['forum_id'];
$forum_ids[] = (int) $row['forum_id'];
}
$db->sql_freeresult($result);
}
@ -778,6 +765,10 @@ class auth_admin extends auth
$cache->destroy('_acl_options');
$this->acl_clear_prefetch();
// Because we just changed the options and also purged the options cache, we instantly update/regenerate it for later calls to succeed.
$this->acl_options = array();
$this->auth_admin();
return true;
}
@ -813,7 +804,7 @@ class auth_admin extends auth
$flag = substr($flag, 0, strpos($flag, '_') + 1);
// This ID (the any-flag) is set if one or more permissions are true...
$any_option_id = (int) $this->option_ids[$flag];
$any_option_id = (int) $this->acl_options['id'][$flag];
// Remove any-flag from auth ary
if (isset($auth[$flag]))
@ -825,7 +816,7 @@ class auth_admin extends auth
$auth_option_ids = array((int)$any_option_id);
foreach ($auth as $auth_option => $auth_setting)
{
$auth_option_ids[] = (int) $this->option_ids[$auth_option];
$auth_option_ids[] = (int) $this->acl_options['id'][$auth_option];
}
$sql = "DELETE FROM $table
@ -888,7 +879,7 @@ class auth_admin extends auth
{
foreach ($auth as $auth_option => $setting)
{
$auth_option_id = (int) $this->option_ids[$auth_option];
$auth_option_id = (int) $this->acl_options['id'][$auth_option];
if ($setting != ACL_NO)
{
@ -944,7 +935,7 @@ class auth_admin extends auth
$sql_ary = array();
foreach ($auth as $auth_option => $setting)
{
$auth_option_id = (int) $this->option_ids[$auth_option];
$auth_option_id = (int) $this->acl_options['id'][$auth_option];
if ($setting != ACL_NO)
{
@ -961,7 +952,7 @@ class auth_admin extends auth
{
$sql_ary[] = array(
'role_id' => (int) $role_id,
'auth_option_id' => (int) $this->option_ids[$flag],
'auth_option_id' => (int) $this->acl_options['id'][$flag],
'auth_setting' => ACL_NEVER
);
}
@ -1238,13 +1229,8 @@ class auth_admin extends auth
return false;
}
$hold_ary = $this->acl_raw_data($from_user_id, false, false);
$hold_ary = $this->acl_raw_data_single_user($from_user_id);
if (isset($hold_ary[$from_user_id]))
{
$hold_ary = $hold_ary[$from_user_id];
}
// Key 0 in $hold_ary are global options, all others are forum_ids
// We disallow copying admin permissions
@ -1252,12 +1238,12 @@ class auth_admin extends auth
{
if (strpos($opt, 'a_') === 0)
{
$hold_ary[0][$opt] = ACL_NEVER;
$hold_ary[0][$this->acl_options['id'][$opt]] = ACL_NEVER;
}
}
// Force a_switchperm to be allowed
$hold_ary[0]['a_switchperm'] = ACL_YES;
$hold_ary[0][$this->acl_options['id']['a_switchperm']] = ACL_YES;
$user_permissions = $this->build_bitstring($hold_ary);

460
phpBB/includes/auth.php
View file

@ -39,7 +39,7 @@ class auth
if (($this->acl_options = $cache->get('_acl_options')) === false)
{
$sql = 'SELECT auth_option, is_global, is_local
$sql = 'SELECT auth_option_id, auth_option, is_global, is_local
FROM ' . ACL_OPTIONS_TABLE . '
ORDER BY auth_option_id';
$result = $db->sql_query($sql);
@ -57,6 +57,9 @@ class auth
{
$this->acl_options['local'][$row['auth_option']] = $local++;
}
$this->acl_options['id'][$row['auth_option']] = (int) $row['auth_option_id'];
$this->acl_options['option'][(int) $row['auth_option_id']] = $row['auth_option'];
}
$db->sql_freeresult($result);
@ -302,7 +305,14 @@ class auth
*/
function acl_get_list($user_id = false, $opts = false, $forum_id = false)
{
$hold_ary = $this->acl_raw_data($user_id, $opts, $forum_id);
if ($user_id !== false && !is_array($user_id) && $opts === false && $forum_id === false)
{
$hold_ary = array($user_id => $this->acl_raw_data_single_user($user_id));
}
else
{
$hold_ary = $this->acl_raw_data($user_id, $opts, $forum_id);
}
$auth_ary = array();
foreach ($hold_ary as $user_id => $forum_ary)
@ -332,12 +342,7 @@ class auth
// Empty user_permissions
$userdata['user_permissions'] = '';
$hold_ary = $this->acl_raw_data($userdata['user_id'], false, false);
if (isset($hold_ary[$userdata['user_id']]))
{
$hold_ary = $hold_ary[$userdata['user_id']];
}
$hold_ary = $this->acl_raw_data_single_user($userdata['user_id']);
// Key 0 in $hold_ary are global options, all others are forum_ids
@ -348,42 +353,11 @@ class auth
{
if (strpos($opt, 'a_') === 0)
{
$hold_ary[0][$opt] = ACL_YES;
$hold_ary[0][$this->acl_options['id'][$opt]] = ACL_YES;
}
}
}
// Sometimes, it can happen $hold_ary holding forums which do not exist.
// Since this function is not called that often (we are caching the data) we check for this inconsistency.
$sql = 'SELECT forum_id
FROM ' . FORUMS_TABLE . '
WHERE ' . $db->sql_in_set('forum_id', array_keys($hold_ary), false, true);
$result = $db->sql_query($sql);
$forum_ids = (isset($hold_ary[0])) ? array(0) : array();
while ($row = $db->sql_fetchrow($result))
{
$forum_ids[] = $row['forum_id'];
}
$db->sql_freeresult($result);
// Now determine forums which do not exist and remove the unneeded information (for modding purposes it is clearly the wrong place. ;))
$missing_forums = array_diff(array_keys($hold_ary), $forum_ids);
if (sizeof($missing_forums))
{
foreach ($missing_forums as $forum_id)
{
unset($hold_ary[$forum_id]);
}
$sql = 'DELETE FROM ' . ACL_GROUPS_TABLE . ' WHERE ' . $db->sql_in_set('forum_id', $missing_forums);
$db->sql_query($sql);
$sql = 'DELETE FROM ' . ACL_USERS_TABLE . ' WHERE ' . $db->sql_in_set('forum_id', $missing_forums);
$db->sql_query($sql);
}
$hold_str = $this->build_bitstring($hold_ary);
if ($hold_str)
@ -420,15 +394,15 @@ class auth
$bitstring = array();
foreach ($this->acl_options[$ary_key] as $opt => $id)
{
if (isset($auth_ary[$opt]))
if (isset($auth_ary[$this->acl_options['id'][$opt]]))
{
$bitstring[$id] = $auth_ary[$opt];
$bitstring[$id] = $auth_ary[$this->acl_options['id'][$opt]];
$option_key = substr($opt, 0, strpos($opt, '_') + 1);
// If one option is allowed, the global permission for this option has to be allowed too
// example: if the user has the a_ permission this means he has one or more a_* permissions
if ($auth_ary[$opt] == ACL_YES && (!isset($bitstring[$this->acl_options[$ary_key][$option_key]]) || $bitstring[$this->acl_options[$ary_key][$option_key]] == ACL_NEVER))
if ($auth_ary[$this->acl_options['id'][$opt]] == ACL_YES && (!isset($bitstring[$this->acl_options[$ary_key][$option_key]]) || $bitstring[$this->acl_options[$ary_key][$option_key]] == ACL_NEVER))
{
$bitstring[$this->acl_options[$ary_key][$option_key]] = ACL_YES;
}
@ -466,8 +440,31 @@ class auth
*/
function acl_clear_prefetch($user_id = false)
{
global $db;
global $db, $cache;
// Rebuild options cache
$cache->destroy('_role_cache');
$sql = 'SELECT *
FROM ' . ACL_ROLES_DATA_TABLE . '
ORDER BY role_id ASC';
$result = $db->sql_query($sql);
$this->role_cache = array();
while ($row = $db->sql_fetchrow($result))
{
$this->role_cache[$row['role_id']][$row['auth_option_id']] = (int) $row['auth_setting'];
}
$db->sql_freeresult($result);
foreach ($this->role_cache as $role_id => $role_options)
{
$this->role_cache[$role_id] = serialize($role_options);
}
$cache->put('_role_cache', $this->role_cache);
// Now empty user permissions
$where_sql = '';
if ($user_id !== false)
@ -528,103 +525,35 @@ class auth
$sql_user = ($user_id !== false) ? ((!is_array($user_id)) ? 'user_id = ' . (int) $user_id : $db->sql_in_set('user_id', array_map('intval', $user_id))) : '';
$sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? 'AND a.forum_id = ' . (int) $forum_id : 'AND ' . $db->sql_in_set('a.forum_id', array_map('intval', $forum_id))) : '';
$sql_opts = '';
$sql_opts = $sql_opts_select = $sql_opts_from = '';
$hold_ary = array();
if ($opts !== false)
{
$sql_opts_select = ', ao.auth_option';
$sql_opts_from = ', ' . ACL_OPTIONS_TABLE . ' ao';
$this->build_auth_option_statement('ao.auth_option', $opts, $sql_opts);
}
$hold_ary = array();
$sql_ary = array();
// First grab user settings ... each user has only one setting for each
// option ... so we shouldn't need any ACL_NEVER checks ... he says ...
// Grab assigned roles...
$sql = $db->sql_build_query('SELECT', array(
'SELECT' => 'ao.auth_option, a.auth_role_id, r.auth_setting as role_auth_setting, a.user_id, a.forum_id, a.auth_setting',
'FROM' => array(
ACL_OPTIONS_TABLE => 'ao',
ACL_USERS_TABLE => 'a'
),
'LEFT_JOIN' => array(
array(
'FROM' => array(ACL_ROLES_DATA_TABLE => 'r'),
'ON' => 'a.auth_role_id = r.role_id'
)
),
'WHERE' => '(ao.auth_option_id = a.auth_option_id OR ao.auth_option_id = r.auth_option_id)
' . (($sql_user) ? 'AND a.' . $sql_user : '') . "
// Grab non-role settings - user-specific
$sql_ary[] = 'SELECT a.user_id, a.forum_id, a.auth_setting, a.auth_option_id' . $sql_opts_select . '
FROM ' . ACL_USERS_TABLE . ' a' . $sql_opts_from . '
WHERE a.auth_role_id = 0 ' .
(($sql_opts_from) ? 'AND a.auth_option_id = ao.auth_option_id ' : '') .
(($sql_user) ? 'AND a.' . $sql_user : '') . "
$sql_forum
$sql_opts",
));
$result = $db->sql_query($sql);
$sql_opts";
while ($row = $db->sql_fetchrow($result))
{
$setting = ($row['auth_role_id']) ? $row['role_auth_setting'] : $row['auth_setting'];
$hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] = $setting;
}
$db->sql_freeresult($result);
// Now grab group settings ... ACL_NEVER overrides ACL_YES so act appropriatley
$sql_ary[] = $db->sql_build_query('SELECT', array(
'SELECT' => 'ug.user_id, ao.auth_option, a.forum_id, a.auth_setting, a.auth_role_id, r.auth_setting as role_auth_setting',
'FROM' => array(
USER_GROUP_TABLE => 'ug',
ACL_OPTIONS_TABLE => 'ao',
ACL_GROUPS_TABLE => 'a'
),
'LEFT_JOIN' => array(
array(
'FROM' => array(ACL_ROLES_DATA_TABLE => 'r'),
'ON' => 'a.auth_role_id = r.role_id'
)
),
'WHERE' => 'ao.auth_option_id = a.auth_option_id
AND a.group_id = ug.group_id
AND ug.user_pending = 0
' . (($sql_user) ? 'AND ug.' . $sql_user : '') . "
// Now the role settings - user-specific
$sql_ary[] = 'SELECT a.user_id, a.forum_id, r.auth_option_id, r.auth_setting, r.auth_option_id' . $sql_opts_select . '
FROM ' . ACL_USERS_TABLE . ' a, ' . ACL_ROLES_DATA_TABLE . ' r' . $sql_opts_from . '
WHERE a.auth_role_id = r.role_id ' .
(($sql_opts_from) ? 'AND r.auth_option_id = ao.auth_option_id ' : '') .
(($sql_user) ? 'AND a.' . $sql_user : '') . "
$sql_forum
$sql_opts"
));
$sql_ary[] = $db->sql_build_query('SELECT', array(
'SELECT' => 'ug.user_id, a.forum_id, a.auth_setting, a.auth_role_id, r.auth_setting as role_auth_setting, ao.auth_option' ,
'FROM' => array(
ACL_OPTIONS_TABLE => 'ao'
),
'LEFT_JOIN' => array(
array(
'FROM' => array(ACL_ROLES_DATA_TABLE => 'r'),
'ON' => 'r.auth_option_id = ao.auth_option_id'
),
array(
'FROM' => array(ACL_GROUPS_TABLE => 'a'),
'ON' => 'a.auth_role_id = r.role_id'
),
array(
'FROM' => array(USER_GROUP_TABLE => 'ug'),
'ON' => 'ug.group_id = a.group_id'
)
),
'WHERE' => 'ug.user_pending = 0
' . (($sql_user) ? 'AND ug.' . $sql_user : '') . "
$sql_forum
$sql_opts"
));
$sql_opts";
foreach ($sql_ary as $sql)
{
@ -632,24 +561,62 @@ class auth
while ($row = $db->sql_fetchrow($result))
{
if (!isset($hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']]) || (isset($hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']]) && $hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] != ACL_NEVER))
$option = ($sql_opts_select) ? $row['auth_option'] : $this->acl_options['option'][$row['auth_option_id']];
$hold_ary[$row['user_id']][$row['forum_id']][$option] = $row['auth_setting'];
}
$db->sql_freeresult($result);
}
$sql_ary = array();
// Now grab group settings - non-role specific...
$sql_ary[] = 'SELECT ug.user_id, a.forum_id, a.auth_setting, a.auth_option_id' . $sql_opts_select . '
FROM ' . ACL_GROUPS_TABLE . ' a, ' . USER_GROUP_TABLE . ' ug' . $sql_opts_from . '
WHERE a.auth_role_id = 0 ' .
(($sql_opts_from) ? 'AND a.auth_option_id = ao.auth_option_id ' : '') . '
AND a.group_id = ug.group_id
AND ug.user_pending = 0
' . (($sql_user) ? 'AND ug.' . $sql_user : '') . "
$sql_forum
$sql_opts";
// Now grab group settings - role specific...
$sql_ary[] = 'SELECT ug.user_id, a.forum_id, r.auth_setting, r.auth_option_id' . $sql_opts_select . '
FROM ' . ACL_GROUPS_TABLE . ' a, ' . USER_GROUP_TABLE . ' ug, ' . ACL_ROLES_DATA_TABLE . ' r' . $sql_opts_from . '
WHERE a.auth_role_id = r.role_id ' .
(($sql_opts_from) ? 'AND r.auth_option_id = ao.auth_option_id ' : '') . '
AND a.group_id = ug.group_id
AND ug.user_pending = 0
' . (($sql_user) ? 'AND ug.' . $sql_user : '') . "
$sql_forum
$sql_opts";
foreach ($sql_ary as $sql)
{
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
$option = ($sql_opts_select) ? $row['auth_option'] : $this->acl_options['option'][$row['auth_option_id']];
if (!isset($hold_ary[$row['user_id']][$row['forum_id']][$option]) || (isset($hold_ary[$row['user_id']][$row['forum_id']][$option]) && $hold_ary[$row['user_id']][$row['forum_id']][$option] != ACL_NEVER))
{
$setting = ($row['auth_role_id']) ? $row['role_auth_setting'] : $row['auth_setting'];
$hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] = $setting;
// Check for existence of ACL_YES if an option got set to ACL_NEVER
if ($setting == ACL_NEVER)
$hold_ary[$row['user_id']][$row['forum_id']][$option] = $row['auth_setting'];
// If we detect ACL_NEVER, we will unset the flag option (within building the bitstring it is correctly set again)
if ($row['auth_setting'] == ACL_NEVER)
{
$flag = substr($row['auth_option'], 0, strpos($row['auth_option'], '_') + 1);
$flag = substr($option, 0, strpos($option, '_') + 1);
if (isset($hold_ary[$row['user_id']][$row['forum_id']][$flag]) && $hold_ary[$row['user_id']][$row['forum_id']][$flag] == ACL_YES)
{
unset($hold_ary[$row['user_id']][$row['forum_id']][$flag]);
if (in_array(ACL_YES, $hold_ary[$row['user_id']][$row['forum_id']]))
/* if (in_array(ACL_YES, $hold_ary[$row['user_id']][$row['forum_id']]))
{
$hold_ary[$row['user_id']][$row['forum_id']][$flag] = ACL_YES;
}
*/
}
}
}
@ -671,45 +638,43 @@ class auth
$sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? 'AND a.forum_id = ' . (int) $forum_id : 'AND ' . $db->sql_in_set('a.forum_id', array_map('intval', $forum_id))) : '';
$sql_opts = '';
$hold_ary = $sql_ary = array();
if ($opts !== false)
{
$this->build_auth_option_statement('ao.auth_option', $opts, $sql_opts);
}
$hold_ary = array();
// Grab user settings...
$sql = $db->sql_build_query('SELECT', array(
'SELECT' => 'ao.auth_option, a.auth_role_id, r.auth_setting as role_auth_setting, a.user_id, a.forum_id, a.auth_setting',
'FROM' => array(
ACL_OPTIONS_TABLE => 'ao',
ACL_USERS_TABLE => 'a'
),
'LEFT_JOIN' => array(
array(
'FROM' => array(ACL_ROLES_DATA_TABLE => 'r'),
'ON' => 'a.auth_role_id = r.role_id'
),
),
'WHERE' => '(ao.auth_option_id = a.auth_option_id OR ao.auth_option_id = r.auth_option_id)
' . (($sql_user) ? 'AND a.' . $sql_user : '') . "
// Grab user settings - non-role specific...
$sql_ary[] = 'SELECT a.user_id, a.forum_id, a.auth_setting, a.auth_option_id, ao.auth_option
FROM ' . ACL_USERS_TABLE . ' a, ' . ACL_OPTIONS_TABLE . ' ao
WHERE a.auth_role_id = 0
AND a.auth_option_id = ao.auth_option_id ' .
(($sql_user) ? 'AND a.' . $sql_user : '') . "
$sql_forum
$sql_opts",
$sql_opts
ORDER BY a.forum_id, ao.auth_option";
'ORDER_BY' => 'a.forum_id, ao.auth_option'
));
$result = $db->sql_query($sql);
// Now the role settings - user-specific
$sql_ary[] = 'SELECT a.user_id, a.forum_id, r.auth_option_id, r.auth_setting, r.auth_option_id, ao.auth_option
FROM ' . ACL_USERS_TABLE . ' a, ' . ACL_ROLES_DATA_TABLE . ' r, ' . ACL_OPTIONS_TABLE . ' ao
WHERE a.auth_role_id = r.role_id
AND r.auth_option_id = ao.auth_option_id ' .
(($sql_user) ? 'AND a.' . $sql_user : '') . "
$sql_forum
$sql_opts
ORDER BY a.forum_id, ao.auth_option";
while ($row = $db->sql_fetchrow($result))
foreach ($sql_ary as $sql)
{
$setting = ($row['auth_role_id']) ? $row['role_auth_setting'] : $row['auth_setting'];
$hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] = $setting;
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
$hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] = $row['auth_setting'];
}
$db->sql_freeresult($result);
}
$db->sql_freeresult($result);
return $hold_ary;
}
@ -725,49 +690,158 @@ class auth
$sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? 'AND a.forum_id = ' . (int) $forum_id : 'AND ' . $db->sql_in_set('a.forum_id', array_map('intval', $forum_id))) : '';
$sql_opts = '';
$hold_ary = $sql_ary = array();
if ($opts !== false)
{
$this->build_auth_option_statement('ao.auth_option', $opts, $sql_opts);
}
// Grab group settings - non-role specific...
$sql_ary[] = 'SELECT a.group_id, a.forum_id, a.auth_setting, a.auth_option_id, ao.auth_option
FROM ' . ACL_GROUPS_TABLE . ' a, ' . ACL_OPTIONS_TABLE . ' ao
WHERE a.auth_role_id = 0
AND a.auth_option_id = ao.auth_option_id ' .
(($sql_group) ? 'AND a.' . $sql_group : '') . "
$sql_forum
$sql_opts
ORDER BY a.forum_id, ao.auth_option";
// Now grab group settings - role specific...
$sql_ary[] = 'SELECT a.group_id, a.forum_id, r.auth_setting, r.auth_option_id, ao.auth_option
FROM ' . ACL_GROUPS_TABLE . ' a, ' . ACL_ROLES_DATA_TABLE . ' r, ' . ACL_OPTIONS_TABLE . ' ao
WHERE a.auth_role_id = r.role_id
AND r.auth_option_id = ao.auth_option_id ' .
(($sql_group) ? 'AND a.' . $sql_group : '') . "
$sql_forum
$sql_opts
ORDER BY a.forum_id, ao.auth_option";
foreach ($sql_ary as $sql)
{
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
$hold_ary[$row['group_id']][$row['forum_id']][$row['auth_option']] = $row['auth_setting'];
}
$db->sql_freeresult($result);
}
return $hold_ary;
}
/**
* Get raw acl data based on user for caching user_permissions
* This function returns the same data as acl_raw_data(), but without the user id as the first key within the array.
*/
function acl_raw_data_single_user($user_id)
{
global $db, $cache;
// Check if the role-cache is there
if (($this->role_cache = $cache->get('_role_cache')) === false)
{
$this->role_cache = array();
// We pre-fetch roles
$sql = 'SELECT *
FROM ' . ACL_ROLES_DATA_TABLE . '
ORDER BY role_id ASC';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
$this->role_cache[$row['role_id']][$row['auth_option_id']] = (int) $row['auth_setting'];
}
$db->sql_freeresult($result);
foreach ($this->role_cache as $role_id => $role_options)
{
$this->role_cache[$role_id] = serialize($role_options);
}
$cache->put('_role_cache', $this->role_cache);
}
$hold_ary = array();
// Grab group settings...
$sql = $db->sql_build_query('SELECT', array(
'SELECT' => 'a.group_id, ao.auth_option, a.forum_id, a.auth_setting, a.auth_role_id, r.auth_setting as role_auth_setting',
'FROM' => array(
ACL_OPTIONS_TABLE => 'ao',
ACL_GROUPS_TABLE => 'a'
),
'LEFT_JOIN' => array(
array(
'FROM' => array(ACL_ROLES_DATA_TABLE => 'r'),
'ON' => 'a.auth_role_id = r.role_id'
),
),
'WHERE' => '(ao.auth_option_id = a.auth_option_id OR ao.auth_option_id = r.auth_option_id)
' . (($sql_group) ? 'AND a.' . $sql_group : '') . "
$sql_forum
$sql_opts",
'ORDER_BY' => 'a.forum_id, ao.auth_option'
));
// Grab user-specific permission settings
$sql = 'SELECT forum_id, auth_option_id, auth_role_id, auth_setting
FROM ' . ACL_USERS_TABLE . '
WHERE user_id = ' . $user_id;
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
$setting = ($row['auth_role_id']) ? $row['role_auth_setting'] : $row['auth_setting'];
$hold_ary[$row['group_id']][$row['forum_id']][$row['auth_option']] = $setting;
// If a role is assigned, assign all options included within this role. Else, only set this one option.
if ($row['auth_role_id'])
{
$hold_ary[$row['forum_id']] = (empty($hold_ary[$row['forum_id']])) ? unserialize($this->role_cache[$row['auth_role_id']]) : $hold_ary[$row['forum_id']] + unserialize($this->role_cache[$row['auth_role_id']]);
}
else
{
$hold_ary[$row['forum_id']][$row['auth_option_id']] = $row['auth_setting'];
}
}
$db->sql_freeresult($result);
// Now grab group-specific permission settings
$sql = 'SELECT a.forum_id, a.auth_option_id, a.auth_role_id, a.auth_setting
FROM ' . ACL_GROUPS_TABLE . ' a, ' . USER_GROUP_TABLE . ' ug
WHERE a.group_id = ug.group_id
AND ug.user_pending = 0
AND ug.user_id = ' . $user_id;
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
if (!$row['auth_role_id'])
{
$this->_set_group_hold_ary($hold_ary[$row['forum_id']], $row['auth_option_id'], $row['auth_setting']);
}
else
{
foreach (unserialize($this->role_cache[$row['auth_role_id']]) as $option_id => $setting)
{
$this->_set_group_hold_ary($hold_ary[$row['forum_id']], $option_id, $setting);
}
}
}
$db->sql_freeresult($result);
return $hold_ary;
}
/**
* Private function snippet for setting a specific piece of the hold_ary
*/
function _set_group_hold_ary(&$hold_ary, $option_id, $setting)
{
if (!isset($hold_ary[$option_id]) || (isset($hold_ary[$option_id]) && $hold_ary[$option_id] != ACL_NEVER))
{
$hold_ary[$option_id] = $setting;
// If we detect ACL_NEVER, we will unset the flag option (within building the bitstring it is correctly set again)
if ($setting == ACL_NEVER)
{
$flag = substr($this->acl_options['option'][$option_id], 0, strpos($this->acl_options['option'][$option_id], '_') + 1);
$flag = (int) $this->acl_options['id'][$flag];
if (isset($hold_ary[$flag]) && $hold_ary[$flag] == ACL_YES)
{
unset($hold_ary[$flag]);
/* This is uncommented, because i suspect this being slightly wrong due to mixed permission classes being possible
if (in_array(ACL_YES, $hold_ary))
{
$hold_ary[$flag] = ACL_YES;
}*/
}
}
}
}
/**
* Authentication plug-ins is largely down to Sergey Kanareykin, our thanks to him.
*/

12
phpBB/includes/auth/auth_apache.php
View file

@ -48,8 +48,18 @@ function login_apache(&$username, &$password)
if (!$password)
{
return array(
'status' => LOGIN_BREAK,
'status' => LOGIN_ERROR_PASSWORD,
'error_msg' => 'NO_PASSWORD_SUPPLIED',
'user_row' => array('user_id' => ANONYMOUS),
);
}
if (!$username)
{
return array(
'status' => LOGIN_ERROR_USERNAME,
'error_msg' => 'LOGIN_ERROR_USERNAME',
'user_row' => array('user_id' => ANONYMOUS),
);
}

12
phpBB/includes/auth/auth_db.php
View file

@ -32,8 +32,18 @@ function login_db(&$username, &$password)
if (!$password)
{
return array(
'status' => LOGIN_BREAK,
'status' => LOGIN_ERROR_PASSWORD,
'error_msg' => 'NO_PASSWORD_SUPPLIED',
'user_row' => array('user_id' => ANONYMOUS),
);
}
if (!$username)
{
return array(
'status' => LOGIN_ERROR_USERNAME,
'error_msg' => 'LOGIN_ERROR_USERNAME',
'user_row' => array('user_id' => ANONYMOUS),
);
}

12
phpBB/includes/auth/auth_ldap.php
View file

@ -104,8 +104,18 @@ function login_ldap(&$username, &$password)
if (!$password)
{
return array(
'status' => LOGIN_BREAK,
'status' => LOGIN_ERROR_PASSWORD,
'error_msg' => 'NO_PASSWORD_SUPPLIED',
'user_row' => array('user_id' => ANONYMOUS),
);
}
if (!$username)
{
return array(
'status' => LOGIN_ERROR_USERNAME,
'error_msg' => 'LOGIN_ERROR_USERNAME',
'user_row' => array('user_id' => ANONYMOUS),
);
}

2
phpBB/includes/constants.php
View file

@ -173,7 +173,7 @@ define('FIELD_DATE', 6);
// Additional constants
define('VOTE_CONVERTED', 9999);
define('VOTE_CONVERTED', 127);
// Table names
define('ACL_GROUPS_TABLE', $table_prefix . 'acl_groups');

17
phpBB/includes/db/dbal.php
View file

@ -45,7 +45,9 @@ class dbal
// Holding the last sql query on sql error
var $sql_error_sql = '';
// Holding the error information - only populated if sql_error_triggered is set
var $sql_error_returned = array();
// Holding transaction count
var $transactions = 0;
@ -262,6 +264,13 @@ class dbal
return true;
}
// Check if there is a transaction (no transaction can happen if there was an error, with a combined rollback and error returning enabled)
// This implies we have transaction always set for autocommit db's
if (!$this->transaction)
{
return false;
}
$result = $this->_sql_transaction('commit');
if (!$result)
@ -537,11 +546,11 @@ class dbal
$this->sql_error_triggered = true;
$this->sql_error_sql = $sql;
$error = $this->_sql_error();
$this->sql_error_returned = $this->_sql_error();
if (!$this->return_on_error)
{
$message = 'SQL ERROR [ ' . $this->sql_layer . ' ]<br /><br />' . $error['message'] . ' [' . $error['code'] . ']';
$message = 'SQL ERROR [ ' . $this->sql_layer . ' ]<br /><br />' . $this->sql_error_returned['message'] . ' [' . $this->sql_error_returned['code'] . ']';
// Show complete SQL error and path to administrators only
// Additionally show complete error on installation or if extended debug mode is enabled
@ -598,7 +607,7 @@ class dbal
$this->sql_transaction('rollback');
}
return $error;
return $this->sql_error_returned;
}
/**

10
phpBB/includes/diff/renderer.php
View file

@ -301,7 +301,7 @@ class diff_renderer_unified extends diff_renderer
{
return '<pre class="diff context">' . htmlspecialchars($this->_lines($lines, ' ')) . '<br /></pre>';
}
function _added($lines)
{
return '<pre class="diff added">' . htmlspecialchars($this->_lines($lines, '+')) . '<br /></pre>';
@ -448,7 +448,7 @@ class diff_renderer_inline extends diff_renderer
// Therefore we split on words, but include all blocks of whitespace in the wordlist.
$splitted_text_1 = $this->_split_on_words($text1, $nl);
$splitted_text_2 = $this->_split_on_words($text2, $nl);
$diff = &new diff($splitted_text_1, $splitted_text_2);
unset($splitted_text_1, $splitted_text_2);
@ -463,7 +463,7 @@ class diff_renderer_inline extends diff_renderer
{
// Ignore \0; otherwise the while loop will never finish.
$string = str_replace("\0", '', $string);
$words = array();
$length = strlen($string);
$pos = 0;
@ -537,7 +537,7 @@ class diff_renderer_raw extends diff_renderer
{
return $this->_lines($lines, ' ');
}
function _added($lines)
{
return $this->_lines($lines, '+');
@ -603,7 +603,7 @@ class diff_renderer_side_by_side extends diff_renderer
// Iterate through every header block of changes
foreach ($this->lines as $header)
{
$output .= '<tr><th>Line ' . $header['oldline'] . '</th><th>' . $user->lang['LINE'] . ' ' . $header['newline'] . '</th></tr>';
$output .= '<tr><th>' . $user->lang['LINE'] . ' ' . $header['oldline'] . '</th><th>' . $user->lang['LINE'] . ' ' . $header['newline'] . '</th></tr>';
// Each header block consists of a number of changes (add, remove, change).
$current_context = '';

792
phpBB/includes/functions.php
View file

File diff suppressed because it is too large Load diff

34
phpBB/includes/functions_admin.php
View file

@ -196,7 +196,7 @@ function size_select_options($size_compare)
{
global $user;
$size_types_text = array($user->lang['BYTES'], $user->lang['KB'], $user->lang['MB']);
$size_types_text = array($user->lang['BYTES'], $user->lang['KIB'], $user->lang['MIB']);
$size_types = array('b', 'kb', 'mb');
$s_size_options = '';
@ -2878,14 +2878,7 @@ function get_database_size()
break;
}
if ($database_size !== false)
{
$database_size = ($database_size >= 1048576) ? sprintf('%.2f ' . $user->lang['MB'], ($database_size / 1048576)) : (($database_size >= 1024) ? sprintf('%.2f ' . $user->lang['KB'], ($database_size / 1024)) : sprintf('%.2f ' . $user->lang['BYTES'], $database_size));
}
else
{
$database_size = $user->lang['NOT_AVAILABLE'];
}
$database_size = ($database_size !== false) ? get_formatted_filesize($database_size) : $user->lang['NOT_AVAILABLE'];
return $database_size;
}
@ -2998,6 +2991,29 @@ function tidy_database()
{
global $db;
// Here we check permission consistency
// Sometimes, it can happen permission tables having forums listed which do not exist
$sql = 'SELECT forum_id
FROM ' . FORUMS_TABLE;
$result = $db->sql_query($sql);
$forum_ids = array(0);
while ($row = $db->sql_fetchrow($result))
{
$forum_ids[] = $row['forum_id'];
}
$db->sql_freeresult($result);
// Delete those rows from the acl tables not having listed the forums above
$sql = 'DELETE FROM ' . ACL_GROUPS_TABLE . '
WHERE ' . $db->sql_in_set('forum_id', $forum_ids, true);
$db->sql_query($sql);
$sql = 'DELETE FROM ' . ACL_USERS_TABLE . '
WHERE ' . $db->sql_in_set('forum_id', $forum_ids, true);
$db->sql_query($sql);
set_config('database_last_gc', time(), true);
}

54
phpBB/includes/functions_content.php
View file

@ -67,7 +67,7 @@ function gen_sort_selects(&$limit_days, &$sort_by_text, &$sort_days, &$sort_key,
$sort_dir = key($sort_dir_text);
}
$s_limit_days = '<select name="st">';
$s_limit_days = '<select name="st" id="st">';
foreach ($limit_days as $day => $text)
{
$selected = ($sort_days == $day) ? ' selected="selected"' : '';
@ -75,7 +75,7 @@ function gen_sort_selects(&$limit_days, &$sort_by_text, &$sort_days, &$sort_key,
}
$s_limit_days .= '</select>';
$s_sort_key = '<select name="sk">';
$s_sort_key = '<select name="sk" id="sk">';
foreach ($sort_by_text as $key => $text)
{
$selected = ($sort_key == $key) ? ' selected="selected"' : '';
@ -83,7 +83,7 @@ function gen_sort_selects(&$limit_days, &$sort_by_text, &$sort_days, &$sort_key,
}
$s_sort_key .= '</select>';
$s_sort_dir = '<select name="sd">';
$s_sort_dir = '<select name="sd" id="sd">';
foreach ($sort_dir_text as $key => $value)
{
$selected = ($sort_dir == $key) ? ' selected="selected"' : '';
@ -382,7 +382,7 @@ function strip_bbcode(&$text, $uid = '')
$match = get_preg_expression('bbcode_htm');
$replace = array('\1', '\1', '\2', '\1', '', '');
$text = preg_replace($match, $replace, $text);
}
@ -418,7 +418,7 @@ function generate_text_for_display($text, $uid, $bitfield, $flags)
{
$bbcode->bbcode($bitfield);
}
$bbcode->bbcode_second_pass($text, $uid);
}
@ -492,6 +492,7 @@ function generate_text_for_edit($text, $uid, $flags)
*/
function make_clickable_callback($type, $whitespace, $url, $relative_url, $class)
{
$orig_url = $url . $relative_url;
$append = '';
$url = htmlspecialchars_decode($url);
$relative_url = htmlspecialchars_decode($relative_url);
@ -558,29 +559,39 @@ function make_clickable_callback($type, $whitespace, $url, $relative_url, $class
break;
}
$short_url = (strlen($url) > 55) ? substr($url, 0, 39) . ' ... ' . substr($url, -10) : $url;
switch ($type)
{
case MAGIC_URL_LOCAL:
$tag = 'l';
$relative_url = preg_replace('/[&?]sid=[0-9a-f]{32}$/', '', preg_replace('/([&?])sid=[0-9a-f]{32}&/', '$1', $relative_url));
$url = $url . '/' . $relative_url;
$text = ($relative_url) ? $relative_url : $url;
$text = $relative_url;
// this url goes to http://domain.tld/path/to/board/ which
// would result in an empty link if treated as local so
// don't touch it and let MAGIC_URL_FULL take care of it.
if (!$relative_url)
{
return $orig_url . '/'; // slash is taken away by relative url pattern
}
break;
case MAGIC_URL_FULL:
$tag = 'm';
$text = (strlen($url) > 55) ? substr($url, 0, 39) . ' ... ' . substr($url, -10) : $url;
$text = $short_url;
break;
case MAGIC_URL_WWW:
$tag = 'w';
$url = 'http://' . $url;
$text = (strlen($url) > 55) ? substr($url, 0, 39) . ' ... ' . substr($url, -10) : $url;
$text = $short_url;
break;
case MAGIC_URL_EMAIL:
$tag = 'e';
$text = (strlen($url) > 55) ? substr($url, 0, 39) . ' ... ' . substr($url, -10) : $url;
$text = $short_url;
$url = 'mailto:' . $url;
break;
}
@ -647,12 +658,21 @@ function make_clickable($text, $server_url = false, $class = 'postlink')
function censor_text($text)
{
static $censors;
global $cache;
// We moved the word censor checks in here because we call this function quite often - and then only need to do the check once
if (!isset($censors) || !is_array($censors))
{
// obtain_word_list is taking care of the users censor option and the board-wide option
$censors = $cache->obtain_word_list();
global $config, $user, $auth, $cache;
// We check here if the user is having viewing censors disabled (and also allowed to do so).
if (!$user->optionget('viewcensors') && $config['allow_nocensors'] && $auth->acl_get('u_chgcensors'))
{
$censors = array();
}
else
{
$censors = $cache->obtain_word_list();
}
}
if (sizeof($censors))
@ -792,7 +812,7 @@ function parse_attachments($forum_id, &$message, &$attachments, &$update_count,
$template->destroy_block_vars('_file');
$block_array = array();
// Some basics...
$attachment['extension'] = strtolower(trim($attachment['extension']));
$filename = $phpbb_root_path . $config['upload_path'] . '/' . basename($attachment['physical_filename']);
@ -813,8 +833,8 @@ function parse_attachments($forum_id, &$message, &$attachments, &$update_count,
}
$filesize = $attachment['filesize'];
$size_lang = ($filesize >= 1048576) ? $user->lang['MB'] : ( ($filesize >= 1024) ? $user->lang['KB'] : $user->lang['BYTES'] );
$filesize = ($filesize >= 1048576) ? round((round($filesize / 1048576 * 100) / 100), 2) : (($filesize >= 1024) ? round((round($filesize / 1024 * 100) / 100), 2) : $filesize);
$size_lang = ($filesize >= 1048576) ? $user->lang['MIB'] : (($filesize >= 1024) ? $user->lang['KIB'] : $user->lang['BYTES']);
$filesize = get_formatted_filesize($filesize, false);
$comment = bbcode_nl2br(censor_text($attachment['attach_comment']));
@ -1074,7 +1094,7 @@ function truncate_string($string, $max_length = 60, $allow_reply = true, $append
{
$string = 'Re: ' . $string;
}
if ($append != '' && $stripped)
{
$string = $string . $append;
@ -1193,7 +1213,7 @@ class bitfield
if (strlen($this->data) >= $byte + 1)
{
$c = $this->data[$byte];
// Lookup the ($n % 8)th bit of the byte
$bit = 7 - ($n & 7);
return (bool) (ord($c) & (1 << $bit));

2
phpBB/includes/functions_convert.php
View file

@ -1282,7 +1282,7 @@ function restore_config($schema)
// Most are...
if (is_string($config_value))
{
$config_value = utf8_htmlspecialchars($config_value);
$config_value = truncate_string(utf8_htmlspecialchars($config_value), 255, false);
}
set_config($config_name, $config_value);

20
phpBB/includes/functions_display.php
View file

@ -27,7 +27,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
$forum_rows = $subforums = $forum_ids = $forum_ids_moderator = $forum_moderators = $active_forum_ary = array();
$parent_id = $visible_forums = 0;
$sql_from = '';
// Mark forums read?
$mark_read = request_var('mark', '');
@ -371,7 +371,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
$s_subforums_list = array();
foreach ($subforums_list as $subforum)
{
$s_subforums_list[] = '<a href="' . $subforum['link'] . '" class="subforum ' . (($subforum['unread']) ? 'unread' : 'read') . '">' . $subforum['name'] . '</a>';
$s_subforums_list[] = '<a href="' . $subforum['link'] . '" class="subforum ' . (($subforum['unread']) ? 'unread' : 'read') . '" title="' . (($subforum['unread']) ? $user->lang['NEW_POSTS'] : $user->lang['NO_NEW_POSTS']) . '">' . $subforum['name'] . '</a>';
}
$s_subforums_list = (string) implode(', ', $s_subforums_list);
$catless = ($row['parent_id'] == $root_data['forum_id']) ? true : false;
@ -400,6 +400,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
'S_IS_LINK' => ($row['forum_type'] == FORUM_LINK) ? true : false,
'S_UNREAD_FORUM' => $forum_unread,
'S_LOCKED_FORUM' => ($row['forum_status'] == ITEM_LOCKED) ? true : false,
'S_LIST_SUBFORUMS' => ($row['display_subforum_list']) ? true : false,
'S_SUBFORUMS' => (sizeof($subforums_list)) ? true : false,
'FORUM_ID' => $row['forum_id'],
@ -409,6 +410,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
$l_post_click_count => $post_click_count,
'FORUM_FOLDER_IMG' => $user->img($folder_image, $folder_alt),
'FORUM_FOLDER_IMG_SRC' => $user->img($folder_image, $folder_alt, false, '', 'src'),
'FORUM_FOLDER_IMG_ALT' => isset($user->lang[$folder_alt]) ? $user->lang[$folder_alt] : '',
'FORUM_IMAGE' => ($row['forum_image']) ? '<img src="' . $phpbb_root_path . $row['forum_image'] . '" alt="' . $user->lang[$folder_alt] . '" />' : '',
'FORUM_IMAGE_SRC' => ($row['forum_image']) ? $phpbb_root_path . $row['forum_image'] : '',
'LAST_POST_SUBJECT' => censor_text($last_post_subject),
@ -437,7 +439,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
'S_UNREAD' => $subforum['unread'])
);
}
$last_catless = $catless;
}
@ -979,7 +981,7 @@ function display_user_activity(&$userdata)
/**
* Topic and forum watching common code
*/
function watch_topic_forum($mode, &$s_watching, &$s_watching_img, $user_id, $forum_id, $topic_id, $notify_status = 'unset', $start = 0)
function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id, $notify_status = 'unset', $start = 0)
{
global $template, $db, $user, $phpEx, $start, $phpbb_root_path;
@ -1101,7 +1103,7 @@ function watch_topic_forum($mode, &$s_watching, &$s_watching_img, $user_id, $for
*/
function get_user_rank($user_rank, $user_posts, &$rank_title, &$rank_img, &$rank_img_src)
{
global $ranks, $config;
global $ranks, $config, $phpbb_root_path;
if (empty($ranks))
{
@ -1112,8 +1114,8 @@ function get_user_rank($user_rank, $user_posts, &$rank_title, &$rank_img, &$rank
if (!empty($user_rank))
{
$rank_title = (isset($ranks['special'][$user_rank]['rank_title'])) ? $ranks['special'][$user_rank]['rank_title'] : '';
$rank_img = (!empty($ranks['special'][$user_rank]['rank_image'])) ? '<img src="' . $config['ranks_path'] . '/' . $ranks['special'][$user_rank]['rank_image'] . '" alt="' . $ranks['special'][$user_rank]['rank_title'] . '" title="' . $ranks['special'][$user_rank]['rank_title'] . '" />' : '';
$rank_img_src = (!empty($ranks['special'][$user_rank]['rank_image'])) ? $config['ranks_path'] . '/' . $ranks['special'][$user_rank]['rank_image'] : '';
$rank_img = (!empty($ranks['special'][$user_rank]['rank_image'])) ? '<img src="' . $phpbb_root_path . $config['ranks_path'] . '/' . $ranks['special'][$user_rank]['rank_image'] . '" alt="' . $ranks['special'][$user_rank]['rank_title'] . '" title="' . $ranks['special'][$user_rank]['rank_title'] . '" />' : '';
$rank_img_src = (!empty($ranks['special'][$user_rank]['rank_image'])) ? $phpbb_root_path . $config['ranks_path'] . '/' . $ranks['special'][$user_rank]['rank_image'] : '';
}
else
{
@ -1124,8 +1126,8 @@ function get_user_rank($user_rank, $user_posts, &$rank_title, &$rank_img, &$rank
if ($user_posts >= $rank['rank_min'])
{
$rank_title = $rank['rank_title'];
$rank_img = (!empty($rank['rank_image'])) ? '<img src="' . $config['ranks_path'] . '/' . $rank['rank_image'] . '" alt="' . $rank['rank_title'] . '" title="' . $rank['rank_title'] . '" />' : '';
$rank_img_src = (!empty($rank['rank_image'])) ? $config['ranks_path'] . '/' . $rank['rank_image'] : '';
$rank_img = (!empty($rank['rank_image'])) ? '<img src="' . $phpbb_root_path . $config['ranks_path'] . '/' . $rank['rank_image'] . '" alt="' . $rank['rank_title'] . '" title="' . $rank['rank_title'] . '" />' : '';
$rank_img_src = (!empty($rank['rank_image'])) ? $phpbb_root_path . $config['ranks_path'] . '/' . $rank['rank_image'] : '';
break;
}
}

20
phpBB/includes/functions_jabber.php
View file

@ -20,11 +20,11 @@ if (!defined('IN_PHPBB'))
*
* Jabber class from Flyspray project
*
* @version class.jabber2.php 1306 2007-06-21
* @version class.jabber2.php 1488 2007-11-25
* @copyright 2006 Flyspray.org
* @author Florian Schmitz (floele)
*
* Modified by Acyd Burn
* Only slightly modified by Acyd Burn
*
* @package phpBB3
*/
@ -286,7 +286,7 @@ class jabber
$read = trim(fread($this->connection, 4096));
$data .= $read;
}
while (time() <= $start + $timeout && ($wait || $data == '' || $read != '' || (substr(rtrim($data), -1) != '>')));
while (time() <= $start + $timeout && !feof($this->connection) && ($wait || $data == '' || $read != '' || (substr(rtrim($data), -1) != '>')));
if ($data != '')
{
@ -385,7 +385,6 @@ class jabber
{
case 'stream:stream':
// Connection initialised (or after authentication). Not much to do here...
$this->session['id'] = $xml['stream:stream'][0]['@']['id'];
if (isset($xml['stream:stream'][0]['#']['stream:features']))
{
@ -397,6 +396,16 @@ class jabber
$this->features = $this->listen();
}
$second_time = isset($this->session['id']);
$this->session['id'] = $xml['stream:stream'][0]['@']['id'];
if ($second_time)
{
// If we are here for the second time after TLS, we need to continue logging in
$this->login();
return;
}
// go on with authentication?
if (isset($this->features['stream:features'][0]['#']['bind']) || !empty($this->session['tls']))
{
@ -519,9 +528,10 @@ class jabber
'response' => $this->encrypt_password(array_merge($decoded, array('nc' => '00000001'))),
'charset' => 'utf-8',
'nc' => '00000001',
'qop' => 'auth', // only auth being supported
);
foreach (array('nonce', 'qop', 'digest-uri', 'realm', 'cnonce') as $key)
foreach (array('nonce', 'digest-uri', 'realm', 'cnonce') as $key)
{
if (isset($decoded[$key]))
{

5
phpBB/includes/functions_messenger.php
View file

@ -1056,8 +1056,7 @@ class smtp_class
global $user;
$err_msg = '';
$local_host = php_uname('n');
$local_host = (empty($local_host)) ? 'localhost' : $local_host;
$local_host = (function_exists('php_uname')) ? php_uname('n') : $user->host;
// If we are authenticating through pop-before-smtp, we
// have to login ones before we get authenticated
@ -1332,7 +1331,7 @@ class smtp_class
// Realm
if (empty($tokens['realm']))
{
$tokens['realm'] = php_uname('n');
$tokens['realm'] = (function_exists('php_uname')) ? php_uname('n') : $user->host;
}
// Maxbuf

20
phpBB/includes/functions_module.php
View file

@ -59,7 +59,7 @@ class p_master
WHERE module_class = '" . $db->sql_escape($this->p_class) . "'
ORDER BY left_id ASC";
$result = $db->sql_query($sql);
$rows = array();
while ($row = $db->sql_fetchrow($result))
{
@ -114,7 +114,7 @@ class p_master
unset($this->module_cache['modules'][$key]);
continue;
}
$right_id = false;
}
@ -147,7 +147,7 @@ class p_master
{
continue;
}
$right_id = false;
}
@ -194,7 +194,7 @@ class p_master
$custom_func = '_module_' . $row['module_basename'];
$names[$row['module_basename'] . '_' . $row['module_mode']][] = true;
$module_row = array(
'depth' => $depth,
@ -209,7 +209,7 @@ class p_master
'display' => (int) $row['module_display'],
'url_extra' => (function_exists($url_func)) ? $url_func($row['module_mode'], $row) : '',
'lang' => ($row['module_basename'] && function_exists($lang_func)) ? $lang_func($row['module_mode'], $row['module_langname']) : ((!empty($user->lang[$row['module_langname']])) ? $user->lang[$row['module_langname']] : $row['module_langname']),
'langname' => $row['module_langname'],
@ -309,7 +309,7 @@ class p_master
break;
default:
if (!preg_match('#(?:acl_([a-z_]+)(,\$id)?)|(?:\$id)|(?:aclf_([a-z_]+))|(?:cfg_([a-z_]+))|(?:request_([a-z_]+))#', $token))
if (!preg_match('#(?:acl_([a-z0-9_]+)(,\$id)?)|(?:\$id)|(?:aclf_([a-z0-9_]+))|(?:cfg_([a-z0-9_]+))|(?:request_([a-zA-Z0-9_]+))#', $token))
{
$token = '';
}
@ -325,7 +325,7 @@ class p_master
$forum_id = ($forum_id === false) ? $this->acl_forum_id : $forum_id;
$is_auth = false;
eval('$is_auth = (int) (' . preg_replace(array('#acl_([a-z_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z_]+)#', '#cfg_([a-z_]+)#', '#request_([a-z_]+)#'), array('(int) $auth->acl_get(\'\\1\'\\2)', '(int) $forum_id', '(int) $auth->acl_getf_global(\'\\1\')', '(int) $config[\'\\1\']', '!empty($_REQUEST[\'\\1\'])'), $module_auth) . ');');
eval('$is_auth = (int) (' . preg_replace(array('#acl_([a-z0-9_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z0-9_]+)#', '#cfg_([a-z0-9_]+)#', '#request_([a-zA-Z0-9_]+)#'), array('(int) $auth->acl_get(\'\\1\'\\2)', '(int) $forum_id', '(int) $auth->acl_getf_global(\'\\1\')', '(int) $config[\'\\1\']', '!empty($_REQUEST[\'\\1\'])'), $module_auth) . ');');
return $is_auth;
}
@ -677,7 +677,7 @@ class p_master
}
// Select first id we can get
if (!$current_id && (in_array($item_ary['id'], array_keys($this->module_cache['parents'])) || $item_ary['id'] == $this->p_id))
if (!$current_id && (isset($this->module_cache['parents'][$item_ary['id']]) || $item_ary['id'] == $this->p_id))
{
$current_id = $item_ary['id'];
}
@ -710,7 +710,7 @@ class p_master
$tpl_ary = array(
'L_TITLE' => $item_ary['lang'],
'S_SELECTED' => (in_array($item_ary['id'], array_keys($this->module_cache['parents'])) || $item_ary['id'] == $this->p_id) ? true : false,
'S_SELECTED' => (isset($this->module_cache['parents'][$item_ary['id']]) || $item_ary['id'] == $this->p_id) ? true : false,
'U_TITLE' => $u_title
);
@ -719,7 +719,7 @@ class p_master
$tpl_ary = array(
'L_TITLE' => $item_ary['lang'],
'S_SELECTED' => (in_array($item_ary['id'], array_keys($this->module_cache['parents'])) || $item_ary['id'] == $this->p_id) ? true : false,
'S_SELECTED' => (isset($this->module_cache['parents'][$item_ary['id']]) || $item_ary['id'] == $this->p_id) ? true : false,
'U_TITLE' => $u_title
);

45
phpBB/includes/functions_posting.php
View file

@ -267,7 +267,7 @@ function posting_gen_topic_icons($mode, $icon_id)
'ICON_IMG' => $phpbb_root_path . $config['icons_path'] . '/' . $data['img'],
'ICON_WIDTH' => $data['width'],
'ICON_HEIGHT' => $data['height'],
'S_CHECKED' => ($id == $icon_id) ? true : false,
'S_ICON_CHECKED' => ($id == $icon_id) ? ' checked="checked"' : '')
);
@ -323,7 +323,7 @@ function posting_gen_topic_types($forum_id, $cur_topic_type = POST_NORMAL)
$topic_type_array
);
foreach ($topic_type_array as $array)
{
$template->assign_block_vars('topic_type', $array);
@ -618,6 +618,11 @@ function create_thumbnail($source, $destination, $mimetype)
// Only use imagemagick if defined and the passthru function not disabled
if ($config['img_imagick'] && function_exists('passthru'))
{
if (substr($config['img_imagick'], -1) !== '/')
{
$config['img_imagick'] .= '/';
}
@passthru(escapeshellcmd($config['img_imagick']) . 'convert' . ((defined('PHP_OS') && preg_match('#^win#i', PHP_OS)) ? '.exe' : '') . ' -quality 85 -antialias -sample ' . $new_width . 'x' . $new_height . ' "' . str_replace('\\', '/', $source) . '" +profile "*" "' . str_replace('\\', '/', $destination) . '"');
if (file_exists($destination))
@ -934,7 +939,8 @@ function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id
WHERE p.topic_id = $topic_id
" . ((!$auth->acl_get('m_approve', $forum_id)) ? 'AND p.post_approved = 1' : '') . '
' . (($mode == 'post_review') ? " AND p.post_id > $cur_post_id" : '') . '
ORDER BY p.post_time DESC';
ORDER BY p.post_time ';
$sql .= ($mode == 'post_review') ? 'ASC' : 'DESC';
$result = $db->sql_query_limit($sql, $config['posts_per_page']);
$post_list = array();
@ -1105,7 +1111,7 @@ function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id
trigger_error('WRONG_NOTIFICATION_MODE');
}
if (!$config['allow_topic_notify'])
if (($topic_notification && !$config['allow_topic_notify']) || ($forum_notification && !$config['allow_forum_notify']))
{
return;
}
@ -1115,16 +1121,15 @@ function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id
// Get banned User ID's
$sql = 'SELECT ban_userid
FROM ' . BANLIST_TABLE;
FROM ' . BANLIST_TABLE . '
WHERE ban_userid <> 0
AND ban_exclude <> 1';
$result = $db->sql_query($sql);
$sql_ignore_users = ANONYMOUS . ', ' . $user->data['user_id'];
while ($row = $db->sql_fetchrow($result))
{
if (isset($row['ban_userid']))
{
$sql_ignore_users .= ', ' . $row['ban_userid'];
}
$sql_ignore_users .= ', ' . (int) $row['ban_userid'];
}
$db->sql_freeresult($result);
@ -1326,9 +1331,21 @@ function delete_post($forum_id, $topic_id, $post_id, &$data)
global $config, $phpEx, $phpbb_root_path;
// Specify our post mode
$post_mode = ($data['topic_first_post_id'] == $data['topic_last_post_id']) ? 'delete_topic' : (($data['topic_first_post_id'] == $post_id) ? 'delete_first_post' : (($data['topic_last_post_id'] == $post_id) ? 'delete_last_post' : 'delete'));
$post_mode = 'delete';
if (($data['topic_first_post_id'] === $data['topic_last_post_id']) && $data['topic_replies_real'] == 0)
{
$post_mode = 'delete_topic';
}
else if ($data['topic_first_post_id'] == $post_id)
{
$post_mode = 'delete_first_post';
}
else if ($data['topic_last_post_id'] == $post_id)
{
$post_mode = 'delete_last_post';
}
$sql_data = array();
$next_post_id = 0;
$next_post_id = false;
include_once($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
@ -1717,7 +1734,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
}
$sql_data[USERS_TABLE]['stat'][] = "user_lastpost_time = $current_time" . (($auth->acl_get('f_postcount', $data['forum_id'])) ? ', user_posts = user_posts + 1' : '');
if ($topic_type != POST_GLOBAL)
{
if ($auth->acl_get('f_noapprove', $data['forum_id']) || $auth->acl_get('m_approve', $data['forum_id']))
@ -1940,7 +1957,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
}
$sql_insert_ary = array();
for ($i = 0, $size = sizeof($poll['poll_options']); $i < $size; $i++)
{
if (strlen(trim($poll['poll_options'][$i])))
@ -2013,7 +2030,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
foreach ($data['attachment_data'] as $pos => $attach_row)
{
if ($attach_row['is_orphan'] && !in_array($attach_row['attach_id'], array_keys($orphan_rows)))
if ($attach_row['is_orphan'] && !isset($orphan_rows[$attach_row['attach_id']]))
{
continue;
}

20
phpBB/includes/functions_privmsgs.php
View file

@ -276,7 +276,7 @@ function check_rule(&$rules, &$rule_row, &$message_row, $user_id)
case ACTION_PLACE_INTO_FOLDER:
return array('action' => $rule_row['rule_action'], 'folder_id' => $rule_row['rule_folder_id']);
break;
case ACTION_MARK_AS_READ:
case ACTION_MARK_AS_IMPORTANT:
return array('action' => $rule_row['rule_action'], 'pm_unread' => $message_row['pm_unread'], 'pm_marked' => $message_row['pm_marked']);
@ -304,7 +304,7 @@ function check_rule(&$rules, &$rule_row, &$message_row, $user_id)
return false;
break;
default:
return false;
}
@ -606,7 +606,7 @@ function place_pm_into_folder(&$global_privmsgs_rules, $release = false)
unset($sql_folder);
if (in_array(PRIVMSGS_INBOX, array_keys($move_into_folder)))
if (isset($move_into_folder[PRIVMSGS_INBOX]))
{
$sql = 'SELECT COUNT(msg_id) as num_messages
FROM ' . PRIVMSGS_TO_TABLE . "
@ -892,7 +892,7 @@ function handle_mark_actions($user_id, $mark_action)
if (confirm_box(true))
{
delete_pm($user_id, $msg_ids, $cur_folder_id);
$success_msg = (sizeof($msg_ids) == 1) ? 'MESSAGE_DELETED' : 'MESSAGES_DELETED';
$redirect = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&amp;folder=' . $cur_folder_id);
@ -1034,8 +1034,8 @@ function delete_pm($user_id, $msg_ids, $folder_id)
$user->data['user_new_privmsg'] -= $num_new;
$user->data['user_unread_privmsg'] -= $num_unread;
}
// Now we have to check which messages we can delete completely
// Now we have to check which messages we can delete completely
$sql = 'SELECT msg_id
FROM ' . PRIVMSGS_TO_TABLE . '
WHERE ' . $db->sql_in_set('msg_id', array_keys($delete_rows));
@ -1157,7 +1157,7 @@ function write_pm_addresses($check_ary, $author_id, $plaintext = false)
FROM ' . GROUPS_TABLE . '
WHERE ' . $db->sql_in_set('group_id', $g);
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
if ($check_type == 'to' || $author_id == $user->data['user_id'] || $row['user_id'] == $user->data['user_id'])
@ -1175,7 +1175,7 @@ function write_pm_addresses($check_ary, $author_id, $plaintext = false)
AND g.group_id = ug.group_id
AND ug.user_pending = 0';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
if (!isset($address['group'][$row['group_id']]))
@ -1331,7 +1331,7 @@ function submit_pm($mode, $subject, &$data, $put_in_outbox = true)
AND u.user_id = ug.user_id
AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
$field = ($data['address_list']['g'][$row['group_id']] == 'to') ? 'to' : 'bcc';
@ -1506,7 +1506,7 @@ function submit_pm($mode, $subject, &$data, $put_in_outbox = true)
foreach ($data['attachment_data'] as $pos => $attach_row)
{
if ($attach_row['is_orphan'] && !in_array($attach_row['attach_id'], array_keys($orphan_rows)))
if ($attach_row['is_orphan'] && !isset($orphan_rows[$attach_row['attach_id']]))
{
continue;
}

15
phpBB/includes/functions_profile_fields.php
View file

@ -488,7 +488,8 @@ class custom_profile
else if ($day && $month && $year)
{
global $user;
return $user->format_date(mktime(0, 0, 0, $month, $day, $year), $user->lang['DATE_FORMAT'], true);
// d/m/y 00:00 GMT isn't necessarily on the same d/m/y in the user's timezone, so add the timezone seconds
return $user->format_date(gmmktime(0, 0, 0, $month, $day, $year) + $user->timezone + $user->dst, $user->lang['DATE_FORMAT'], true);
}
return $value;
@ -666,7 +667,7 @@ class custom_profile
}
$profile_row['s_year_options'] = '<option value="0"' . ((!$year) ? ' selected="selected"' : '') . '>--</option>';
for ($i = $now['year'] - 100; $i <= $now['year']; $i++)
for ($i = $now['year'] - 100; $i <= $now['year'] + 100; $i++)
{
$profile_row['s_year_options'] .= '<option value="' . $i . '"' . (($i == $year) ? ' selected="selected"' : '') . ">$i</option>";
}
@ -871,13 +872,13 @@ class custom_profile
}
else
{
$var = request_var($var_name, $profile_row['field_default_value']);
$var = request_var($var_name, (int) $profile_row['field_default_value']);
}
break;
case FIELD_STRING:
case FIELD_TEXT:
$var = utf8_normalize_nfc(request_var($var_name, $profile_row['field_default_value'], true));
$var = utf8_normalize_nfc(request_var($var_name, (string) $profile_row['field_default_value'], true));
break;
case FIELD_INT:
@ -887,10 +888,14 @@ class custom_profile
}
else
{
$var = request_var($var_name, $profile_row['field_default_value']);
$var = request_var($var_name, (int) $profile_row['field_default_value']);
}
break;
case FIELD_DROPDOWN:
$var = request_var($var_name, (int) $profile_row['field_default_value']);
break;
default:
$var = request_var($var_name, $profile_row['field_default_value']);
break;

12
phpBB/includes/functions_upload.php
View file

@ -386,8 +386,8 @@ class filespec
// Filesize is too big or it's 0 if it was larger than the maxsize in the upload form
if ($this->upload->max_filesize && ($this->get('filesize') > $this->upload->max_filesize || $this->filesize == 0))
{
$size_lang = ($this->upload->max_filesize >= 1048576) ? $user->lang['MB'] : (($this->upload->max_filesize >= 1024) ? $user->lang['KB'] : $user->lang['BYTES'] );
$max_filesize = ($this->upload->max_filesize >= 1048576) ? round($this->upload->max_filesize / 1048576 * 100) / 100 : (($this->upload->max_filesize >= 1024) ? round($this->upload->max_filesize / 1024 * 100) / 100 : $this->upload->max_filesize);
$size_lang = ($this->upload->max_filesize >= 1048576) ? $user->lang['MIB'] : (($this->upload->max_filesize >= 1024) ? $user->lang['KIB'] : $user->lang['BYTES'] );
$max_filesize = get_formatted_filesize($this->upload->max_filesize, false);
$this->error[] = sprintf($user->lang[$this->upload->error_prefix . 'WRONG_FILESIZE'], $max_filesize, $size_lang);
@ -777,8 +777,8 @@ class fileupload
break;
case 2:
$size_lang = ($this->max_filesize >= 1048576) ? $user->lang['MB'] : (($this->max_filesize >= 1024) ? $user->lang['KB'] : $user->lang['BYTES'] );
$max_filesize = ($this->max_filesize >= 1048576) ? round($this->max_filesize / 1048576 * 100) / 100 : (($this->max_filesize >= 1024) ? round($this->max_filesize / 1024 * 100) / 100 : $this->max_filesize);
$size_lang = ($this->max_filesize >= 1048576) ? $user->lang['MIB'] : (($this->max_filesize >= 1024) ? $user->lang['KIB'] : $user->lang['BYTES']);
$max_filesize = get_formatted_filesize($this->max_filesize, false);
$error = sprintf($user->lang[$this->error_prefix . 'WRONG_FILESIZE'], $max_filesize, $size_lang);
break;
@ -813,8 +813,8 @@ class fileupload
// Filesize is too big or it's 0 if it was larger than the maxsize in the upload form
if ($this->max_filesize && ($file->get('filesize') > $this->max_filesize || $file->get('filesize') == 0))
{
$size_lang = ($this->max_filesize >= 1048576) ? $user->lang['MB'] : (($this->max_filesize >= 1024) ? $user->lang['KB'] : $user->lang['BYTES'] );
$max_filesize = ($this->max_filesize >= 1048576) ? round($this->max_filesize / 1048576 * 100) / 100 : (($this->max_filesize >= 1024) ? round($this->max_filesize / 1024 * 100) / 100 : $this->max_filesize);
$size_lang = ($this->max_filesize >= 1048576) ? $user->lang['MIB'] : (($this->max_filesize >= 1024) ? $user->lang['KIB'] : $user->lang['BYTES']);
$max_filesize = get_formatted_filesize($this->max_filesize, false);
$file->error[] = sprintf($user->lang[$this->error_prefix . 'WRONG_FILESIZE'], $max_filesize, $size_lang);
}

104
phpBB/includes/functions_user.php
View file

@ -137,10 +137,17 @@ function user_update_name($old_name, $new_name)
{
set_config('newest_username', $new_name, true);
}
// Because some tables/caches use username-specific data we need to purge this here.
$cache->destroy('sql', MODERATOR_CACHE_TABLE);
}
/**
* Add User
* Adds an user
*
* @param mixed $user_row An array containing the following keys (and the appropriate values): username, group_id (the group to place the user in), user_email and the user_type(usually 0). Additional entries not overridden by defaults will be forwarded.
* @param string $cp_data custom profile fields, see custom_profile::build_insert_sql_array
* @return: the new user's ID.
*/
function user_add($user_row, $cp_data = false)
{
@ -216,7 +223,7 @@ function user_add($user_row, $cp_data = false)
'user_sig' => '',
'user_sig_bbcode_uid' => '',
'user_sig_bbcode_bitfield' => '',
'user_form_salt' => unique_id(),
);
@ -278,7 +285,7 @@ function user_add($user_row, $cp_data = false)
$sql = 'SELECT group_colour
FROM ' . GROUPS_TABLE . '
WHERE group_id = ' . $user_row['group_id'];
WHERE group_id = ' . (int) $user_row['group_id'];
$result = $db->sql_query_limit($sql, 1);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
@ -374,7 +381,7 @@ function user_delete($mode, $user_id, $post_username = false)
{
avatar_delete('user', $user_row);
}
switch ($mode)
{
case 'retain':
@ -982,7 +989,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
'ban_give_reason' => (string) $ban_give_reason,
);
}
$db->sql_multi_insert(BANLIST_TABLE, $sql_ary);
// If we are banning we want to logout anyone matching the ban
@ -1260,6 +1267,45 @@ function validate_num($num, $optional = false, $min = 0, $max = 1E99)
return false;
}
/**
* Validate Date
* @param String $string a date in the dd-mm-yyyy format
* @return boolean
*/
function validate_date($date_string, $optional = false)
{
$date = explode('-', $date_string);
if ((empty($date) || sizeof($date) != 3) && $optional)
{
return false;
}
else if ($optional)
{
for ($field = 0; $field <= 1; $field++)
{
$date[$field] = (int) $date[$field];
if (empty($date[$field]))
{
$date[$field] = 1;
}
}
$date[2] = (int) $date[2];
// assume an arbitrary leap year
if (empty($date[2]))
{
$date[2] = 1980;
}
}
if (sizeof($date) != 3 || !checkdate($date[1], $date[0], $date[2]))
{
return 'INVALID';
}
return false;
}
/**
* Validate Match
*
@ -1433,20 +1479,6 @@ function validate_username($username, $allowed_username = false)
}
}
$sql = 'SELECT word
FROM ' . WORDS_TABLE;
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
if (preg_match('#(' . str_replace('\*', '.*?', preg_quote($row['word'], '#')) . ')#i', $username))
{
$db->sql_freeresult($result);
return 'USERNAME_DISALLOWED';
}
}
$db->sql_freeresult($result);
return false;
}
@ -1819,7 +1851,7 @@ function avatar_delete($mode, $row, $clean_db = false)
return false;
}
}
if ($clean_db)
{
avatar_remove_db($row[$mode . '_avatar']);
@ -1931,7 +1963,7 @@ function avatar_upload($data, &$error)
{
$file = $upload->remote_upload($data['uploadurl']);
}
$prefix = $config['avatar_salt'] . '_';
$file->clean_filename('avatar', $prefix, $data['user_id']);
@ -1968,7 +2000,7 @@ function get_avatar_filename($avatar_entry)
{
global $config;
if ($avatar_entry[0] === 'g')
{
$avatar_group = true;
@ -2014,7 +2046,7 @@ function avatar_gallery($category, $avatar_select, $items_per_column, $block_var
if ($file[0] != '.' && preg_match('#^[^&"\'<>]+$#i', $file) && is_dir("$path/$file"))
{
$avatar_row_count = $avatar_col_count = 0;
if ($dp2 = @opendir("$path/$file"))
{
while (($sub_file = readdir($dp2)) !== false)
@ -2094,7 +2126,7 @@ function avatar_gallery($category, $avatar_select, $items_per_column, $block_var
function avatar_get_dimensions($avatar, $avatar_type, &$error, $current_x = 0, $current_y = 0)
{
global $config, $phpbb_root_path, $user;
switch ($avatar_type)
{
case AVATAR_REMOTE :
@ -2103,7 +2135,7 @@ function avatar_get_dimensions($avatar, $avatar_type, &$error, $current_x = 0, $
case AVATAR_UPLOAD :
$avatar = $phpbb_root_path . $config['avatar_path'] . '/' . get_avatar_filename($avatar);
break;
case AVATAR_GALLERY :
$avatar = $phpbb_root_path . $config['avatar_gallery_path'] . '/' . $avatar ;
break;
@ -2121,7 +2153,7 @@ function avatar_get_dimensions($avatar, $avatar_type, &$error, $current_x = 0, $
$error[] = $user->lang['AVATAR_NO_SIZE'];
return false;
}
// try to maintain ratio
if (!(empty($current_x) && empty($current_y)))
{
@ -2220,7 +2252,7 @@ function avatar_process_user(&$error, $custom_userdata = false)
else if (!empty($userdata['user_avatar']))
{
// Only update the dimensions
if (empty($data['width']) || empty($data['height']))
{
if ($dims = avatar_get_dimensions($userdata['user_avatar'], $userdata['user_avatar_type'], $error, $data['width'], $data['height']))
@ -2326,13 +2358,13 @@ function group_create(&$group_id, $type, $name, $desc, $group_attributes, $allow
{
$error[] = (!utf8_strlen($name)) ? $user->lang['GROUP_ERR_USERNAME'] : $user->lang['GROUP_ERR_USER_LONG'];
}
$err = group_validate_groupname($group_id, $name);
if (!empty($err))
{
$error[] = $user->lang[$err];
}
if (!in_array($type, array(GROUP_OPEN, GROUP_CLOSED, GROUP_HIDDEN, GROUP_SPECIAL, GROUP_FREE)))
{
$error[] = $user->lang['GROUP_ERR_TYPE'];
@ -2466,7 +2498,7 @@ function group_correct_avatar($group_id, $old_entry)
$old_filename = get_avatar_filename($old_entry);
$new_filename = $config['avatar_salt'] . "_g$group_id.$ext";
$new_entry = 'g' . $group_id . '_' . substr(time(), -5) . ".$ext";
$avatar_path = $phpbb_root_path . $config['avatar_path'];
if (@rename($avatar_path . '/'. $old_filename, $avatar_path . '/' . $new_filename))
{
@ -2484,7 +2516,7 @@ function group_correct_avatar($group_id, $old_entry)
function avatar_remove_db($avatar_name)
{
global $config, $db;
$sql = 'UPDATE ' . USERS_TABLE . "
SET user_avatar = '',
user_avatar_type = 0
@ -2814,7 +2846,7 @@ function remove_default_avatar($group_id, $user_ids)
return false;
}
$db->sql_freeresult($result);
$sql = 'UPDATE ' . USERS_TABLE . "
SET user_avatar = '',
user_avatar_type = 0,
@ -2823,7 +2855,7 @@ function remove_default_avatar($group_id, $user_ids)
WHERE group_id = " . (int) $group_id . "
AND user_avatar = '" . $db->sql_escape($row['group_avatar']) . "'
AND " . $db->sql_in_set('user_id', $user_ids);
$db->sql_query($sql);
}
@ -3025,7 +3057,7 @@ function group_validate_groupname($group_id, $group_name)
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row)
{
return 'GROUP_NAME_TAKEN';
@ -3088,7 +3120,7 @@ function group_set_user_default($group_id, $user_id_ary, $group_attributes = fal
}
// Before we update the user attributes, we will make a list of those having now the group avatar assigned
if (in_array('user_avatar', array_keys($sql_ary)))
if (isset($sql_ary['user_avatar']))
{
// Ok, get the original avatar data from users having an uploaded one (we need to remove these from the filesystem)
$sql = 'SELECT user_id, group_id, user_avatar
@ -3114,7 +3146,7 @@ function group_set_user_default($group_id, $user_id_ary, $group_attributes = fal
WHERE ' . $db->sql_in_set('user_id', $user_id_ary);
$db->sql_query($sql);
if (in_array('user_colour', array_keys($sql_ary)))
if (isset($sql_ary['user_colour']))
{
// Update any cached colour information for these users
$sql = 'UPDATE ' . FORUMS_TABLE . " SET forum_last_poster_colour = '" . $db->sql_escape($sql_ary['user_colour']) . "'

21
phpBB/includes/mcp/mcp_forum.php
View file

@ -146,8 +146,8 @@ function mcp_forum_view($id, $mode, $action, $forum_info)
$read_tracking_join = $read_tracking_select = '';
}
$sql = "SELECT t.*$read_tracking_select
FROM " . TOPICS_TABLE . " t $read_tracking_join
$sql = "SELECT t.topic_id
FROM " . TOPICS_TABLE . " t
WHERE t.forum_id IN($forum_id, 0)
" . (($auth->acl_get('m_approve', $forum_id)) ? '' : 'AND t.topic_approved = 1') . "
$limit_time_sql
@ -155,10 +155,21 @@ function mcp_forum_view($id, $mode, $action, $forum_info)
$result = $db->sql_query_limit($sql, $topics_per_page, $start);
$topic_list = $topic_tracking_info = array();
while ($row = $db->sql_fetchrow($result))
{
$topic_list[] = $row['topic_id'];
}
$db->sql_freeresult($result);
$sql = "SELECT t.*$read_tracking_select
FROM " . TOPICS_TABLE . " t $read_tracking_join
WHERE " . $db->sql_in_set('t.topic_id', $topic_list);
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
$topic_rows[$row['topic_id']] = $row;
$topic_list[] = $row['topic_id'];
}
$db->sql_freeresult($result);
@ -181,10 +192,12 @@ function mcp_forum_view($id, $mode, $action, $forum_info)
}
}
foreach ($topic_rows as $topic_id => $row)
foreach ($topic_list as $topic_id)
{
$topic_title = '';
$row = &$topic_rows[$topic_id];
$replies = ($auth->acl_get('m_approve', $forum_id)) ? $row['topic_replies_real'] : $row['topic_replies'];
if ($row['topic_status'] == ITEM_MOVED)

2
phpBB/includes/mcp/mcp_reports.php
View file

@ -186,7 +186,7 @@ class mcp_reports
$template->assign_vars(array(
'S_MCP_REPORT' => true,
'S_CLOSE_ACTION' => $this->u_action . '&amp;p=' . $post_id . '&amp;f=' . $forum_id,
'S_CLOSE_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&amp;mode=report_details&amp;f=' . $post_info['forum_id'] . '&amp;p=' . $post_id),
'S_CAN_VIEWIP' => $auth->acl_get('m_info', $post_info['forum_id']),
'S_POST_REPORTED' => $post_info['post_reported'],
'S_POST_UNAPPROVED' => !$post_info['post_approved'],

51
phpBB/includes/message_parser.php
View file

@ -198,7 +198,7 @@ class bbcode_firstpass extends bbcode
if (!$this->check_bbcode('size', $in))
{
return '';
return $in;
}
if ($config['max_' . $this->mode . '_font_size'] && $config['max_' . $this->mode . '_font_size'] < $stx)
@ -224,7 +224,7 @@ class bbcode_firstpass extends bbcode
{
if (!$this->check_bbcode('color', $in))
{
return '';
return $in;
}
return '[color=' . $stx . ':' . $this->bbcode_uid . ']' . $in . '[/color:' . $this->bbcode_uid . ']';
@ -237,7 +237,7 @@ class bbcode_firstpass extends bbcode
{
if (!$this->check_bbcode('u', $in))
{
return '';
return $in;
}
return '[u:' . $this->bbcode_uid . ']' . $in . '[/u:' . $this->bbcode_uid . ']';
@ -250,7 +250,7 @@ class bbcode_firstpass extends bbcode
{
if (!$this->check_bbcode('b', $in))
{
return '';
return $in;
}
return '[b:' . $this->bbcode_uid . ']' . $in . '[/b:' . $this->bbcode_uid . ']';
@ -263,7 +263,7 @@ class bbcode_firstpass extends bbcode
{
if (!$this->check_bbcode('i', $in))
{
return '';
return $in;
}
return '[i:' . $this->bbcode_uid . ']' . $in . '[/i:' . $this->bbcode_uid . ']';
@ -278,7 +278,7 @@ class bbcode_firstpass extends bbcode
if (!$this->check_bbcode('img', $in))
{
return '';
return $in;
}
$in = trim($in);
@ -340,7 +340,7 @@ class bbcode_firstpass extends bbcode
if (!$this->check_bbcode('flash', $in))
{
return '';
return $in;
}
$in = trim($in);
@ -377,7 +377,7 @@ class bbcode_firstpass extends bbcode
{
if (!$this->check_bbcode('attachment', $in))
{
return '';
return $in;
}
return '[attachment=' . $stx . ':' . $this->bbcode_uid . ']<!-- ia' . $stx . ' -->' . trim($in) . '<!-- ia' . $stx . ' -->[/attachment:' . $this->bbcode_uid . ']';
@ -457,7 +457,7 @@ class bbcode_firstpass extends bbcode
{
if (!$this->check_bbcode('code', $in))
{
return '';
return $in;
}
// We remove the hardcoded elements from the code block here because it is not used in code blocks
@ -550,7 +550,7 @@ class bbcode_firstpass extends bbcode
{
if (!$this->check_bbcode('list', $in))
{
return '';
return $in;
}
// $tok holds characters to stop at. Since the string starts with a '[' we'll get everything up to the first ']' which should be the opening [list] tag
@ -684,7 +684,8 @@ class bbcode_firstpass extends bbcode
* #14667 - [quote]test[/quote] test ] and [ test [quote]test[/quote] (correct: parsed)
* #14770 - [quote="["]test[/quote] (correct: parsed)
* [quote="[i]test[/i]"]test[/quote] (correct: parsed)
* [quote="[quote]test[/quote]"]test[/quote] (correct: NOT parsed)
* [quote="[quote]test[/quote]"]test[/quote] (correct: parsed - Username displayed as [quote]test[/quote])
* #20735 - [quote]test[/[/b]quote] test [/quote][/quote] test - (correct: quoted: "test[/[/b]quote] test" / non-quoted: "[/quote] test" - also failed if layout distorted)
*/
$in = str_replace("\r\n", "\n", str_replace('\"', '"', trim($in)));
@ -737,7 +738,7 @@ class bbcode_firstpass extends bbcode
$out .= ' ';
}*/
}
else if (preg_match('#^quote(?:=&quot;(.*?)&quot;)?$#is', $buffer, $m))
else if (preg_match('#^quote(?:=&quot;(.*?)&quot;)?$#is', $buffer, $m) && substr($out, -1, 1) == '[')
{
$this->parsed_items['quote']++;
@ -913,9 +914,14 @@ class bbcode_firstpass extends bbcode
$url = ($var1) ? $var1 : $var2;
if (!$url || ($var1 && !$var2))
if ($var1 && !$var2)
{
return '';
$var2 = $var1;
}
if (!$url)
{
return '[url' . (($var1) ? '=' . $var1 : '') . ']' . $var2 . '[/url]';
}
$valid = false;
@ -978,7 +984,7 @@ class bbcode_firstpass extends bbcode
// Is the user trying to link to a php file in this domain and script path?
if (strpos($url, ".{$phpEx}") !== false && strpos($url, $check_path) !== false)
{
$server_name = (!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME');
$server_name = $user->host;
// Forcing server vars is the only way to specify/override the protocol
if ($config['force_server_vars'] || !$server_name)
@ -1079,19 +1085,19 @@ class parse_message extends bbcode_firstpass
if ($config['max_' . $mode . '_chars'] > 0)
{
$msg_len = ($mode == 'post') ? utf8_strlen($this->message) : utf8_strlen(preg_replace('#\[\/?[a-z\*\+\-]+(=[\S]+)?\]#ius', ' ', $this->message));
if ((!$msg_len && $mode !== 'sig') || $config['max_' . $mode . '_chars'] && $msg_len > $config['max_' . $mode . '_chars'])
{
$this->warn_msg[] = (!$msg_len) ? $user->lang['TOO_FEW_CHARS'] : sprintf($user->lang['TOO_MANY_CHARS_' . strtoupper($mode)], $msg_len, $config['max_' . $mode . '_chars']);
return $this->warn_msg;
return (!$update_this_message) ? $return_message : $this->warn_msg;
}
}
// Check for "empty" message
if ($mode !== 'sig' && !utf8_clean_string($this->message))
if ($mode !== 'sig' && utf8_clean_string($this->message) === '')
{
$this->warn_msg[] = $user->lang['TOO_FEW_CHARS'];
return $this->warn_msg;
return (!$update_this_message) ? $return_message : $this->warn_msg;
}
// Prepare BBcode (just prepares some tags for better parsing)
@ -1140,7 +1146,7 @@ class parse_message extends bbcode_firstpass
if ($config['max_' . $mode . '_urls'] && $num_urls > $config['max_' . $mode . '_urls'])
{
$this->warn_msg[] = sprintf($user->lang['TOO_MANY_URLS'], $config['max_' . $mode . '_urls']);
return $this->warn_msg;
return (!$update_this_message) ? $return_message : $this->warn_msg;
}
if (!$update_this_message)
@ -1249,7 +1255,7 @@ class parse_message extends bbcode_firstpass
$match = $replace = array();
// NOTE: obtain_* function? chaching the table contents?
// For now setting the ttl to 10 minutes
switch ($db->sql_layer)
{
@ -1259,7 +1265,7 @@ class parse_message extends bbcode_firstpass
FROM ' . SMILIES_TABLE . '
ORDER BY LEN(code) DESC';
break;
case 'firebird':
$sql = 'SELECT *
FROM ' . SMILIES_TABLE . '
@ -1597,7 +1603,6 @@ class parse_message extends bbcode_firstpass
$this->message = $poll['poll_option_text'];
$bbcode_bitfield = $this->bbcode_bitfield;
$poll['poll_option_text'] = $this->parse($poll['enable_bbcode'], ($config['allow_post_links']) ? $poll['enable_urls'] : false, $poll['enable_smilies'], $poll['img_status'], false, false, $config['allow_post_links'], false);
$bbcode_bitfield = base64_encode(base64_decode($bbcode_bitfield) | base64_decode($this->bbcode_bitfield));

59
phpBB/includes/session.php
View file

@ -129,7 +129,8 @@ class session
'script_path' => str_replace(' ', '%20', htmlspecialchars($script_path)),
'root_script_path' => str_replace(' ', '%20', htmlspecialchars($root_script_path)),
'page' => $page
'page' => $page,
'forum' => (isset($_REQUEST['f']) && $_REQUEST['f'] > 0) ? (int) $_REQUEST['f'] : 0,
);
return $page_array;
@ -158,7 +159,7 @@ class session
$this->update_session_page = $update_session_page;
$this->browser = (!empty($_SERVER['HTTP_USER_AGENT'])) ? htmlspecialchars((string) $_SERVER['HTTP_USER_AGENT']) : '';
$this->forwarded_for = (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) ? (string) $_SERVER['HTTP_X_FORWARDED_FOR'] : '';
$this->host = (!empty($_SERVER['HTTP_HOST'])) ? (string) $_SERVER['HTTP_HOST'] : 'localhost';
$this->host = (!empty($_SERVER['HTTP_HOST'])) ? (string) strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'));
$this->page = $this->extract_current_page($phpbb_root_path);
// if the forwarded for header shall be checked we have to validate its contents
@ -179,9 +180,10 @@ class session
}
}
}
// Add forum to the page for tracking online users - also adding a "x" to the end to properly identify the number
$this->page['page'] .= (isset($_REQUEST['f'])) ? ((strpos($this->page['page'], '?') !== false) ? '&' : '?') . '_f_=' . (int) $_REQUEST['f'] . 'x' : '';
else
{
$this->forwarded_for = '';
}
if (isset($_COOKIE[$config['cookie_name'] . '_sid']) || isset($_COOKIE[$config['cookie_name'] . '_u']))
{
@ -256,8 +258,8 @@ class session
$u_ip = implode('.', array_slice(explode('.', $this->ip), 0, $config['ip_check']));
}
$s_browser = ($config['browser_check']) ? strtolower(substr($this->data['session_browser'], 0, 149)) : '';
$u_browser = ($config['browser_check']) ? strtolower(substr($this->browser, 0, 149)) : '';
$s_browser = ($config['browser_check']) ? trim(strtolower(substr($this->data['session_browser'], 0, 149))) : '';
$u_browser = ($config['browser_check']) ? trim(strtolower(substr($this->browser, 0, 149))) : '';
$s_forwarded_for = ($config['forwarded_for_check']) ? substr($this->data['session_forwarded_for'], 0, 254) : '';
$u_forwarded_for = ($config['forwarded_for_check']) ? substr($this->forwarded_for, 0, 254) : '';
@ -306,6 +308,7 @@ class session
if ($this->update_session_page)
{
$sql_ary['session_page'] = substr($this->page['page'], 0, 199);
$sql_ary['session_forum_id'] = $this->page['forum'];
}
$sql = 'UPDATE ' . SESSIONS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
@ -526,8 +529,8 @@ class session
$u_ip = implode('.', array_slice(explode('.', $this->ip), 0, $config['ip_check']));
}
$s_browser = ($config['browser_check']) ? strtolower(substr($this->data['session_browser'], 0, 149)) : '';
$u_browser = ($config['browser_check']) ? strtolower(substr($this->browser, 0, 149)) : '';
$s_browser = ($config['browser_check']) ? trim(strtolower(substr($this->data['session_browser'], 0, 149))) : '';
$u_browser = ($config['browser_check']) ? trim(strtolower(substr($this->browser, 0, 149))) : '';
$s_forwarded_for = ($config['forwarded_for_check']) ? substr($this->data['session_forwarded_for'], 0, 254) : '';
$u_forwarded_for = ($config['forwarded_for_check']) ? substr($this->forwarded_for, 0, 254) : '';
@ -546,6 +549,7 @@ class session
if ($this->update_session_page)
{
$sql_ary['session_page'] = substr($this->page['page'], 0, 199);
$sql_ary['session_forum_id'] = $this->page['forum'];
}
$sql = 'UPDATE ' . SESSIONS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
@ -579,7 +583,7 @@ class session
'session_start' => (int) $this->time_now,
'session_last_visit' => (int) $this->data['session_last_visit'],
'session_time' => (int) $this->time_now,
'session_browser' => (string) substr($this->browser, 0, 149),
'session_browser' => (string) trim(substr($this->browser, 0, 149)),
'session_forwarded_for' => (string) $this->forwarded_for,
'session_ip' => (string) $this->ip,
'session_autologin' => ($session_autologin) ? 1 : 0,
@ -590,6 +594,7 @@ class session
if ($this->update_session_page)
{
$sql_ary['session_page'] = (string) substr($this->page['page'], 0, 199);
$sql_ary['session_forum_id'] = $this->page['forum'];
}
$db->sql_return_on_error(true);
@ -604,6 +609,8 @@ class session
// Limit new sessions in 1 minute period (if required)
if (empty($this->data['session_time']) && $config['active_sessions'])
{
// $db->sql_return_on_error(false);
$sql = 'SELECT COUNT(session_id) AS sessions
FROM ' . SESSIONS_TABLE . '
WHERE session_time >= ' . ($this->time_now - 60);
@ -619,10 +626,15 @@ class session
}
}
// Since we re-create the session id here, the inserted row must be unique. Therefore, we display potential errors.
// Commented out because it will not allow forums to update correctly
// $db->sql_return_on_error(false);
$this->session_id = $this->data['session_id'] = md5(unique_id());
$sql_ary['session_id'] = (string) $this->session_id;
$sql_ary['session_page'] = (string) substr($this->page['page'], 0, 199);
$sql_ary['session_forum_id'] = $this->page['forum'];
$sql = 'INSERT INTO ' . SESSIONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
$db->sql_query($sql);
@ -649,11 +661,11 @@ class session
$this->set_cookie('sid', $this->session_id, $cookie_expire);
unset($cookie_expire);
$sql = 'SELECT COUNT(session_id) AS sessions
FROM ' . SESSIONS_TABLE . '
WHERE session_user_id = ' . (int) $this->data['user_id'] . '
AND session_time >= ' . ($this->time_now - $config['form_token_lifetime']);
AND session_time >= ' . (int) ($this->time_now - (max($config['session_length'], $config['form_token_lifetime'])));
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
@ -777,7 +789,7 @@ class session
global $db, $config;
$batch_size = 10;
if (!$this->time_now)
{
$this->time_now = time();
@ -825,7 +837,7 @@ class session
// Less than 10 users, update gc timer ... else we want gc
// called again to delete other sessions
set_config('session_last_gc', $this->time_now, true);
if ($config['max_autologin_time'])
{
$sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . '
@ -834,14 +846,14 @@ class session
}
$this->confirm_gc();
}
return;
}
function confirm_gc($type = 0)
{
global $db, $config;
$sql = 'SELECT DISTINCT c.session_id
FROM ' . CONFIRM_TABLE . ' c
LEFT JOIN ' . SESSIONS_TABLE . ' s ON (c.session_id = s.session_id)
@ -867,12 +879,16 @@ class session
}
$db->sql_freeresult($result);
}
/**
* Sets a cookie
*
* Sets a cookie of the given name with the specified data for the given length of time.
* Sets a cookie of the given name with the specified data for the given length of time. If no time is specified, a session cookie will be set.
*
* @param string $name Name of the cookie, will be automatically prefixed with the phpBB cookie name. track becomes [cookie_name]_track then.
* @param string $cookiedata The data to hold within the cookie
* @param int $cookietime The expiration time as UNIX timestamp. If 0 is provided, a session cookie is set.
*/
function set_cookie($name, $cookiedata, $cookietime)
{
@ -882,7 +898,7 @@ class session
$expire = gmdate('D, d-M-Y H:i:s \\G\\M\\T', $cookietime);
$domain = (!$config['cookie_domain'] || $config['cookie_domain'] == 'localhost' || $config['cookie_domain'] == '127.0.0.1') ? '' : '; domain=' . $config['cookie_domain'];
header('Set-Cookie: ' . $name_data . '; expires=' . $expire . '; path=' . $config['cookie_path'] . $domain . ((!$config['cookie_secure']) ? '' : '; secure') . '; HttpOnly', false);
header('Set-Cookie: ' . $name_data . (($cookietime) ? '; expires=' . $expire : '') . '; path=' . $config['cookie_path'] . $domain . ((!$config['cookie_secure']) ? '' : '; secure') . '; HttpOnly', false);
}
/**
@ -1477,6 +1493,7 @@ class user extends session
$sql = 'SELECT image_name, image_filename, image_lang, image_height, image_width
FROM ' . STYLES_IMAGESET_DATA_TABLE . '
WHERE imageset_id = ' . $this->theme['imageset_id'] . "
AND image_filename <> ''
AND image_lang IN ('" . $db->sql_escape($this->img_lang) . "', '')";
$result = $db->sql_query($sql, 3600);

2
phpBB/includes/ucp/ucp_attachments.php
View file

@ -150,7 +150,7 @@ class ucp_attachments
'FILENAME' => $row['real_filename'],
'COMMENT' => bbcode_nl2br($row['attach_comment']),
'EXTENSION' => $row['extension'],
'SIZE' => ($row['filesize'] >= 1048576) ? ($row['filesize'] >> 20) . ' ' . $user->lang['MB'] : (($row['filesize'] >= 1024) ? ($row['filesize'] >> 10) . ' ' . $user->lang['KB'] : $row['filesize'] . ' ' . $user->lang['BYTES']),
'SIZE' => get_formatted_filesize($row['filesize']),
'DOWNLOAD_COUNT' => $row['download_count'],
'POST_TIME' => $user->format_date($row['filetime']),
'TOPIC_TITLE' => ($row['in_message']) ? $row['message_title'] : $row['topic_title'],

20
phpBB/includes/ucp/ucp_groups.php
View file

@ -127,6 +127,18 @@ class ucp_groups
}
list(, $row) = each($row);
$sql = 'SELECT group_type
FROM ' . GROUPS_TABLE . '
WHERE group_id = ' . $group_id;
$result = $db->sql_query($sql);
$group_type = (int) $db->sql_fetchfield('group_type');
$db->sql_freeresult($result);
if ($group_type != GROUP_OPEN && $group_type != GROUP_FREE)
{
trigger_error($user->lang['CANNOT_RESIGN_GROUP'] . $return_page);
}
if (confirm_box(true))
{
group_user_del($group_id, $user->data['user_id']);
@ -697,8 +709,8 @@ class ucp_groups
'U_SWATCH' => append_sid("{$phpbb_root_path}adm/swatch.$phpEx", 'form=ucp&amp;name=group_colour'),
'S_UCP_ACTION' => $this->u_action . "&amp;action=$action&amp;g=$group_id",
'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], round($config['avatar_filesize'] / 1024)))
);
'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], $config['avatar_filesize'] / 1024),
));
break;
@ -1002,6 +1014,8 @@ class ucp_groups
{
trigger_error($user->lang[$error] . $return_page);
}
trigger_error($user->lang['GROUP_USERS_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&amp;action=list&amp;g=' . $group_id . '">', '</a>'));
}
else
{
@ -1016,7 +1030,7 @@ class ucp_groups
confirm_box(false, sprintf($user->lang['GROUP_CONFIRM_ADD_USER' . ((sizeof($name_ary) == 1) ? '' : 'S')], implode(', ', $name_ary)), build_hidden_fields($s_hidden_fields));
}
trigger_error($user->lang['GROUP_USERS_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&amp;action=list&amp;g=' . $group_id . '">', '</a>'));
trigger_error($user->lang['NO_USERS_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&amp;action=list&amp;g=' . $group_id . '">', '</a>'));
break;

2
phpBB/includes/ucp/ucp_pm.php
View file

@ -92,7 +92,7 @@ class ucp_pm
{
if ($user->data['user_new_privmsg'])
{
$l_new_message = ($user->data['user_new_privmsg'] == 1 ) ? $user->lang['YOU_NEW_PM'] : $user->lang['YOU_NEW_PMS'];
$l_new_message = ($user->data['user_new_privmsg'] == 1) ? $user->lang['YOU_NEW_PM'] : $user->lang['YOU_NEW_PMS'];
}
else
{

41
phpBB/includes/ucp/ucp_pm_compose.php
View file

@ -465,7 +465,8 @@ function compose_pm($id, $mode, $action)
'forum_id' => 0,
'save_time' => $current_time,
'draft_subject' => $subject,
'draft_message' => $message)
'draft_message' => $message
)
);
$db->sql_query($sql);
@ -488,18 +489,20 @@ function compose_pm($id, $mode, $action)
'g' => $to_group_id,
'p' => $msg_id)
);
$s_hidden_fields .= build_address_field($address_list);
confirm_box(false, 'SAVE_DRAFT', $s_hidden_fields);
}
}
else
{
if (!$subject || !utf8_clean_string($subject))
if (utf8_clean_string($subject) === '')
{
$error[] = $user->lang['EMPTY_MESSAGE_SUBJECT'];
}
if (!$message)
if (utf8_clean_string($message) === '')
{
$error[] = $user->lang['TOO_FEW_CHARS'];
}
@ -541,7 +544,7 @@ function compose_pm($id, $mode, $action)
if ($submit || $preview || $refresh)
{
if (!check_form_key('ucp_pm_compose'))
if (($submit || $preview) && !check_form_key('ucp_pm_compose'))
{
$error[] = $user->lang['FORM_INVALID'];
}
@ -600,7 +603,7 @@ function compose_pm($id, $mode, $action)
// Subject defined
if ($submit)
{
if (!$subject || !utf8_clean_string($subject))
if (utf8_clean_string($subject) === '')
{
$error[] = $user->lang['EMPTY_MESSAGE_SUBJECT'];
}
@ -888,15 +891,9 @@ function compose_pm($id, $mode, $action)
}
// Build hidden address list
$s_hidden_address_field = '';
foreach ($address_list as $type => $adr_ary)
{
foreach ($adr_ary as $id => $field)
{
$s_hidden_address_field .= '<input type="hidden" name="address_list[' . (($type == 'u') ? 'u' : 'g') . '][' . (int) $id . ']" value="' . (($field == 'to') ? 'to' : 'bcc') . '" />';
}
}
$s_hidden_address_field = build_address_field($address_list);
$bbcode_checked = (isset($enable_bbcode)) ? !$enable_bbcode : (($config['allow_bbcode'] && $auth->acl_get('u_pm_bbcode')) ? !$user->optionget('bbcode') : 1);
$smilies_checked = (isset($enable_smilies)) ? !$enable_smilies : (($config['allow_smilies'] && $auth->acl_get('u_pm_smilies')) ? !$user->optionget('smilies') : 1);
$urls_checked = (isset($enable_urls)) ? !$enable_urls : 0;
@ -1117,6 +1114,22 @@ function handle_message_list_actions(&$address_list, &$error, $remove_u, $remove
}
}
/**
* Build the hidden field for the recipients. Needed, as the variable is not read via request_var.
*/
function build_address_field($address_list)
{
$s_hidden_address_field = '';
foreach ($address_list as $type => $adr_ary)
{
foreach ($adr_ary as $id => $field)
{
$s_hidden_address_field .= '<input type="hidden" name="address_list[' . (($type == 'u') ? 'u' : 'g') . '][' . (int) $id . ']" value="' . (($field == 'to') ? 'to' : 'bcc') . '" />';
}
}
return $s_hidden_address_field;
}
/**
* Return number of private message recipients
*/

2
phpBB/includes/ucp/ucp_prefs.php
View file

@ -114,7 +114,7 @@ class ucp_prefs
$s_custom = false;
$dateformat_options .= '<option value="custom"';
if (!in_array($data['dateformat'], array_keys($user->lang['dateformats'])))
if (!isset($user->lang['dateformats'][$data['dateformat']]))
{
$dateformat_options .= ' selected="selected"';
$s_custom = true;

8
phpBB/includes/ucp/ucp_profile.php
View file

@ -295,6 +295,7 @@ class ucp_profile
$data['bday_day'] = request_var('bday_day', $data['bday_day']);
$data['bday_month'] = request_var('bday_month', $data['bday_month']);
$data['bday_year'] = request_var('bday_year', $data['bday_year']);
$data['user_birthday'] = sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']);
}
add_form_key('ucp_profile_info');
@ -325,6 +326,7 @@ class ucp_profile
'bday_day' => array('num', true, 1, 31),
'bday_month' => array('num', true, 1, 12),
'bday_year' => array('num', true, 1901, gmdate('Y', time()) + 50),
'user_birthday' => array('date', true),
));
}
@ -359,7 +361,7 @@ class ucp_profile
if ($config['allow_birthdays'])
{
$sql_ary['user_birthday'] = sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']);
$sql_ary['user_birthday'] = $data['user_birthday'];
}
$sql = 'UPDATE ' . USERS_TABLE . '
@ -592,8 +594,8 @@ class ucp_profile
'S_FORM_ENCTYPE' => ($can_upload) ? ' enctype="multipart/form-data"' : '',
'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], round($config['avatar_filesize'] / 1024)),)
);
'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], $config['avatar_filesize'] / 1024),
));
if ($display_gallery && $auth->acl_get('u_chgavatar') && $config['allow_avatar_local'])
{

50
phpBB/includes/ucp/ucp_register.php
View file

@ -43,14 +43,6 @@ class ucp_register
$submit = (isset($_POST['submit'])) ? true : false;
$change_lang = request_var('change_lang', '');
$user_lang = request_var('lang', $user->lang_name);
// not so fast, buddy
if (($submit && !check_form_key('ucp_register', false, '', false, $config['min_time_reg']))
|| (!$submit && !check_form_key('ucp_register_terms', false, '', false, $config['min_time_terms'])))
{
$agreed = false;
}
if ($agreed)
{
@ -92,7 +84,7 @@ class ucp_register
$error = $cp_data = $cp_error = array();
//
if (!$agreed || ($coppa === false && $config['coppa_enable']) || ($coppa && !$config['coppa_enable']))
{
$add_lang = ($change_lang) ? '&amp;change_lang=' . urlencode($change_lang) : '';
@ -103,12 +95,13 @@ class ucp_register
// If we change the language, we want to pass on some more possible parameter.
if ($change_lang)
{
// We do not include the password!
// We do not include the password
$s_hidden_fields = array_merge($s_hidden_fields, array(
'username' => utf8_normalize_nfc(request_var('username', '', true)),
'email' => strtolower(request_var('email', '')),
'email_confirm' => strtolower(request_var('email_confirm', '')),
'confirm_code' => request_var('confirm_code', ''),
'confirm_id' => request_var('confirm_id', ''),
'lang' => $user->lang_name,
'tz' => request_var('tz', (float) $config['board_timezone']),
));
@ -141,7 +134,6 @@ class ucp_register
'S_REGISTRATION' => true,
'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields),
'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang . $add_coppa),
'S_TIME' => 1000 * ((int) $config['min_time_terms']),
)
);
}
@ -200,7 +192,10 @@ class ucp_register
'tz' => array('num', false, -14, 14),
'lang' => array('match', false, '#^[a-z_\-]{2,}$#i'),
));
if (!check_form_key('ucp_register'))
{
$error[] = $user->lang['FORM_INVALID'];
}
// Replace "error" strings with their real, localised form
$error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
@ -451,13 +446,32 @@ class ucp_register
$confirm_image = '';
// Visual Confirmation - Show images
if ($config['enable_confirm'])
{
$str = '';
if (!$change_lang)
if ($change_lang)
{
$str = '&amp;change_lang=' . $change_lang;
$sql = 'SELECT code
FROM ' . CONFIRM_TABLE . "
WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "'
AND session_id = '" . $db->sql_escape($user->session_id) . "'
AND confirm_type = " . CONFIRM_REG;
$result = $db->sql_query($sql);
if (!$row = $db->sql_fetchrow($result))
{
$confirm_id = '';
}
$db->sql_freeresult($result);
}
else
{
$str = '';
}
if (!$change_lang || !$confirm_id)
{
$user->confirm_gc(CONFIRM_REG);
$sql = 'SELECT COUNT(session_id) AS attempts
FROM ' . CONFIRM_TABLE . "
WHERE session_id = '" . $db->sql_escape($user->session_id) . "'
@ -487,11 +501,6 @@ class ucp_register
);
$db->sql_query($sql);
}
else
{
$str .= '&amp;change_lang=' . $change_lang;
}
$confirm_image = '<img src="' . append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=confirm&amp;id=' . $confirm_id . '&amp;type=' . CONFIRM_REG . $str) . '" alt="" title="" />';
$s_hidden_fields .= '<input type="hidden" name="confirm_id" value="' . $confirm_id . '" />';
}
@ -529,7 +538,6 @@ class ucp_register
'S_COPPA' => $coppa,
'S_HIDDEN_FIELDS' => $s_hidden_fields,
'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'),
'S_TIME' => 1000 * ((int) $config['min_time_reg']),
)
);

6
phpBB/install/convertors/convert_phpbb20.php
View file

@ -482,14 +482,16 @@ if (!$get_info)
array('topic_moved_id', 0, ''),
array('topic_type', 'topics.topic_type', 'phpbb_convert_topic_type'),
array('topic_first_post_id', 'topics.topic_first_post_id', ''),
array('topic_last_view_time', 'posts.post_time', ''),
array('poll_title', 'vote_desc.vote_text', array('function1' => 'null_to_str', 'function2' => 'phpbb_set_encoding', 'function3' => 'utf8_htmlspecialchars')),
array('poll_start', 'vote_desc.vote_start', 'null_to_zero'),
array('poll_length', 'vote_desc.vote_length', 'null_to_zero'),
array('poll_max_options', 1, ''),
array('poll_vote_change', 0, ''),
'left_join' => 'topics LEFT JOIN vote_desc ON topics.topic_id = vote_desc.topic_id AND topics.topic_vote = 1',
'left_join' => array ( 'topics LEFT JOIN vote_desc ON topics.topic_id = vote_desc.topic_id AND topics.topic_vote = 1',
'topics LEFT JOIN posts ON topics.topic_last_post_id = posts.post_id',
),
'where' => 'topics.topic_moved_id = 0',
),

2
phpBB/install/convertors/functions_phpbb20.php
View file

@ -455,7 +455,7 @@ function phpbb_get_birthday($birthday = '')
{
$birthday = (int) $birthday;
if (!$birthday || $birthday == 999999 || $birthday < 0)
if (!$birthday || $birthday == 999999 || ((version_compare(PHP_VERSION, '5.1.0') < 0) && $birthday < 0))
{
return ' 0- 0- 0';
}

58
phpBB/install/database_update.php
View file

@ -8,9 +8,9 @@
*
*/
$updates_to_version = '3.0.0';
$updates_to_version = '3.0.1-RC1';
// Return if we "just include it" to find out for which version the database update is responsuble for
// Return if we "just include it" to find out for which version the database update is responsible for
if (defined('IN_PHPBB') && defined('IN_INSTALL'))
{
return;
@ -473,6 +473,29 @@ $database_update_info = array(
),
),
),
// Changes from 3.0.0 to the next version
'3.0.0' => array(
// Add the following columns
'add_columns' => array(
FORUMS_TABLE => array(
'display_subforum_list' => array('BOOL', 1),
),
SESSIONS_TABLE => array(
'session_forum_id' => array('UINT', 0),
),
),
'add_index' => array(
SESSIONS_TABLE => array(
'session_forum_id' => array('session_forum_id'),
),
GROUPS_TABLE => array(
'group_legend_name' => array('group_legend', 'group_name'),
),
),
'drop_keys' => array(
GROUPS_TABLE => array('group_legend'),
),
),
);
// Determine mapping database type
@ -616,6 +639,9 @@ if (version_compare($current_version, '3.0.RC8', '<='))
$modify_users = request_var('modify_users', array(0 => ''));
$new_usernames = request_var('new_usernames', array(0 => ''), true);
// We need this file if someone wants to edit usernames.
include($phpbb_root_path . 'includes/utf/utf_normalizer.' . $phpEx);
if (!class_exists('utf_new_normalizer'))
{
if (!file_exists($phpbb_root_path . 'install/data/new_normalizer.' . $phpEx))
@ -1547,6 +1573,34 @@ if (version_compare($current_version, '3.0.RC5', '<='))
$no_updates = false;
}
if (version_compare($current_version, '3.0.0', '<='))
{
$sql = 'UPDATE ' . TOPICS_TABLE . "
SET topic_last_view_time = topic_last_post_time
WHERE topic_last_view_time = 0";
_sql($sql, $errored, $error_ary);
// Update smiley sizes
$smileys = array('icon_e_surprised.gif', 'icon_eek.gif', 'icon_cool.gif', 'icon_lol.gif', 'icon_mad.gif', 'icon_razz.gif', 'icon_redface.gif', 'icon_cry.gif', 'icon_evil.gif', 'icon_twisted.gif', 'icon_rolleyes.gif', 'icon_exclaim.gif', 'icon_question.gif', 'icon_idea.gif', 'icon_arrow.gif', 'icon_neutral.gif', 'icon_mrgreen.gif', 'icon_e_ugeek.gif');
foreach ($smileys as $smiley)
{
if (file_exists($phpbb_root_path . 'images/smilies/' . $smiley))
{
list($width, $height) = getimagesize($phpbb_root_path . 'images/smilies/' . $smiley);
$sql = 'UPDATE ' . SMILIES_TABLE . '
SET smiley_width = ' . $width . ', smiley_height = ' . $height . "
WHERE smiley_url = '" . $db->sql_escape($smiley) . "'";
_sql($sql, $errored, $error_ary);
}
}
// TODO: remove all form token min times
$no_updates = false;
}
_write_result($no_updates, $errored, $error_ary);
$error_ary = array();

13
phpBB/install/index.php
View file

@ -450,7 +450,7 @@ class module
global $db, $template;
$template->display('body');
// Close our DB connection.
if (!empty($db) && is_object($db))
{
@ -493,7 +493,8 @@ class module
*/
function redirect($page)
{
$server_name = (!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME');
// HTTP_HOST is having the correct browser url in most cases...
$server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'));
$server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT');
$secure = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 1 : 0;
@ -511,7 +512,11 @@ class module
if ($server_port && (($secure && $server_port <> 443) || (!$secure && $server_port <> 80)))
{
$url .= ':' . $server_port;
// HTTP HOST can carry a port number...
if (strpos($server_name, ':') === false)
{
$url .= ':' . $server_port;
}
}
$url .= $script_path . '/' . $page;
@ -535,7 +540,7 @@ class module
$l_cat = (!empty($lang['CAT_' . $cat])) ? $lang['CAT_' . $cat] : preg_replace('#_#', ' ', $cat);
$cat = strtolower($cat);
$url = $this->module_url . "?mode=$cat&amp;language=$language";
if ($this->mode == $cat)
{
$template->assign_block_vars('t_block1', array(

13
phpBB/install/install_convert.php
View file

@ -407,7 +407,7 @@ class install_convert extends module
$error = array();
if ($submit)
{
if (!file_exists('./../' . $forum_path . '/' . $test_file))
if (!@file_exists('./../' . $forum_path . '/' . $test_file))
{
$error[] = sprintf($lang['COULD_NOT_FIND_PATH'], $forum_path);
}
@ -422,8 +422,7 @@ class install_convert extends module
}
else
{
$src_dbpasswd = htmlspecialchars_decode($src_dbpasswd);
$connect_test = connect_check_db(true, $error, $available_dbms[$src_dbms], $src_table_prefix, $src_dbhost, $src_dbuser, $src_dbpasswd, $src_dbname, $src_dbport, true, ($src_dbms == $dbms) ? false : true, false);
$connect_test = connect_check_db(true, $error, $available_dbms[$src_dbms], $src_table_prefix, $src_dbhost, $src_dbuser, htmlspecialchars_decode($src_dbpasswd), $src_dbname, $src_dbport, true, ($src_dbms == $dbms) ? false : true, false);
}
// The forum prefix of the old and the new forum can only be the same if two different databases are used.
@ -443,7 +442,7 @@ class install_convert extends module
{
$sql_db = 'dbal_' . $src_dbms;
$src_db = new $sql_db();
$src_db->sql_connect($src_dbhost, $src_dbuser, $src_dbpasswd, $src_dbname, $src_dbport, false, true);
$src_db->sql_connect($src_dbhost, $src_dbuser, htmlspecialchars_decode($src_dbpasswd), $src_dbname, $src_dbport, false, true);
$same_db = false;
}
else
@ -666,7 +665,7 @@ class install_convert extends module
}
$sql_db = 'dbal_' . $convert->src_dbms;
$src_db = new $sql_db();
$src_db->sql_connect($convert->src_dbhost, $convert->src_dbuser, $convert->src_dbpasswd, $convert->src_dbname, $convert->src_dbport, false, true);
$src_db->sql_connect($convert->src_dbhost, $convert->src_dbuser, htmlspecialchars_decode($convert->src_dbpasswd), $convert->src_dbname, $convert->src_dbport, false, true);
$same_db = false;
}
else
@ -1219,7 +1218,7 @@ class install_convert extends module
$template->assign_block_vars('checks', array(
'TITLE' => "skip_rows = $skip_rows",
'RESULT' => $rows . ((defined('DEBUG_EXTRA') && function_exists('memory_get_usage')) ? ceil(memory_get_usage()/1024) . ' KB' : ''),
'RESULT' => $rows . ((defined('DEBUG_EXTRA') && function_exists('memory_get_usage')) ? ceil(memory_get_usage()/1024) . ' ' . $user->lang['KIB'] : ''),
));
$mtime = explode(' ', microtime());
@ -1490,7 +1489,7 @@ class install_convert extends module
sync('topic', 'range', 'topic_id BETWEEN ' . $sync_batch . ' AND ' . $end, true, true);
$template->assign_block_vars('checks', array(
'TITLE' => sprintf($user->lang['SYNC_TOPIC_ID'], $sync_batch, ($sync_batch + $batch_size)) . ((defined('DEBUG_EXTRA') && function_exists('memory_get_usage')) ? ' [' . ceil(memory_get_usage()/1024) . ' KB]' : ''),
'TITLE' => sprintf($user->lang['SYNC_TOPIC_ID'], $sync_batch, ($sync_batch + $batch_size)) . ((defined('DEBUG_EXTRA') && function_exists('memory_get_usage')) ? ' [' . ceil(memory_get_usage()/1024) . ' ' . $user->lang['KIB'] . ']' : ''),
'RESULT' => $user->lang['DONE'],
));

84
phpBB/install/install_install.php
View file

@ -77,7 +77,7 @@ class install_install extends module
case 'database':
$this->obtain_database_settings($mode, $sub);
break;
case 'administrator':
@ -87,7 +87,7 @@ class install_install extends module
case 'config_file':
$this->create_config_file($mode, $sub);
break;
case 'advanced':
@ -105,7 +105,7 @@ class install_install extends module
$this->add_language($mode, $sub);
$this->add_bots($mode, $sub);
$this->email_admin($mode, $sub);
// Remove the lock file
@unlink($phpbb_root_path . 'cache/install_lock');
@ -151,7 +151,7 @@ class install_install extends module
// We also give feedback on whether we're running in safe mode
$result = '<strong style="color:green">' . $lang['YES'];
if (@ini_get('safe_mode') || strtolower(@ini_get('safe_mode')) == 'on')
if (@ini_get('safe_mode') == '1' || strtolower(@ini_get('safe_mode')) == 'on')
{
$result .= ', ' . $lang['PHP_SAFE_MODE'];
}
@ -184,8 +184,8 @@ class install_install extends module
'S_EXPLAIN' => true,
'S_LEGEND' => false,
));
// Check for url_fopen
if (@ini_get('allow_url_fopen') == '1' || strtolower(@ini_get('allow_url_fopen')) == 'on')
{
@ -204,8 +204,8 @@ class install_install extends module
'S_EXPLAIN' => true,
'S_LEGEND' => false,
));
// Check for getimagesize
if (@function_exists('getimagesize'))
{
@ -551,7 +551,7 @@ class install_install extends module
}
else
{
$connect_test = connect_check_db(true, $error, $available_dbms[$data['dbms']], $data['table_prefix'], $data['dbhost'], $data['dbuser'], $data['dbpasswd'], $data['dbname'], $data['dbport']);
$connect_test = connect_check_db(true, $error, $available_dbms[$data['dbms']], $data['table_prefix'], $data['dbhost'], $data['dbuser'], htmlspecialchars_decode($data['dbpasswd']), $data['dbname'], $data['dbport']);
}
$template->assign_block_vars('checks', array(
@ -802,7 +802,7 @@ class install_install extends module
$s_hidden_fields .= '<input type="hidden" name="' . $config_key . '" value="' . $data[$config_key] . '" />';
}
}
$s_hidden_fields .= ($data['img_imagick']) ? '<input type="hidden" name="img_imagick" value="' . addslashes($data['img_imagick']) . '" />' : '';
$s_hidden_fields .= '<input type="hidden" name="language" value="' . $data['language'] . '" />';
@ -884,21 +884,30 @@ class install_install extends module
// Time to convert the data provided into a config file
$config_data = "<?php\n";
$config_data .= "// phpBB 3.0.x auto-generated configuration file\n// Do not change anything in this file!\n";
$config_data .= "\$dbms = '" . $available_dbms[$data['dbms']]['DRIVER'] . "';\n";
$config_data .= "\$dbhost = '{$data['dbhost']}';\n";
$config_data .= "\$dbport = '{$data['dbport']}';\n";
$config_data .= "\$dbname = '{$data['dbname']}';\n";
$config_data .= "\$dbuser = '{$data['dbuser']}';\n";
$config_data .= "\$dbpasswd = '{$data['dbpasswd']}';\n\n";
$config_data .= "\$table_prefix = '{$data['table_prefix']}';\n";
// $config_data .= "\$acm_type = '" . (($acm_type) ? $acm_type : 'file') . "';\n";
$config_data .= "\$acm_type = 'file';\n";
$config_data .= "\$load_extensions = '$load_extensions';\n\n";
$config_data .= "@define('PHPBB_INSTALLED', true);\n";
$config_data_array = array(
'dbms' => $available_dbms[$data['dbms']]['DRIVER'],
'dbhost' => $data['dbhost'],
'dbport' => $data['dbport'],
'dbname' => $data['dbname'],
'dbuser' => $data['dbuser'],
'dbpasswd' => htmlspecialchars_decode($data['dbpasswd']),
'table_prefix' => $data['table_prefix'],
'acm_type' => 'file',
'load_extensions' => $load_extensions,
);
foreach ($config_data_array as $key => $value)
{
$config_data .= "\${$key} = '" . str_replace("'", "\\'", str_replace('\\', '\\\\', $value)) . "';\n";
}
unset($config_data_array);
$config_data .= "\n@define('PHPBB_INSTALLED', true);\n";
$config_data .= "// @define('DEBUG', true);\n";
$config_data .= "// @define('DEBUG_EXTRA', true);\n";
$config_data .= '?' . '>'; // Done this to prevent highlighting editors getting confused!
// Attempt to write out the config file directly. If it works, this is the easiest way to do it ...
if ((file_exists($phpbb_root_path . 'config.' . $phpEx) && is_writable($phpbb_root_path . 'config.' . $phpEx)) || is_writable($phpbb_root_path))
{
@ -1009,8 +1018,11 @@ class install_install extends module
$s_hidden_fields = ($data['img_imagick']) ? '<input type="hidden" name="img_imagick" value="' . addslashes($data['img_imagick']) . '" />' : '';
$s_hidden_fields .= '<input type="hidden" name="language" value="' . $data['language'] . '" />';
// HTTP_HOST is having the correct browser url in most cases...
$server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'));
$data['email_enable'] = ($data['email_enable'] !== '') ? $data['email_enable'] : true;
$data['server_name'] = ($data['server_name'] !== '') ? $data['server_name'] : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'));
$data['server_name'] = ($data['server_name'] !== '') ? $data['server_name'] : $server_name;
$data['server_port'] = ($data['server_port'] !== '') ? $data['server_port'] : ((!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT'));
$data['server_protocol'] = ($data['server_protocol'] !== '') ? $data['server_protocol'] : ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 'https://' : 'http://');
$data['cookie_secure'] = ($data['cookie_secure'] !== '') ? $data['cookie_secure'] : ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? true : false);
@ -1100,7 +1112,9 @@ class install_install extends module
$this->p_master->redirect("index.$phpEx?mode=install");
}
$cookie_domain = ($data['server_name'] != '') ? $data['server_name'] : (!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME');
// HTTP_HOST is having the correct browser url in most cases...
$server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'));
$cookie_domain = ($data['server_name'] != '') ? $data['server_name'] : $server_name;
// Try to come up with the best solution for cookie domain...
if (strpos($cookie_domain, 'www.') === 0)
@ -1124,7 +1138,7 @@ class install_install extends module
// Instantiate the database
$db = new $sql_db();
$db->sql_connect($data['dbhost'], $data['dbuser'], $data['dbpasswd'], $data['dbname'], $data['dbport'], false, false);
$db->sql_connect($data['dbhost'], $data['dbuser'], htmlspecialchars_decode($data['dbpasswd']), $data['dbname'], $data['dbport'], false, false);
// NOTE: trigger_error does not work here.
$db->sql_return_on_error(true);
@ -1305,11 +1319,11 @@ class install_install extends module
'UPDATE ' . $data['table_prefix'] . "config
SET config_value = '" . $db->sql_escape($data['admin_name']) . "'
WHERE config_name = 'newest_username'",
'UPDATE ' . $data['table_prefix'] . "config
SET config_value = '" . md5(mt_rand()) . "'
WHERE config_name = 'avatar_salt'",
'UPDATE ' . $data['table_prefix'] . "users
SET username = '" . $db->sql_escape($data['admin_name']) . "', user_password='" . $db->sql_escape(md5($data['admin_pass1'])) . "', user_ip = '" . $db->sql_escape($user_ip) . "', user_lang = '" . $db->sql_escape($data['default_lang']) . "', user_email='" . $db->sql_escape($data['board_email1']) . "', user_dateformat='" . $db->sql_escape($lang['default_dateformat']) . "', user_email_hash = " . (crc32($data['board_email1']) . strlen($data['board_email1'])) . ", username_clean = '" . $db->sql_escape(utf8_clean_string($data['admin_name'])) . "'
WHERE username = 'Admin'",
@ -1408,7 +1422,7 @@ class install_install extends module
// Instantiate the database
$db = new $sql_db();
$db->sql_connect($data['dbhost'], $data['dbuser'], $data['dbpasswd'], $data['dbname'], $data['dbport'], false, false);
$db->sql_connect($data['dbhost'], $data['dbuser'], htmlspecialchars_decode($data['dbpasswd']), $data['dbname'], $data['dbport'], false, false);
// NOTE: trigger_error does not work here.
$db->sql_return_on_error(true);
@ -1568,7 +1582,7 @@ class install_install extends module
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$_module->move_module_by($row, 'move_up', 4);
// Move permissions intro screen module 4 up...
@ -1580,7 +1594,7 @@ class install_install extends module
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$_module->move_module_by($row, 'move_up', 4);
// Move manage users screen module 5 up...
@ -1592,7 +1606,7 @@ class install_install extends module
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$_module->move_module_by($row, 'move_up', 5);
}
@ -1607,7 +1621,7 @@ class install_install extends module
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$_module->move_module_by($row, 'move_down', 4);
}
@ -1688,7 +1702,7 @@ class install_install extends module
if (is_dir($path) && file_exists($path . '/iso.txt'))
{
$lang_file = file("{$phpbb_root_path}language/$path/iso.txt");
$lang_file = file("$path/iso.txt");
$lang_pack = array(
'lang_iso' => basename($path),
@ -1832,7 +1846,7 @@ class install_install extends module
'user_dateformat' => $lang['default_dateformat'],
'user_allow_massemail' => 0,
);
$user_id = user_add($user_row);
if (!$user_id)
@ -1948,7 +1962,7 @@ class install_install extends module
'dbhost' => request_var('dbhost', ''),
'dbport' => request_var('dbport', ''),
'dbuser' => request_var('dbuser', ''),
'dbpasswd' => htmlspecialchars_decode(request_var('dbpasswd', '', true)),
'dbpasswd' => request_var('dbpasswd', '', true),
'dbname' => request_var('dbname', ''),
'table_prefix' => request_var('table_prefix', ''),
'default_lang' => basename(request_var('default_lang', '')),

6
phpBB/install/install_update.php
View file

@ -53,7 +53,7 @@ class install_update extends module
{
var $p_master;
var $update_info;
var $old_location;
var $new_location;
var $latest_version;
@ -764,7 +764,7 @@ class install_update extends module
{
continue;
}
$methods[] = $type;
}
@ -1490,7 +1490,7 @@ class install_update extends module
return;
}
if (in_array($file, array_keys($this->update_info['custom'])))
if (isset($this->update_info['custom'][$file]))
{
foreach ($this->update_info['custom'][$file] as $_file)
{

5
phpBB/install/schemas/firebird_schema.sql
View file

@ -362,6 +362,7 @@ CREATE TABLE phpbb_forums (
forum_last_poster_name VARCHAR(255) CHARACTER SET UTF8 DEFAULT '' NOT NULL COLLATE UNICODE,
forum_last_poster_colour VARCHAR(6) CHARACTER SET NONE DEFAULT '' NOT NULL,
forum_flags INTEGER DEFAULT 32 NOT NULL,
display_subforum_list INTEGER DEFAULT 1 NOT NULL,
display_on_index INTEGER DEFAULT 1 NOT NULL,
enable_indexing INTEGER DEFAULT 1 NOT NULL,
enable_icons INTEGER DEFAULT 1 NOT NULL,
@ -444,7 +445,7 @@ CREATE TABLE phpbb_groups (
ALTER TABLE phpbb_groups ADD PRIMARY KEY (group_id);;
CREATE INDEX phpbb_groups_group_legend ON phpbb_groups(group_legend);;
CREATE INDEX phpbb_groups_group_legend_name ON phpbb_groups(group_legend, group_name);;
CREATE GENERATOR phpbb_groups_gen;;
SET GENERATOR phpbb_groups_gen TO 0;;
@ -959,6 +960,7 @@ CREATE INDEX phpbb_search_wordmatch_post_id ON phpbb_search_wordmatch(post_id);;
CREATE TABLE phpbb_sessions (
session_id CHAR(32) CHARACTER SET NONE DEFAULT '' NOT NULL,
session_user_id INTEGER DEFAULT 0 NOT NULL,
session_forum_id INTEGER DEFAULT 0 NOT NULL,
session_last_visit INTEGER DEFAULT 0 NOT NULL,
session_start INTEGER DEFAULT 0 NOT NULL,
session_time INTEGER DEFAULT 0 NOT NULL,
@ -975,6 +977,7 @@ ALTER TABLE phpbb_sessions ADD PRIMARY KEY (session_id);;
CREATE INDEX phpbb_sessions_session_time ON phpbb_sessions(session_time);;
CREATE INDEX phpbb_sessions_session_user_id ON phpbb_sessions(session_user_id);;
CREATE INDEX phpbb_sessions_session_forum_id ON phpbb_sessions(session_forum_id);;
# Table: 'phpbb_sessions_keys'
CREATE TABLE phpbb_sessions_keys (

7
phpBB/install/schemas/mssql_schema.sql
View file

@ -438,6 +438,7 @@ CREATE TABLE [phpbb_forums] (
[forum_last_poster_name] [varchar] (255) DEFAULT ('') NOT NULL ,
[forum_last_poster_colour] [varchar] (6) DEFAULT ('') NOT NULL ,
[forum_flags] [int] DEFAULT (32) NOT NULL ,
[display_subforum_list] [int] DEFAULT (1) NOT NULL ,
[display_on_index] [int] DEFAULT (1) NOT NULL ,
[enable_indexing] [int] DEFAULT (1) NOT NULL ,
[enable_icons] [int] DEFAULT (1) NOT NULL ,
@ -555,7 +556,7 @@ ALTER TABLE [phpbb_groups] WITH NOCHECK ADD
) ON [PRIMARY]
GO
CREATE INDEX [group_legend] ON [phpbb_groups]([group_legend]) ON [PRIMARY]
CREATE INDEX [group_legend_name] ON [phpbb_groups]([group_legend], [group_name]) ON [PRIMARY]
GO
@ -1152,6 +1153,7 @@ GO
CREATE TABLE [phpbb_sessions] (
[session_id] [char] (32) DEFAULT ('') NOT NULL ,
[session_user_id] [int] DEFAULT (0) NOT NULL ,
[session_forum_id] [int] DEFAULT (0) NOT NULL ,
[session_last_visit] [int] DEFAULT (0) NOT NULL ,
[session_start] [int] DEFAULT (0) NOT NULL ,
[session_time] [int] DEFAULT (0) NOT NULL ,
@ -1178,6 +1180,9 @@ GO
CREATE INDEX [session_user_id] ON [phpbb_sessions]([session_user_id]) ON [PRIMARY]
GO
CREATE INDEX [session_forum_id] ON [phpbb_sessions]([session_forum_id]) ON [PRIMARY]
GO
/*
Table: 'phpbb_sessions_keys'

7
phpBB/install/schemas/mysql_40_schema.sql
View file

@ -248,6 +248,7 @@ CREATE TABLE phpbb_forums (
forum_last_poster_name blob NOT NULL,
forum_last_poster_colour varbinary(6) DEFAULT '' NOT NULL,
forum_flags tinyint(4) DEFAULT '32' NOT NULL,
display_subforum_list tinyint(1) UNSIGNED DEFAULT '1' NOT NULL,
display_on_index tinyint(1) UNSIGNED DEFAULT '1' NOT NULL,
enable_indexing tinyint(1) UNSIGNED DEFAULT '1' NOT NULL,
enable_icons tinyint(1) UNSIGNED DEFAULT '1' NOT NULL,
@ -313,7 +314,7 @@ CREATE TABLE phpbb_groups (
group_message_limit mediumint(8) UNSIGNED DEFAULT '0' NOT NULL,
group_legend tinyint(1) UNSIGNED DEFAULT '1' NOT NULL,
PRIMARY KEY (group_id),
KEY group_legend (group_legend)
KEY group_legend_name (group_legend, group_name(255))
);
@ -659,6 +660,7 @@ CREATE TABLE phpbb_search_wordmatch (
CREATE TABLE phpbb_sessions (
session_id binary(32) DEFAULT '' NOT NULL,
session_user_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL,
session_forum_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL,
session_last_visit int(11) UNSIGNED DEFAULT '0' NOT NULL,
session_start int(11) UNSIGNED DEFAULT '0' NOT NULL,
session_time int(11) UNSIGNED DEFAULT '0' NOT NULL,
@ -671,7 +673,8 @@ CREATE TABLE phpbb_sessions (
session_admin tinyint(1) UNSIGNED DEFAULT '0' NOT NULL,
PRIMARY KEY (session_id),
KEY session_time (session_time),
KEY session_user_id (session_user_id)
KEY session_user_id (session_user_id),
KEY session_forum_id (session_forum_id)
);

7
phpBB/install/schemas/mysql_41_schema.sql
View file

@ -248,6 +248,7 @@ CREATE TABLE phpbb_forums (
forum_last_poster_name varchar(255) DEFAULT '' NOT NULL,
forum_last_poster_colour varchar(6) DEFAULT '' NOT NULL,
forum_flags tinyint(4) DEFAULT '32' NOT NULL,
display_subforum_list tinyint(1) UNSIGNED DEFAULT '1' NOT NULL,
display_on_index tinyint(1) UNSIGNED DEFAULT '1' NOT NULL,
enable_indexing tinyint(1) UNSIGNED DEFAULT '1' NOT NULL,
enable_icons tinyint(1) UNSIGNED DEFAULT '1' NOT NULL,
@ -313,7 +314,7 @@ CREATE TABLE phpbb_groups (
group_message_limit mediumint(8) UNSIGNED DEFAULT '0' NOT NULL,
group_legend tinyint(1) UNSIGNED DEFAULT '1' NOT NULL,
PRIMARY KEY (group_id),
KEY group_legend (group_legend)
KEY group_legend_name (group_legend, group_name)
) CHARACTER SET `utf8` COLLATE `utf8_bin`;
@ -659,6 +660,7 @@ CREATE TABLE phpbb_search_wordmatch (
CREATE TABLE phpbb_sessions (
session_id char(32) DEFAULT '' NOT NULL,
session_user_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL,
session_forum_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL,
session_last_visit int(11) UNSIGNED DEFAULT '0' NOT NULL,
session_start int(11) UNSIGNED DEFAULT '0' NOT NULL,
session_time int(11) UNSIGNED DEFAULT '0' NOT NULL,
@ -671,7 +673,8 @@ CREATE TABLE phpbb_sessions (
session_admin tinyint(1) UNSIGNED DEFAULT '0' NOT NULL,
PRIMARY KEY (session_id),
KEY session_time (session_time),
KEY session_user_id (session_user_id)
KEY session_user_id (session_user_id),
KEY session_forum_id (session_forum_id)
) CHARACTER SET `utf8` COLLATE `utf8_bin`;

6
phpBB/install/schemas/oracle_schema.sql
View file

@ -505,6 +505,7 @@ CREATE TABLE phpbb_forums (
forum_last_poster_name varchar2(765) DEFAULT '' ,
forum_last_poster_colour varchar2(6) DEFAULT '' ,
forum_flags number(4) DEFAULT '32' NOT NULL,
display_subforum_list number(1) DEFAULT '1' NOT NULL,
display_on_index number(1) DEFAULT '1' NOT NULL,
enable_indexing number(1) DEFAULT '1' NOT NULL,
enable_icons number(1) DEFAULT '1' NOT NULL,
@ -606,7 +607,7 @@ CREATE TABLE phpbb_groups (
)
/
CREATE INDEX phpbb_groups_group_legend ON phpbb_groups (group_legend)
CREATE INDEX phpbb_groups_group_legend_name ON phpbb_groups (group_legend, group_name)
/
CREATE SEQUENCE phpbb_groups_seq
@ -1280,6 +1281,7 @@ CREATE INDEX phpbb_search_wordmatch_post_id ON phpbb_search_wordmatch (post_id)
CREATE TABLE phpbb_sessions (
session_id char(32) DEFAULT '' ,
session_user_id number(8) DEFAULT '0' NOT NULL,
session_forum_id number(8) DEFAULT '0' NOT NULL,
session_last_visit number(11) DEFAULT '0' NOT NULL,
session_start number(11) DEFAULT '0' NOT NULL,
session_time number(11) DEFAULT '0' NOT NULL,
@ -1298,6 +1300,8 @@ CREATE INDEX phpbb_sessions_session_time ON phpbb_sessions (session_time)
/
CREATE INDEX phpbb_sessions_session_user_id ON phpbb_sessions (session_user_id)
/
CREATE INDEX phpbb_sessions_session_forum_id ON phpbb_sessions (session_forum_id)
/
/*
Table: 'phpbb_sessions_keys'

Some files were not shown because too many files have changed in this diff Show more