Merge pull request #1 from phpbb/3.1.x

Bring version up to date 20150708

.jscsrc

@@ -0,0 +1,78 @@
+
+{
+  "excludeFiles": ["node_modules/**", "**/build/**"],
+  "requireCurlyBraces": [
+    "if", "else", "for", "while", "do", "try", "catch"
+  ],
+  "requireSpaceBeforeKeywords": [
+    "else", "while", "catch"
+  ],
+  "requireSpaceAfterKeywords": [
+    "do", "for", "if", "else", "switch", "case", "try", "catch", "while", "return", "typeof"
+  ],
+  "requireSpaceBeforeBlockStatements": true,
+  "requireParenthesesAroundIIFE": true,
+  "requireSpacesInConditionalExpression": {
+    "afterTest": true,
+    "beforeConsequent": true,
+    "afterConsequent": true,
+    "beforeAlternate": true
+  },
+  "requireSpacesInAnonymousFunctionExpression": {
+    "beforeOpeningCurlyBrace": true
+  },
+  "disallowSpacesInNamedFunctionExpression": {
+    "beforeOpeningRoundBrace": true
+  },
+  "requireSpacesInFunction": {
+    "beforeOpeningCurlyBrace": true
+  },
+  "disallowSpacesInCallExpression": true,
+  "requireBlocksOnNewline": true,
+  "requirePaddingNewlinesBeforeKeywords": ["case"],
+  "disallowEmptyBlocks": true,
+  "disallowSpacesInsideArrayBrackets": "nested",
+  "disallowSpacesInsideParentheses": true,
+  "requireSpacesInsideObjectBrackets": "all",
+  "disallowQuotedKeysInObjects": "allButReserved",
+  "disallowSpaceAfterObjectKeys": true,
+  "requireSpaceBeforeObjectValues": true,
+  "requireCommaBeforeLineBreak": true,
+  "requireOperatorBeforeLineBreak": [
+    "?", "=", "+", "-", "/", "*", "===", "!==", ">", ">=", "<", "<="
+  ],
+  "disallowSpaceAfterPrefixUnaryOperators": ["++", "--", "+", "-", "~", "!"],
+  "disallowSpaceBeforePostfixUnaryOperators": ["++", "--"],
+  "requireSpaceBeforeBinaryOperators": [
+    "=", "+", "+=", "-", "-=", "/", "/=", "*", "*=", "===", "!==", "<", "<=", ">", ">="
+  ],
+  "requireSpaceAfterBinaryOperators": [
+    "=", "+", "+=", "-", "-=", "/", "/=", "*", "*=", "===", "!==", "<", "<=", ">", ">="
+  ],
+  "disallowKeywords": ["with"],
+  "disallowMultipleLineStrings": true,
+  "disallowMixedSpacesAndTabs": "smart",
+  "disallowTrailingWhitespace": true,
+  "disallowTrailingComma": true,
+  "disallowKeywordsOnNewLine": ["else"],
+  "requireLineFeedAtFileEnd": true,
+  "maximumLineLength": {
+    "value": 120,
+    "tabSize": 4,
+    "allowUrlComments": true,
+    "allowRegex": true
+  },
+  "requireCapitalizedConstructors": true,
+  "requireDotNotation": true,
+  "disallowYodaConditions": true,
+  "requireSpaceAfterLineComment": {
+    "allExcept": ["#", "="]
+  },
+  "disallowNewlineBeforeBlockStatements": true,
+  "validateQuoteMarks": {
+    "mark": "'",
+    "escape": true
+  },
+  "validateParameterSeparator": ", ",
+  "safeContextKeyword": ["that"]
+}

.jshintrc

@@ -0,0 +1,24 @@
+
+{
+  "bitwise": true,
+  "curly": true,
+  "eqeqeq": true,
+  "es3": true,
+  "forin": false,
+  "freeze": true,
+  "newcap": true,
+  "noarg": true,
+  "noempty": true,
+  "nonbsp": true,
+  "undef": true,
+  "unused": true,
+  "strict": true,
+
+  "browser": true,
+  "devel": true,
+  "jquery": true,
+
+  "globals": {
+    "JSON": true
+  }
+}

.travis.yml

@@ -46,6 +46,7 @@ script:
   - travis/check-sami-parse-errors.sh $DB $TRAVIS_PHP_VERSION
   - travis/check-image-icc-profiles.sh $DB $TRAVIS_PHP_VERSION
   - travis/check-executable-files.sh $DB $TRAVIS_PHP_VERSION ./
+  - sh -c "if [ '$SLOWTESTS' != '1' -a '$DB' = 'mysqli' ]; then phpBB/vendor/bin/phpunit tests/lint_test.php; fi"
   - sh -c "if [ '$SLOWTESTS' != '1' ]; then phpBB/vendor/bin/phpunit --configuration travis/phpunit-$DB-travis.xml; fi"
   - sh -c "if [ '$SLOWTESTS' = '1' ]; then phpBB/vendor/bin/phpunit --configuration travis/phpunit-$DB-travis.xml --group slow; fi"
   - sh -c "if [ '$TRAVIS_PHP_VERSION' = '5.3.3' -a '$DB' = 'mysqli' -a '$TRAVIS_PULL_REQUEST' != 'false' ]; then git-tools/commit-msg-hook-range.sh origin/$TRAVIS_BRANCH..FETCH_HEAD; fi"

build/build.xml

@@ -2,9 +2,9 @@
 
 <project name="phpBB" description="The phpBB forum software" default="all" basedir="../">
 	<!-- a few settings for the build -->
-	<property name="newversion" value="3.1.4-dev" />
+	<property name="newversion" value="3.1.6-dev" />
-	<property name="prevversion" value="3.1.3" />
+	<property name="prevversion" value="3.1.5" />
-	<property name="olderversions" value="3.0.12, 3.0.13, 3.0.13-PL1, 3.1.0, 3.1.1, 3.1.2" />
+	<property name="olderversions" value="3.0.12, 3.0.13, 3.0.13-PL1, 3.0.14, 3.1.0, 3.1.1, 3.1.2, 3.1.3, 3.1.4" />
 	<!-- no configuration should be needed beyond this point -->
 
 	<property name="oldversions" value="${olderversions}, ${prevversion}" />
@@ -75,14 +75,14 @@
 
 	<target name="sniff">
 		<exec command="phpBB/vendor/bin/phpcs
-				-s
+				-s -p
 				--extensions=php
 				--standard=build/code_sniffer/ruleset-php-strict-core.xml
 				--ignore=${project.basedir}/phpBB/phpbb/db/migration/data/v30x/*
 				phpBB/phpbb"
 			dir="." returnProperty="retval-php-strict" passthru="true" />
 		<exec command="phpBB/vendor/bin/phpcs
-				-s
+				-s -p
 				--extensions=php
 				--standard=build/code_sniffer/ruleset-php-legacy-core.xml
 				--ignore=${project.basedir}/phpBB/cache/*
@@ -98,7 +98,7 @@
 				phpBB"
 			dir="." returnProperty="retval-php-legacy" passthru="true" />
 		<exec command="phpBB/vendor/bin/phpcs
-				-s
+				-s -p
 				--extensions=php
 				--standard=build/code_sniffer/ruleset-php-extensions.xml
 				--ignore=${project.basedir}/phpBB/ext/*/tests/*
@@ -149,7 +149,7 @@
 			<property name="dir" value="build/old_versions/release-${version}" />
 		</phingcall>
 
-		<exec dir="build/old_versions" command="LC_ALL=C diff -crNEBwd release-${version} release-${newversion} >
+		<exec dir="build/old_versions" command="LC_ALL=C diff -crNEBZbd release-${version} release-${newversion} >
 			../new_version/patches/phpBB-${version}_to_${newversion}.patch" escape="false" />
 		<exec dir="build/old_versions" command="LC_ALL=C diff -qr release-${version} release-${newversion} | grep 'Only in release-${version}' > ../new_version/patches/phpBB-${version}_to_${newversion}.deleted" escape="false" />
 	</target>
@@ -177,13 +177,13 @@
 	<target name="package" depends="clean,prepare,prepare-new-version,old-version-diffs">
 		<exec dir="build" command="php -f package.php '${versions}' > logs/package.log" escape="false" />
 		<exec dir="build" escape="false"
-			command="diff -crNEBwd old_versions/release-${prevversion}/language new_version/phpBB3/language >
+			command="LC_ALL=C diff -crNEBZbd old_versions/release-${prevversion}/language new_version/phpBB3/language >
 				save/phpbb-${prevversion}_to_${newversion}_language.patch" />
 		<exec dir="build" escape="false"
-			command="diff -crNEBwd old_versions/release-${prevversion}/styles/prosilver new_version/phpBB3/styles/prosilver >
+			command="LC_ALL=C diff -crNEBZbd old_versions/release-${prevversion}/styles/prosilver new_version/phpBB3/styles/prosilver >
 				save/phpbb-${prevversion}_to_${newversion}_prosilver.patch" />
 		<exec dir="build" escape="false"
-			command="diff -crNEBwd old_versions/release-${prevversion}/styles/subsilver2 new_version/phpBB3/styles/subsilver2 >
+			command="LC_ALL=C diff -crNEBZbd old_versions/release-${prevversion}/styles/subsilver2 new_version/phpBB3/styles/subsilver2 >
 				save/phpbb-${prevversion}_to_${newversion}_subsilver2.patch" />
 
 		<exec dir="build" escape="false"

build/build_helper.php

@@ -22,11 +22,11 @@ class build_package
 	// -r - compare recursive
 	// -N - Treat missing files as empty
 	// -E - Ignore tab expansions
-	//		not used: -b - Ignore space changes.
+	// -Z - Ignore white space at line end.
-	// -w - Ignore all whitespace
+	// -b - Ignore changes in the amount of white space.
 	// -B - Ignore blank lines
 	// -d - Try to find smaller set of changes
-	var $diff_options = '-crNEBwd';
+	var $diff_options = '-crNEBZbd';
 	var $diff_options_long = '-x images -crNEB'; // -x fonts -x imageset //imageset not used here, because it includes the imageset.cfg file. ;)
 
 	var $verbose = false;

build/code_sniffer/phpbb/Sniffs/Commenting/FileCommentSniff.php

@@ -60,14 +60,14 @@ class phpbb_Sniffs_Commenting_FileCommentSniff implements PHP_CodeSniffer_Sniff
 			return;
 		}
 		// Mark as error if this is not a doc comment
-		else if ($start === false || $tokens[$start]['code'] !== T_DOC_COMMENT)
+		else if ($start === false || $tokens[$start]['code'] !== T_DOC_COMMENT_OPEN_TAG)
 		{
 			$phpcsFile->addError('Missing required file doc comment.', $stackPtr);
 			return;
 		}
 
 		// Find comment end token
-		$end = $phpcsFile->findNext(T_DOC_COMMENT, $start + 1, null, true) - 1;
+		$end = $tokens[$start]['comment_closer'];
 
 		// If there is no end, skip processing here
 		if ($end === false)
@@ -75,38 +75,30 @@ class phpbb_Sniffs_Commenting_FileCommentSniff implements PHP_CodeSniffer_Sniff
 			return;
 		}
 
-		// List of found comment tags
-		$tags = array();
-
 		// check comment lines without the first(/**) an last(*/) line
-		for ($i = $start + 1, $c = $end - 1; $i <= $c; ++$i)
+		for ($token = $start + 1, $c = $end - 2; $token <= $c; ++$token)
 		{
-			$line = $tokens[$i]['content'];
-
 			// Check that each line starts with a '*'
-			if (substr($line, 0, 1) !== '*' && substr($line, 0, 2) !== ' *')
+			if ($tokens[$token]['column'] === 1 && (($tokens[$token]['content'] !== '*' && $tokens[$token]['content'] !== ' ') || ($tokens[$token]['content'] === ' ' && $tokens[$token + 1]['content'] !== '*')))
 			{
 				$message = 'The file doc comment should not be indented.';
-				$phpcsFile->addWarning($message, $i);
+				$phpcsFile->addWarning($message, $token);
-			}
-			else if (preg_match('/^[ ]?\*\s+@([\w]+)\s+(.*)$/', $line, $match) !== 0)
-			{
-				if (!isset($tags[$match[1]]))
-				{
-					$tags[$match[1]] = array();
-				}
-
-				$tags[$match[1]][] = array($match[2], $i);
 			}
 		}
 
 		// Check that the first and last line is empty
-		if (trim($tokens[$start + 1]['content']) !== '*')
+		// /**T_WHITESPACE
+		// (T_WHITESPACE)*T_WHITESPACE
+		// (T_WHITESPACE)* ...
+		// (T_WHITESPACE)*T_WHITESPACE
+		// T_WHITESPACE*/
+		if (!(($tokens[$start + 2]['content'] !== '*' && $tokens[$start + 4]['content'] !== '*') || ($tokens[$start + 3]['content'] !== '*' && $tokens[$start + 6]['content'] !== '*')))
 		{
 			$message = 'The first file comment line should be empty.';
 			$phpcsFile->addWarning($message, ($start + 1));
 		}
-		if (trim($tokens[$end - 1]['content']) !== '*')
+
+		if ($tokens[$end - 3]['content'] !== '*' && $tokens[$end - 6]['content'] !== '*')
 		{
 			$message = 'The last file comment line should be empty.';
 			$phpcsFile->addWarning($message, $end - 1);
@@ -114,8 +106,8 @@ class phpbb_Sniffs_Commenting_FileCommentSniff implements PHP_CodeSniffer_Sniff
 
 		//$this->processPackage($phpcsFile, $start, $tags);
 		//$this->processVersion($phpcsFile, $start, $tags);
-		$this->processCopyright($phpcsFile, $start, $tags);
+		$this->processCopyright($phpcsFile, $start, $tokens[$start]['comment_tags']);
-		$this->processLicense($phpcsFile, $start, $tags);
+		$this->processLicense($phpcsFile, $start, $tokens[$start]['comment_tags']);
 	}
 
 	/**
@@ -176,17 +168,24 @@ class phpbb_Sniffs_Commenting_FileCommentSniff implements PHP_CodeSniffer_Sniff
 	protected function processCopyright(PHP_CodeSniffer_File $phpcsFile, $ptr, $tags)
 	{
 		$copyright = '(c) phpBB Limited <https://www.phpbb.com>';
+		$tokens = $phpcsFile->getTokens();
 
-		if (!isset($tags['copyright']))
+		foreach ($tags as $tag)
 		{
-			$message = 'Missing require @copyright tag in file doc comment.';
+			if ($tokens[$tag]['content'] === '@copyright')
-			$phpcsFile->addError($message, $ptr);
+			{
-		}
+				if ($tokens[$tag + 2]['content'] !== $copyright)
-		else if ($tags['copyright'][0][0] !== $copyright)
+				{
-		{
+					$message = 'Invalid content found for the first @copyright tag, use "' . $copyright . '".';
-			$message = 'Invalid content found for the first @copyright tag, use "' . $copyright . '".';
+					$phpcsFile->addError($message, $tags['copyright'][0][1]);
-			$phpcsFile->addError($message, $tags['copyright'][0][1]);
+				}
+
+				return;
+			}
 		}
+
+		$message = 'Missing require @copyright tag in file doc comment.';
+		$phpcsFile->addError($message, $ptr);
 	}
 
 	/**
@@ -201,22 +200,33 @@ class phpbb_Sniffs_Commenting_FileCommentSniff implements PHP_CodeSniffer_Sniff
 	protected function processLicense(PHP_CodeSniffer_File $phpcsFile, $ptr, $tags)
 	{
 		$license = 'GNU General Public License, version 2 (GPL-2.0)';
+		$tokens = $phpcsFile->getTokens();
 
-		if (!isset($tags['license']))
+		$found = false;
+		foreach ($tags as $tag)
+		{
+			if ($tokens[$tag]['content'] === '@license')
+			{
+				if ($found)
+				{
+					$message = 'It must be only one @license tag in file doc comment.';
+					$phpcsFile->addError($message, $ptr);
+				}
+
+				$found = true;
+
+				if ($tokens[$tag + 2]['content'] !== $license)
+				{
+					$message = 'Invalid content found for @license tag, use "' . $license . '".';
+					$phpcsFile->addError($message, $tags['license'][0][1]);
+				}
+			}
+		}
+
+		if (!$found)
 		{
 			$message = 'Missing require @license tag in file doc comment.';
 			$phpcsFile->addError($message, $ptr);
 		}
-		else if (sizeof($tags['license']) !== 1)
-		{
-			$message = 'It must be only one @license tag in file doc comment.';
-			$phpcsFile->addError($message, $ptr);
-		}
-		else if (trim($tags['license'][0][0]) !== $license)
-		{
-			$message = 'Invalid content found for @license tag, use '
-				. '"' . $license . '".';
-			$phpcsFile->addError($message, $tags['license'][0][1]);
-		}
 	}
 }

build/code_sniffer/phpbb/Sniffs/ControlStructures/OpeningBraceBsdAllmanSniff.php

@@ -0,0 +1,143 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+/**
+ * Checks that the opening brace of a control structures is on the line after.
+ * From Generic_Sniffs_Functions_OpeningFunctionBraceBsdAllmanSniff
+ */
+class phpbb_Sniffs_ControlStructures_OpeningBraceBsdAllmanSniff implements PHP_CodeSniffer_Sniff
+{
+	/**
+	 * Registers the tokens that this sniff wants to listen for.
+	 */
+	public function register()
+	{
+		return array(
+			T_IF,
+			T_ELSE,
+			T_FOREACH,
+			T_WHILE,
+			T_DO,
+			T_FOR,
+			T_SWITCH,
+		);
+	}
+
+	/**
+	 * Processes this test, when one of its tokens is encountered.
+	 *
+	 * @param PHP_CodeSniffer_File $phpcsFile The file being scanned.
+	 * @param int                  $stackPtr  The position of the current token in the
+	 *                                        stack passed in $tokens.
+	 *
+	 * @return void
+	 */
+	public function process(PHP_CodeSniffer_File $phpcsFile, $stackPtr)
+	{
+		$tokens = $phpcsFile->getTokens();
+
+		if (isset($tokens[$stackPtr]['scope_opener']) === false)
+		{
+			return;
+		}
+
+		/*
+		 * ...
+		 * }
+		 * else if ()
+		 * {
+		 * ...
+		 */
+		if ($tokens[$stackPtr]['code'] === T_ELSE && $tokens[$stackPtr + 2]['code'] === T_IF)
+		{
+			return;
+		}
+
+		$openingBrace = $tokens[$stackPtr]['scope_opener'];
+
+		/*
+		 * ...
+		 * do
+		 * {
+		 *     <code>
+		 * } while();
+		 * ...
+		 * }
+		 * else
+		 * {
+		 * ...
+		 */
+		if ($tokens[$stackPtr]['code'] === T_DO ||$tokens[$stackPtr]['code'] === T_ELSE)
+		{
+			$cs_line = $tokens[$stackPtr]['line'];
+		}
+		else
+		{
+			// The end of the function occurs at the end of the argument list. Its
+			// like this because some people like to break long function declarations
+			// over multiple lines.
+			$cs_line = $tokens[$tokens[$stackPtr]['parenthesis_closer']]['line'];
+		}
+
+		$braceLine    = $tokens[$openingBrace]['line'];
+
+		$lineDifference = ($braceLine - $cs_line);
+
+		if ($lineDifference === 0)
+		{
+			$error = 'Opening brace should be on a new line';
+			$phpcsFile->addError($error, $openingBrace, 'BraceOnSameLine');
+			return;
+		}
+
+		if ($lineDifference > 1)
+		{
+			$error = 'Opening brace should be on the line after the declaration; found %s blank line(s)';
+			$data  = array(($lineDifference - 1));
+			$phpcsFile->addError($error, $openingBrace, 'BraceSpacing', $data);
+			return;
+		}
+
+		// We need to actually find the first piece of content on this line,
+		// as if this is a method with tokens before it (public, static etc)
+		// or an if with an else before it, then we need to start the scope
+		// checking from there, rather than the current token.
+		$lineStart = $stackPtr;
+		while (($lineStart = $phpcsFile->findPrevious(array(T_WHITESPACE), ($lineStart - 1), null, false)) !== false)
+		{
+			if (strpos($tokens[$lineStart]['content'], $phpcsFile->eolChar) !== false)
+			{
+				break;
+			}
+		}
+
+		// We found a new line, now go forward and find the first non-whitespace
+		// token.
+		$lineStart = $phpcsFile->findNext(array(T_WHITESPACE), $lineStart, null, true);
+
+		// The opening brace is on the correct line, now it needs to be
+		// checked to be correctly indented.
+		$startColumn = $tokens[$lineStart]['column'];
+		$braceIndent = $tokens[$openingBrace]['column'];
+
+		if ($braceIndent !== $startColumn)
+		{
+			$error = 'Opening brace indented incorrectly; expected %s spaces, found %s';
+			$data  = array(
+				($startColumn - 1),
+				($braceIndent - 1),
+			);
+			$phpcsFile->addError($error, $openingBrace, 'BraceIndent', $data);
+		}
+	}
+}

build/code_sniffer/phpbb/Sniffs/ControlStructures/OpeningParenthesisSniff.php

@@ -0,0 +1,60 @@
+<?php
+/**
+ *
+ * This file is part of the phpBB Forum Software package.
+ *
+ * @copyright (c) phpBB Limited <https://www.phpbb.com>
+ * @license GNU General Public License, version 2 (GPL-2.0)
+ *
+ * For full copyright and license information, please see
+ * the docs/CREDITS.txt file.
+ *
+ */
+
+/**
+ * Checks that there is exactly one space between the keyword and the opening
+ * parenthesis of a control structures.
+ */
+class phpbb_Sniffs_ControlStructures_OpeningParenthesisSniff implements PHP_CodeSniffer_Sniff
+{
+	/**
+	 * Registers the tokens that this sniff wants to listen for.
+	 */
+	public function register()
+	{
+		return array(
+			T_IF,
+			T_FOREACH,
+			T_WHILE,
+			T_FOR,
+			T_SWITCH,
+			T_ELSEIF,
+			T_CATCH,
+		);
+	}
+
+	/**
+	 * Processes this test, when one of its tokens is encountered.
+	 *
+	 * @param PHP_CodeSniffer_File $phpcsFile The file being scanned.
+	 * @param int                  $stackPtr  The position of the current token in the
+	 *                                        stack passed in $tokens.
+	 *
+	 * @return void
+	 */
+	public function process(PHP_CodeSniffer_File $phpcsFile, $stackPtr)
+	{
+		$tokens = $phpcsFile->getTokens();
+
+		if ($tokens[$stackPtr + 1]['content'] === '(')
+		{
+			$error = 'There should be exactly one space between the keyword and opening parenthesis';
+			$phpcsFile->addError($error, $stackPtr, 'NoSpaceBeforeOpeningParenthesis');
+		}
+		else if ($tokens[$stackPtr + 1]['content'] !== ' ')
+		{
+			$error = 'There should be exactly one space between the keyword and opening parenthesis';
+			$phpcsFile->addError($error, $stackPtr, 'IncorrectSpaceBeforeOpeningParenthesis');
+		}
+	}
+}

build/code_sniffer/phpbb/Sniffs/Namespaces/UnusedUseSniff.php

@@ -138,6 +138,7 @@ class phpbb_Sniffs_Namespaces_UnusedUseSniff implements PHP_CodeSniffer_Sniff
 			// Check docblocks
 			$find = array(
 				T_COMMENT,
+				T_DOC_COMMENT_CLOSE_TAG,
 				T_DOC_COMMENT,
 				T_CLASS,
 				T_FUNCTION,
@@ -147,43 +148,31 @@ class phpbb_Sniffs_Namespaces_UnusedUseSniff implements PHP_CodeSniffer_Sniff
 			$comment_end = $phpcsFile->findPrevious($find, ($function_declaration - 1));
 			if ($comment_end !== false)
 			{
-				if (!$tokens[$comment_end]['code'] !== T_DOC_COMMENT)
+				if ($tokens[$comment_end]['code'] === T_DOC_COMMENT_CLOSE_TAG)
 				{
-					$comment_start = ($phpcsFile->findPrevious(T_DOC_COMMENT, ($comment_end - 1), null, true) + 1);
+					$comment_start = $tokens[$comment_end]['comment_opener'];
-					$comment      = $phpcsFile->getTokensAsString($comment_start, ($comment_end - $comment_start + 1));
+					foreach ($tokens[$comment_start]['comment_tags'] as $tag) {
-
+						if ($tokens[$tag]['content'] !== '@param' && $tokens[$tag]['content'] !== '@return' && $tokens[$tag]['content'] !== '@throws') {
-					try
+							continue;
-					{
-						$comment_parser = new PHP_CodeSniffer_CommentParser_FunctionCommentParser($comment, $phpcsFile);
-						$comment_parser->parse();
-
-						// Check @param
-						foreach ($comment_parser->getParams() as $param) {
-							$type = $param->getType();
-							$types = explode('|', str_replace('[]', '', $type));
-							foreach ($types as $type)
-							{
-								$ok = $this->check($phpcsFile, $type, $class_name_full, $class_name_short, $param->getLine() + $comment_start) ? true : $ok;
-							}
 						}
 
-						// Check @return
+						$classes = $tokens[($tag + 2)]['content'];
-						$return = $comment_parser->getReturn();
+						$space = strpos($classes, ' ');
-						if ($return !== null)
+						if ($space !== false) {
+							$classes = substr($classes, 0, $space);
+						}
+
+						$tab = strpos($classes, "\t");
+						if ($tab !== false) {
+							$classes = substr($classes, 0, $tab);
+						}
+
+						$classes = explode('|', str_replace('[]', '', $classes));
+						foreach ($classes as $class)
 						{
-							$type = $return->getValue();
+							$ok = $this->check($phpcsFile, $class, $class_name_full, $class_name_short, $tokens[$tag + 2]['line']) ? true : $ok;
-							$types = explode('|', str_replace('[]', '', $type));
-							foreach ($types as $type)
-							{
-								$ok = $this->check($phpcsFile, $type, $class_name_full, $class_name_short, $return->getLine() + $comment_start) ? true : $ok;
-							}
 						}
 					}
-					catch (PHP_CodeSniffer_CommentParser_ParserException $e)
-					{
-						$line = ($e->getLineWithinComment() + $comment_start);
-						$phpcsFile->addError($e->getMessage(), $line, 'FailedParse');
-					}
 				}
 			}
 
@@ -195,6 +184,20 @@ class phpbb_Sniffs_Namespaces_UnusedUseSniff implements PHP_CodeSniffer_Sniff
 			}
 		}
 
+		// Checks in catch blocks
+		$old_catch = $stackPtr;
+		while (($catch = $phpcsFile->findNext(T_CATCH, ($old_catch + 1))) !== false)
+		{
+			$old_catch = $catch;
+
+			$caught_class_name_start = $phpcsFile->findNext(array(T_NS_SEPARATOR, T_STRING), $catch + 1);
+			$caught_class_name_end = $phpcsFile->findNext($find, $caught_class_name_start + 1, null, true);
+
+			$caught_class_name = trim($phpcsFile->getTokensAsString($caught_class_name_start, ($caught_class_name_end - $caught_class_name_start)));
+
+			$ok = $this->check($phpcsFile, $caught_class_name, $class_name_full, $class_name_short, $catch) ? true : $ok;
+		}
+
 		if (!$ok)
 		{
 			$error = 'There must not be unused USE statements.';

build/code_sniffer/ruleset-minimum.xml

@@ -12,4 +12,7 @@
  <!-- Tabs MUST be used for indentation -->
  <rule ref="Generic.WhiteSpace.DisallowSpaceIndent" />
 
+ <!-- ALL braces MUST be on their own lines. -->
+ <rule ref="./phpbb/Sniffs/ControlStructures/OpeningBraceBsdAllmanSniff.php" />
+
 </ruleset>

build/code_sniffer/ruleset-php-legacy.xml

@@ -86,4 +86,7 @@
  <!-- The ?> closing tag MUST be omitted from files containing only PHP. -->
  <rule ref="Zend.Files.ClosingTag" />
 
+ <!-- There MUST be one space between control structure and opening parenthesis -->
+ <rule ref="./phpbb/Sniffs/ControlStructures/OpeningParenthesisSniff.php" />
+
 </ruleset>

build/sami-all.conf.php

@@ -25,6 +25,7 @@ $config['versions'] = Sami\Version\GitVersionCollection::create(__DIR__ . '/../'
 	*/
 	->add('3.0.x')
 	->add('3.1.x')
+	->add('master')
 ;
 
 return new Sami\Sami($iterator, $config);

phpBB/adm/style/acp_ext_list.html

@@ -7,7 +7,7 @@
 	<p>{L_EXTENSIONS_EXPLAIN}</p>
 
 	<fieldset class="quick">
-		<span class="small"><a href="{U_VERSIONCHECK_FORCE}">{L_VERSIONCHECK_FORCE_UPDATE_ALL}</a> &bull; <a href="javascript:phpbb.toggleDisplay('version_check_settings');">{L_SETTINGS}</a></span>
+		<span class="small"><a href="https://www.phpbb.com/go/customise/extensions/3.1" target="_blank">{L_BROWSE_EXTENSIONS_DATABASE}</a> &bull; <a href="{U_VERSIONCHECK_FORCE}">{L_VERSIONCHECK_FORCE_UPDATE_ALL}</a> &bull; <a href="javascript:phpbb.toggleDisplay('version_check_settings');">{L_SETTINGS}</a></span>
 	</fieldset>
 
 	<form id="version_check_settings" method="post" action="{U_ACTION}" style="display:none">
@@ -97,6 +97,12 @@
 	</table>
 
 	<table class="table1">
+	<tr>
+		<th>{L_EXTENSION_INSTALL_HEADLINE}</th>
+	</tr>
+	<tr>
+		<td class="row3">{L_EXTENSION_INSTALL_EXPLAIN}</td>
+	</tr>
 	<tr>
 		<th>{L_EXTENSION_UPDATE_HEADLINE}</th>
 	</tr>

phpBB/adm/style/acp_jabber.html

@@ -39,7 +39,7 @@
 </dl>
 <dl>
 	<dt><label for="jab_password">{L_JAB_PASSWORD}{L_COLON}</label><br /><span>{L_JAB_PASSWORD_EXPLAIN}</span></dt>
-	<dd><input type="password" id="jab_password" name="jab_password" value="{JAB_PASSWORD}" /></dd>
+	<dd><input type="password" id="jab_password" name="jab_password" value="{JAB_PASSWORD}" autocomplete="off" /></dd>
 </dl>
 <!-- IF S_CAN_USE_SSL -->
 <dl>

phpBB/adm/style/acp_language.html

@@ -68,6 +68,10 @@
 
 	<p>{L_ACP_LANGUAGE_PACKS_EXPLAIN}</p>
 
+	<fieldset class="quick">
+		<span class="small"><a href="https://www.phpbb.com/go/customise/language-packs/3.1" target="_blank">{L_BROWSE_LANGUAGE_PACKS_DATABASE}</a></span>
+	</fieldset>
+
 	<table class="table1 zebra-table">
 	<thead>
 	<tr>

phpBB/adm/style/acp_styles.html

@@ -32,6 +32,10 @@
 
 <!-- IF L_EXPLAIN --><p>{L_EXPLAIN}</p><!-- ENDIF -->
 
+<fieldset class="quick">
+	<span class="small"><a href="https://www.phpbb.com/go/customise/styles/3.1" target="_blank">{L_BROWSE_STYLES_DATABASE}</a></span>
+</fieldset>
+
 <form id="acp_styles" method="post" action="{U_ACTION}">
 {S_HIDDEN_FIELDS}
 {S_FORM_TOKEN}

phpBB/assets/javascript/core.js

@@ -1,3 +1,5 @@
+/* global bbfontstyle */
+
 var phpbb = {};
 phpbb.alertTime = 100;
 
@@ -13,7 +15,7 @@ var keymap = {
 };
 
 var $dark = $('#darkenwrapper');
-var $loadingIndicator = $('#loading_indicator');
+var $loadingIndicator;
 var phpbbAlertTimer = null;
 
 phpbb.isTouch = (window && typeof window.ontouchstart !== 'undefined');
@@ -21,9 +23,14 @@ phpbb.isTouch = (window && typeof window.ontouchstart !== 'undefined');
 /**
  * Display a loading screen
  *
- * @returns object Returns loadingIndicator.
+ * @returns {object} Returns loadingIndicator.
  */
 phpbb.loadingIndicator = function() {
+	if (!$loadingIndicator) {
+		$loadingIndicator = $('<div />', { id: 'loading_indicator' });
+		$loadingIndicator.appendTo('#page-footer');
+	}
+
 	if (!$loadingIndicator.is(':visible')) {
 		$loadingIndicator.fadeIn(phpbb.alertTime);
 		// Wait fifteen seconds and display an error if nothing has been returned by then.
@@ -54,7 +61,7 @@ phpbb.clearLoadingTimeout = function() {
 /**
 * Close popup alert after a specified delay
 *
-* @param int Delay in ms until darkenwrapper's click event is triggered
+* @param {int} delay Delay in ms until darkenwrapper's click event is triggered
 */
 phpbb.closeDarkenWrapper = function(delay) {
 	phpbbAlertTimer = setTimeout(function() {
@@ -67,14 +74,12 @@ phpbb.closeDarkenWrapper = function(delay) {
  *
  * You can only call one alert or confirm box at any one time.
  *
- * @param string title Title of the message, eg "Information" (HTML).
+ * @param {string} title Title of the message, eg "Information" (HTML).
- * @param string msg Message to display (HTML).
+ * @param {string} msg Message to display (HTML).
- * @param bool fadedark Remove the dark background when done? Defaults
- *     to yes.
  *
- * @returns object Returns the div created.
+ * @returns {object} Returns the div created.
  */
-phpbb.alert = function(title, msg, fadedark) {
+phpbb.alert = function(title, msg) {
 	var $alert = $('#phpbb_alert');
 	$alert.find('.alert_title').html(title);
 	$alert.find('.alert_text').html(msg);
@@ -94,14 +99,14 @@ phpbb.alert = function(title, msg, fadedark) {
 /**
 * Handler for opening an alert box.
 *
-* @param jQuery $alert			jQuery object.
+* @param {jQuery} $alert jQuery object.
 */
 phpbb.alert.open = function($alert) {
 	if (!$dark.is(':visible')) {
 		$dark.fadeIn(phpbb.alertTime);
 	}
 
-	if ($loadingIndicator.is(':visible')) {
+	if ($loadingIndicator && $loadingIndicator.is(':visible')) {
 		$loadingIndicator.fadeOut(phpbb.alertTime, function() {
 			$dark.append($alert);
 			$alert.fadeIn(phpbb.alertTime);
@@ -134,8 +139,8 @@ phpbb.alert.open = function($alert) {
 /**
 * Handler for closing an alert box.
 *
-* @param jQuery $alert			jQuery object.
+* @param {jQuery} $alert jQuery object.
-* @param bool fadedark			Whether to remove dark background.
+* @param {bool} fadedark Whether to remove dark background.
 */
 phpbb.alert.close = function($alert, fadedark) {
 	var $fade = (fadedark) ? $dark : $alert;
@@ -153,13 +158,13 @@ phpbb.alert.close = function($alert, fadedark) {
  *
  * You can only call one alert or confirm box at any one time.
  *
- * @param string msg Message to display (HTML).
+ * @param {string} msg Message to display (HTML).
- * @param function callback Callback. Bool param, whether the user pressed
+ * @param {function} callback Callback. Bool param, whether the user pressed
  *     yes or no (or whatever their language is).
- * @param bool fadedark Remove the dark background when done? Defaults
+ * @param {bool} fadedark Remove the dark background when done? Defaults
  *     to yes.
  *
- * @returns object Returns the div created.
+ * @returns {object} Returns the div created.
  */
 phpbb.confirm = function(msg, callback, fadedark) {
 	var $confirmDiv = $('#phpbb_confirm');
@@ -197,8 +202,8 @@ phpbb.confirm = function(msg, callback, fadedark) {
 /**
  * Turn a querystring into an array.
  *
- * @argument string string The querystring to parse.
+ * @argument {string} string The querystring to parse.
- * @returns object The object created.
+ * @returns {object} The object created.
  */
 phpbb.parseQuerystring = function(string) {
 	var params = {}, i, split;
@@ -223,12 +228,7 @@ phpbb.parseQuerystring = function(string) {
  * For more info, view the following page on the phpBB wiki:
  * http://wiki.phpbb.com/JavaScript_Function.phpbb.ajaxify
  *
- * @param object options Options.
+ * @param {object} options Options.
- * @param bool/function refresh If we are sent back a refresh, should it be
- *     acted upon? This can either be true / false / a function.
- * @param function callback Callback to call on completion of event. Has
- *     three parameters: the element that the event was evoked from, the JSON
- *     that was returned and (if it is a form) the form action.
  */
 phpbb.ajaxify = function(options) {
 	var $elements = $(options.selector),
@@ -262,11 +262,16 @@ phpbb.ajaxify = function(options) {
 				console.log('AJAX error. status: ' + textStatus + ', message: ' + errorThrown);
 			}
 			phpbb.clearLoadingTimeout();
-			var errorText = false;
+			var responseText, errorText = false;
-			if (typeof errorThrown === 'string' && errorThrown.length > 0) {
+			try {
+				responseText = JSON.parse(jqXHR.responseText);
+				responseText = responseText.message;
+			} catch (e) {}
+			if (typeof responseText === 'string' && responseText.length > 0) {
+				errorText = responseText;
+			} else if (typeof errorThrown === 'string' && errorThrown.length > 0) {
 				errorText = errorThrown;
-			}
+			} else {
-			else {
 				errorText = $dark.attr('data-ajax-error-text-' + textStatus);
 				if (typeof errorText !== 'string' || !errorText.length) {
 					errorText = $dark.attr('data-ajax-error-text');
@@ -283,7 +288,7 @@ phpbb.ajaxify = function(options) {
 		 * It cannot be called from outside this function, and is purely here to
 		 * avoid repetition of code.
 		 *
-		 * @param object res The object sent back by the server.
+		 * @param {object} res The object sent back by the server.
 		 */
 		function returnHandler(res) {
 			var alert;
@@ -429,8 +434,8 @@ phpbb.search = {
 /**
  * Get cached search data.
  *
- * @param string id		Search ID.
+ * @param {string} id Search ID.
- * @return bool|object.	Cached data object. Returns false if no data exists.
+ * @returns {bool|object} Cached data object. Returns false if no data exists.
  */
 phpbb.search.cache.get = function(id) {
 	if (this.data[id]) {
@@ -442,15 +447,13 @@ phpbb.search.cache.get = function(id) {
 /**
  * Set search cache data value.
  *
- * @param string id		Search ID.
+ * @param {string} id		Search ID.
- * @param string key	Data key.
+ * @param {string} key		Data key.
- * @param string value	Data value.
+ * @param {string} value	Data value.
- *
- * @return undefined
  */
 phpbb.search.cache.set = function(id, key, value) {
 	if (!this.data[id]) {
-		this.data[id] = {results: []};
+		this.data[id] = { results: [] };
 	}
 	this.data[id][key] = value;
 };
@@ -458,21 +461,19 @@ phpbb.search.cache.set = function(id, key, value) {
 /**
  * Cache search result.
  *
- * @param string id			Search ID.
+ * @param {string} id		Search ID.
- * @param string keyword	Keyword.
+ * @param {string} keyword	Keyword.
- * @param array results		Search results.
+ * @param {Array} results	Search results.
- *
- * @return undefined
  */
-phpbb.search.cache.setResults = function(id, keyword, value) {
+phpbb.search.cache.setResults = function(id, keyword, results) {
-	this.data[id].results[keyword] = value;
+	this.data[id].results[keyword] = results;
 };
 
 /**
  * Trim spaces from keyword and lower its case.
  *
- * @param string keyword	Search keyword to clean.
+ * @param {string} keyword Search keyword to clean.
- * @return string Cleaned string.
+ * @returns {string} Cleaned string.
  */
 phpbb.search.cleanKeyword = function(keyword) {
 	return $.trim(keyword).toLowerCase();
@@ -482,11 +483,11 @@ phpbb.search.cleanKeyword = function(keyword) {
  * Get clean version of search keyword. If textarea supports several keywords
  * (one per line), it fetches the current keyword based on the caret position.
  *
- * @param jQuery $input		Search input|textarea.
+ * @param {jQuery} $input	Search input|textarea.
- * @param string keyword	Input|textarea value.
+ * @param {string} keyword	Input|textarea value.
- * @param bool multiline	Whether textarea supports multiple search keywords.
+ * @param {bool} multiline	Whether textarea supports multiple search keywords.
  *
- * @return string Clean string.
+ * @returns string Clean string.
  */
 phpbb.search.getKeyword = function($input, keyword, multiline) {
 	if (multiline) {
@@ -500,8 +501,8 @@ phpbb.search.getKeyword = function($input, keyword, multiline) {
  * Get the textarea line number on which the keyword resides - for textareas
  * that support multiple keywords (one per line).
  *
- * @param jQuery $textarea	Search textarea.
+ * @param {jQuery} $textarea Search textarea.
- * @return int
+ * @returns {int} The line number.
  */
 phpbb.search.getKeywordLine = function ($textarea) {
 	var selectionStart = $textarea.get(0).selectionStart;
@@ -512,11 +513,9 @@ phpbb.search.getKeywordLine = function ($textarea) {
  * Set the value on the input|textarea. If textarea supports multiple
  * keywords, only the active keyword is replaced.
  *
- * @param jQuery $input		Search input|textarea.
+ * @param {jQuery} $input	Search input|textarea.
- * @param string value		Value to set.
+ * @param {string} value	Value to set.
- * @param bool multiline	Whether textarea supports multiple search keywords.	
+ * @param {bool} multiline	Whether textarea supports multiple search keywords.
- *
- * @return undefined
  */
 phpbb.search.setValue = function($input, value, multiline) {
 	if (multiline) {
@@ -529,14 +528,13 @@ phpbb.search.setValue = function($input, value, multiline) {
 };
 
 /**
- * Sets the onclick event to set the value on the input|textarea to the selected search result. 
+ * Sets the onclick event to set the value on the input|textarea to the
+ * selected search result.
  *
- * @param jQuery $input		Search input|textarea.
+ * @param {jQuery} $input		Search input|textarea.
- * @param object value		Result object.
+ * @param {object} value		Result object.
- * @param jQuery $row		Result element.
+ * @param {jQuery} $row			Result element.
- * @param jQuery $container	jQuery object for the search container.
+ * @param {jQuery} $container	jQuery object for the search container.
- *
- * @return undefined
  */
 phpbb.search.setValueOnClick = function($input, value, $row, $container) {
 	$row.click(function() {
@@ -551,16 +549,16 @@ phpbb.search.setValueOnClick = function($input, value, $row, $container) {
  * already, those are displayed instead. Executes the AJAX request function
  * itself due to the need to use a timeout to limit the number of requests.
  *
- * @param array data			Data to be sent to the server.
+ * @param {Array} data				Data to be sent to the server.
- * @param object event			Onkeyup event object.
+ * @param {object} event			Onkeyup event object.
- * @param function sendRequest	Function to execute AJAX request.
+ * @param {function} sendRequest	Function to execute AJAX request.
  *
- * @return bool Returns false.
+ * @returns {bool} Returns false.
  */
 phpbb.search.filter = function(data, event, sendRequest) {
 	var $this = $(this),
 		dataName = ($this.attr('data-name') !== undefined) ? $this.attr('data-name') : $this.attr('name'),
-		minLength = parseInt($this.attr('data-min-length')),
+		minLength = parseInt($this.attr('data-min-length'), 10),
 		searchID = $this.attr('data-results'),
 		keyword = phpbb.search.getKeyword($this, data[dataName], $this.attr('data-multiline')),
 		cache = phpbb.search.cache.get(searchID),
@@ -582,7 +580,10 @@ phpbb.search.filter = function(data, event, sendRequest) {
 			} else {
 				// Do we already have results for this?
 				if (cache.results[keyword]) {
-					var response = {keyword: keyword, results: cache.results[keyword]};
+					var response = {
+						keyword: keyword,
+						results: cache.results[keyword]
+					};
 					phpbb.search.handleResponse(response, $this, true);
 					proceed = false;
 				}
@@ -609,12 +610,10 @@ phpbb.search.filter = function(data, event, sendRequest) {
 /**
  * Handle search result response.
  *
- * @param object res		Data received from server.
+ * @param {object} res			Data received from server.
- * @param jQuery $input		Search input|textarea.
+ * @param {jQuery} $input		Search input|textarea.
- * @param bool fromCache	Whether the results are from the cache.
+ * @param {bool} fromCache		Whether the results are from the cache.
- * @param function callback	Optional callback to run when assigning each search result.
+ * @param {function} callback	Optional callback to run when assigning each search result.
- *
- * @return undefined
  */
 phpbb.search.handleResponse = function(res, $input, fromCache, callback) {
 	if (typeof res !== 'object') {
@@ -641,12 +640,10 @@ phpbb.search.handleResponse = function(res, $input, fromCache, callback) {
 /**
  * Show search results.
  *
- * @param array results		Search results.
+ * @param {Array} results		Search results.
- * @param jQuery $input		Search input|textarea.
+ * @param {jQuery} $input		Search input|textarea.
- * @param jQuery $container	Search results container element.
+ * @param {jQuery} $container	Search results container element.
- * @param function callback	Optional callback to run when assigning each search result.
+ * @param {function} callback	Optional callback to run when assigning each search result.
- *
- * @return undefined
  */
 phpbb.search.showResults = function(results, $input, $container, callback) {
 	var $resultContainer = $('.search-results', $container);
@@ -683,8 +680,7 @@ phpbb.search.showResults = function(results, $input, $container, callback) {
 /**
  * Clear search results.
  *
- * @param jQuery $container	Search results container.
+ * @param {jQuery} $container Search results container.
- * @return undefined
  */
 phpbb.search.clearResults = function($container) {
 	$container.children(':not(.search-result-tpl)').remove();
@@ -703,8 +699,8 @@ phpbb.history = {};
 /**
 * Check whether a method in the native history object is supported.
 *
-* @param string fn	Method name.
+* @param {string} fn Method name.
-* @return bool Returns true if the method is supported.
+* @returns {bool} Returns true if the method is supported.
 */
 phpbb.history.isSupported = function(fn) {
 	return !(typeof history === 'undefined' || typeof history[fn] === 'undefined');
@@ -714,12 +710,10 @@ phpbb.history.isSupported = function(fn) {
 * Wrapper for the pushState and replaceState methods of the
 * native history object.
 *
-* @param string mode	Mode. Either push or replace.
+* @param {string} mode		Mode. Either push or replace.
-* @param string url	New URL.
+* @param {string} url		New URL.
-* @param string title Optional page title.
+* @param {string} [title]	Optional page title.
-* @patam object obj	Optional state object.
+* @param {object} [obj]		Optional state object.
-*
-* @return undefined
 */
 phpbb.history.alterUrl = function(mode, url, title, obj) {
 	var fn = mode + 'State';
@@ -740,11 +734,9 @@ phpbb.history.alterUrl = function(mode, url, title, obj) {
 /**
 * Wrapper for the native history.replaceState method.
 *
-* @param string url	New URL.
+* @param {string} url		New URL.
-* @param string title Optional page title.
+* @param {string} [title]	Optional page title.
-* @patam object obj	Optional state object.
+* @param {object} [obj]		Optional state object.
-*
-* @return undefined
 */
 phpbb.history.replaceUrl = function(url, title, obj) {
 	phpbb.history.alterUrl('replace', url, title, obj);
@@ -753,11 +745,9 @@ phpbb.history.replaceUrl = function(url, title, obj) {
 /**
 * Wrapper for the native history.pushState method.
 *
-* @param string url	New URL.
+* @param {string} url		New URL.
-* @param string title Optional page title.
+* @param {string} [title]	Optional page title.
-* @patam object obj	Optional state object.
+* @param {object} [obj]		Optional state object.
-*
-* @return undefined
 */
 phpbb.history.pushUrl = function(url, title, obj) {
 	phpbb.history.alterUrl('push', url, title, obj);
@@ -766,7 +756,8 @@ phpbb.history.pushUrl = function(url, title, obj) {
 /**
 * Hide the optgroups that are not the selected timezone
 *
-* @param	bool	keepSelection		Shall we keep the value selected, or shall the user be forced to repick one.
+* @param {bool} keepSelection Shall we keep the value selected, or shall the
+* 	user be forced to repick one.
 */
 phpbb.timezoneSwitchDate = function(keepSelection) {
 	var $timezoneCopy = $('#timezone_copy');
@@ -789,7 +780,7 @@ phpbb.timezoneSwitchDate = function(keepSelection) {
 	}
 
 	if ($tzDate.val() !== '') {
-		$timezone.children('optgroup').remove(':not([data-tz-value="' + $('#tz_date').val() + '"])');
+		$timezone.children('optgroup').remove(':not([data-tz-value="' + $tzDate.val() + '"])');
 	}
 
 	if ($tzDate.val() === $tzSelectDateSuggest.attr('data-suggested-tz')) {
@@ -824,7 +815,7 @@ phpbb.timezoneEnableDateSelection = function() {
 /**
 * Preselect a date/time or suggest one, if it is not picked.
 *
-* @param	bool	forceSelector		Shall we select the suggestion?
+* @param {bool} forceSelector Shall we select the suggestion?
 */
 phpbb.timezonePreselectSelect = function(forceSelector) {
 
@@ -893,8 +884,8 @@ phpbb.ajaxCallbacks = {};
  *
  * See the phpbb.ajaxify comments for information on stuff like parameters.
  *
- * @param string id The name of the callback.
+ * @param {string} id The name of the callback.
- * @param function callback The callback to be called.
+ * @param {function} callback The callback to be called.
  */
 phpbb.addAjaxCallback = function(id, callback) {
 	if (typeof callback === 'function') {
@@ -985,7 +976,7 @@ phpbb.addAjaxCallback('toggle_link', function() {
 * types text.
 *
 * @param {jQuery} $items jQuery object(s) to resize
-* @param {object} options Optional parameter that adjusts default
+* @param {object} [options] Optional parameter that adjusts default
 * 	configuration. See configuration variable
 *
 * Optional parameters:
@@ -1022,15 +1013,19 @@ phpbb.resizeTextArea = function($items, options) {
 	function resetAutoResize(item) {
 		var $item = $(item);
 		if ($item.hasClass('auto-resized')) {
-			$(item).css({height: '', resize: ''}).removeClass('auto-resized');
+			$(item)
+				.css({ height: '', resize: '' })
+				.removeClass('auto-resized');
 			configuration.resetCallback.call(item, $item);
 		}
 	}
 
 	function autoResize(item) {
 		function setHeight(height) {
-			height += parseInt($item.css('height')) - $item.height();
+			height += parseInt($item.css('height'), 10) - $item.height();
-			$item.css({height: height + 'px', resize: 'none'}).addClass('auto-resized');
+			$item
+				.css({ height: height + 'px', resize: 'none' })
+				.addClass('auto-resized');
 			configuration.resizeCallback.call(item, $item);
 		}
 
@@ -1046,7 +1041,7 @@ phpbb.resizeTextArea = function($items, options) {
 				configuration.maxHeight
 			),
 			$item = $(item),
-			height = parseInt($item.height()),
+			height = parseInt($item.height(), 10),
 			scrollHeight = (item.scrollHeight) ? item.scrollHeight : 0;
 
 		if (height < 0) {
@@ -1055,8 +1050,7 @@ phpbb.resizeTextArea = function($items, options) {
 
 		if (height > maxHeight) {
 			setHeight(maxHeight);
-		}
+		} else if (scrollHeight > (height + 5)) {
-		else if (scrollHeight > (height + 5)) {
 			setHeight(Math.min(maxHeight, scrollHeight));
 		}
 	}
@@ -1085,7 +1079,7 @@ phpbb.resizeTextArea = function($items, options) {
 * @param {Array} endTags List of end tags to look for
 *		For example, Array('[/code]')
 *
-* @return {boolean} True if cursor is in bbcode tag
+* @returns {boolean} True if cursor is in bbcode tag
 */
 phpbb.inBBCodeTag = function(textarea, startTags, endTags) {
 	var start = textarea.selectionStart,
@@ -1157,7 +1151,7 @@ phpbb.applyCodeEditor = function(textarea) {
 	* @param {boolean} stripCodeStart If true, only part of line
 	*		after [code] tag will be returned.
 	*
-	* @return {string} Line of text
+	* @returns {string} Line of text
 	*/
 	function getLastLine(stripCodeStart) {
 		var start = textarea.selectionStart,
@@ -1173,7 +1167,7 @@ phpbb.applyCodeEditor = function(textarea) {
 					var tagLength = startTags[i].length;
 
 					value = value.substring(index + tagLength);
-					if (startTags[i].lastIndexOf(startTagsEnd) != tagLength) {
+					if (startTags[i].lastIndexOf(startTagsEnd) !== tagLength) {
 						index = value.indexOf(startTagsEnd);
 
 						if (index >= 0) {
@@ -1190,7 +1184,7 @@ phpbb.applyCodeEditor = function(textarea) {
 	/**
 	* Append text at cursor position
 	*
-	* @param {string} Text Text to append
+	* @param {string} text Text to append
 	*/
 	function appendText(text) {
 		var start = textarea.selectionStart,
@@ -1232,6 +1226,31 @@ phpbb.applyCodeEditor = function(textarea) {
 	});
 };
 
+/**
+ * Show drag and drop animation when textarea is present
+ *
+ * This function will enable the drag and drop animation for a specified
+ * textarea.
+ *
+ * @param {HTMLElement} textarea Textarea DOM object to apply editor to
+ */
+phpbb.showDragNDrop = function(textarea) {
+	if (!textarea) {
+		return;
+	}
+
+	$('body').on('dragenter dragover', function () {
+		$(textarea).addClass('drag-n-drop');
+	}).on('dragleave dragout dragend drop', function() {
+		$(textarea).removeClass('drag-n-drop');
+	});
+	$(textarea).on('dragenter dragover', function () {
+		$(textarea).addClass('drag-n-drop-highlight');
+	}).on('dragleave dragout dragend drop', function() {
+		$(textarea).removeClass('drag-n-drop-highlight');
+	});
+};
+
 /**
 * List of classes that toggle dropdown menu,
 * list of classes that contain visible dropdown menu
@@ -1324,12 +1343,15 @@ phpbb.toggleDropdown = function() {
 					fullFreeSpace = freeSpace + parent.outerWidth();
 
 				options.dropdown.find('.dropdown-contents').each(function() {
-					contentWidth = parseInt($(this).outerWidth());
+					contentWidth = parseInt($(this).outerWidth(), 10);
-					$(this).css({marginLeft: 0, left: 0});
+					$(this).css({ marginLeft: 0, left: 0 });
 				});
 
 				var maxOffset = Math.min(contentWidth, fullFreeSpace) + 'px';
-				options.dropdown.css({'width': maxOffset, 'margin-left': '-' + maxOffset});
+				options.dropdown.css({
+					width: maxOffset,
+					marginLeft: -maxOffset
+				});
 			}
 		} else {
 			options.dropdown.css('margin-right', '-' + (windowWidth + freeSpace) + 'px');
@@ -1391,14 +1413,12 @@ phpbb.registerDropdown = function(toggle, dropdown, options) {
 /**
 * Get the HTML for a color palette table.
 *
-* @param string dir Palette direction - either v or h
+* @param {string} dir Palette direction - either v or h
-* @param int width Palette cell width.
+* @param {int} width Palette cell width.
-* @param int height Palette cell height.
+* @param {int} height Palette cell height.
 */
 phpbb.colorPalette = function(dir, width, height) {
-	var r = 0, 
+	var r, g, b,
-		g = 0, 
-		b = 0,
 		numberList = new Array(6),
 		color = '',
 		html = '';
@@ -1409,32 +1429,33 @@ phpbb.colorPalette = function(dir, width, height) {
 	numberList[3] = 'BF';
 	numberList[4] = 'FF';
 
-	var tableClass = (dir == 'h') ? 'horizontal-palette' : 'vertical-palette';
+	var tableClass = (dir === 'h') ? 'horizontal-palette' : 'vertical-palette';
 	html += '<table class="not-responsive colour-palette ' + tableClass + '" style="width: auto;">';
 
 	for (r = 0; r < 5; r++) {
-		if (dir == 'h') {
+		if (dir === 'h') {
 			html += '<tr>';
 		}
 
 		for (g = 0; g < 5; g++) {
-			if (dir == 'v') {
+			if (dir === 'v') {
 				html += '<tr>';
 			}
 
 			for (b = 0; b < 5; b++) {
-				color = String(numberList[r]) + String(numberList[g]) + String(numberList[b]);
+				color = '' + numberList[r] + numberList[g] + numberList[b];
-				html += '<td style="background-color: #' + color + '; width: ' + width + 'px; height: ' + height + 'px;">';
+				html += '<td style="background-color: #' + color + '; width: ' + width + 'px; height: ' +
-				html += '<a href="#" data-color="' + color + '" style="display: block; width: ' + width + 'px; height: ' + height + 'px; " alt="#' + color + '" title="#' + color + '"></a>';
+					height + 'px;"><a href="#" data-color="' + color + '" style="display: block; width: ' +
+					width + 'px; height: ' + height + 'px; " alt="#' + color + '" title="#' + color + '"></a>';
 				html += '</td>';
 			}
 
-			if (dir == 'v') {
+			if (dir === 'v') {
 				html += '</tr>';
 			}
 		}
 
-		if (dir == 'h') {
+		if (dir === 'h') {
 			html += '</tr>';
 		}
 	}
@@ -1445,7 +1466,7 @@ phpbb.colorPalette = function(dir, width, height) {
 /**
 * Register a color palette.
 *
-* @param object el jQuery object for the palette container.
+* @param {jQuery} el jQuery object for the palette container.
 */
 phpbb.registerPalette = function(el) {
 	var	orientation	= el.attr('data-orientation'),
@@ -1474,15 +1495,15 @@ phpbb.registerPalette = function(el) {
 		}
 		e.preventDefault();
 	});
-}
+};
 
 /**
 * Set display of page element
 *
-* @param string	id	The ID of the element to change
+* @param {string} id The ID of the element to change
-* @param int	action	Set to 0 if element display should be toggled, -1 for
+* @param {int} action Set to 0 if element display should be toggled, -1 for
 *			hiding the element, and 1 for showing it.
-* @param string	type	Display type that should be used, e.g. inline, block or
+* @param {string} type Display type that should be used, e.g. inline, block or
 *			other CSS "display" types
 */
 phpbb.toggleDisplay = function(id, action, type) {
@@ -1503,8 +1524,7 @@ phpbb.toggleDisplay = function(id, action, type) {
 * Toggle additional settings based on the selected
 * option of select element.
 *
-* @param jQuery el jQuery select element object.
+* @param {jQuery} el jQuery select element object.
-* @return undefined
 */
 phpbb.toggleSelectSettings = function(el) {
 	el.children().each(function() {
@@ -1518,11 +1538,11 @@ phpbb.toggleSelectSettings = function(el) {
 * Get function from name.
 * Based on http://stackoverflow.com/a/359910
 *
-* @param string functionName Function to get.
+* @param {string} functionName Function to get.
-* @return function
+* @returns function
 */
 phpbb.getFunctionByName = function (functionName) {
- 	var namespaces = functionName.split('.'),
+	var namespaces = functionName.split('.'),
 		func = namespaces.pop(),
 		context = window;
 
@@ -1587,6 +1607,21 @@ phpbb.registerPageDropdowns = function() {
 	});
 };
 
+/**
+ * Handle avatars to be lazy loaded.
+ */
+phpbb.lazyLoadAvatars = function loadAvatars() {
+	$('.avatar[data-src]').each(function () {
+		var $avatar = $(this);
+
+		$avatar
+			.attr('src', $avatar.data('src'))
+			.removeAttr('data-src');
+	});
+};
+
+$(window).load(phpbb.lazyLoadAvatars);
+
 /**
 * Apply code editor to all textarea elements with data-bbcode attribute
 */

phpBB/assets/javascript/editor.js

@@ -159,7 +159,7 @@ function insert_text(text, spaces, popup) {
 /**
 * Add inline attachment at position
 */
-function attach_inline(index, filename) {
+function attachInline(index, filename) {
 	insert_text('[attachment=' + index + ']' + filename + '[/attachment]');
 	document.forms[form_name].elements[text_name].focus();
 }
@@ -355,6 +355,9 @@ function getCaretPosition(txtarea) {
 		textarea = doc.forms[form_name].elements[text_name];
 
 		phpbb.applyCodeEditor(textarea);
+		if ($('#attach-panel').length) {
+			phpbb.showDragNDrop(textarea);
+		}
 	});
 })(jQuery);
 

phpBB/assets/javascript/plupload.js

@@ -1,26 +1,26 @@
+/* global phpbb, plupload, attachInline */
+
 plupload.addI18n(phpbb.plupload.i18n);
 phpbb.plupload.ids = [];
 
 (function($) {  // Avoid conflicts with other libraries
 
-"use strict";
+'use strict';
 
 /**
  * Set up the uploader.
- *
- * @return undefined
  */
 phpbb.plupload.initialize = function() {
 	// Initialize the Plupload uploader.
-	uploader.init();
+	phpbb.plupload.uploader.init();
 
 	// Set attachment data.
 	phpbb.plupload.setData(phpbb.plupload.data);
 	phpbb.plupload.updateMultipartParams(phpbb.plupload.getSerializedData());
 
 	// Only execute if Plupload initialized successfully.
-	uploader.bind('Init', function() {
+	phpbb.plupload.uploader.bind('Init', function() {
-		phpbb.plupload.form = $(phpbb.plupload.config.form_hook)[0],
+		phpbb.plupload.form = $(phpbb.plupload.config.form_hook)[0];
 		phpbb.plupload.rowTpl = $('#attach-row-tpl')[0].outerHTML;
 
 		// Hide the basic upload panel and remove the attach row template.
@@ -29,18 +29,18 @@ phpbb.plupload.initialize = function() {
 		$('#attach-panel-multi').show();
 	});
 
-	uploader.bind('PostInit', function() {
+	phpbb.plupload.uploader.bind('PostInit', function() {
 		// Point out the drag-and-drop zone if it's supported.
-		if (uploader.features.dragdrop) {
+		if (phpbb.plupload.uploader.features.dragdrop) {
 			$('#drag-n-drop-message').show();
 		}
 
 		// Ensure "Add files" button position is correctly calculated.
 		if ($('#attach-panel-multi').is(':visible')) {
-			uploader.refresh();
+			phpbb.plupload.uploader.refresh();
 		}
 		$('[data-subpanel="attach-panel"]').one('click', function() {
-			uploader.refresh();
+			phpbb.plupload.uploader.refresh();
 		});
 	});
 };
@@ -48,37 +48,32 @@ phpbb.plupload.initialize = function() {
 /**
  * Unsets all elements in the object uploader.settings.multipart_params whose keys
  * begin with 'attachment_data['
- *
- * @return undefined
  */
 phpbb.plupload.clearParams = function() {
-	var obj = uploader.settings.multipart_params;
+	var obj = phpbb.plupload.uploader.settings.multipart_params;
 	for (var key in obj) {
 		if (!obj.hasOwnProperty(key) || key.indexOf('attachment_data[') !== 0) {
 			continue;
 		}
 
-		delete uploader.settings.multipart_params[key];
+		delete phpbb.plupload.uploader.settings.multipart_params[key];
 	}
 };
 
 /**
  * Update uploader.settings.multipart_params object with new data.
  *
- * @param object obj
+ * @param {object} obj
- * @return undefined
  */
 phpbb.plupload.updateMultipartParams = function(obj) {
-	uploader.settings.multipart_params = $.extend(
+	var settings = phpbb.plupload.uploader.settings;
-		uploader.settings.multipart_params,
+	settings.multipart_params = $.extend(settings.multipart_params, obj);
-		obj
-	);
 };
 
 /**
  * Convert the array of attachment objects into an object that PHP would expect as POST data.
  *
- * @return object An object in the form 'attachment_data[i][key]': value as
+ * @returns {object} An object in the form 'attachment_data[i][key]': value as
  * 	expected by the server
  */
 phpbb.plupload.getSerializedData = function() {
@@ -100,22 +95,19 @@ phpbb.plupload.getSerializedData = function() {
  * Get the index from the phpbb.plupload.data array where the given
  * attachment id appears.
  *
- * @param int attach_id The attachment id of the file.
+ * @param {int} attachId The attachment id of the file.
- * @return bool	Returns false if the id cannot be found.
+ * @returns {bool|int} Index of the file if exists, otherwise false.
- * @return int	Returns the index of the file if it exists.
  */
-phpbb.plupload.getIndex = function(attach_id) {
+phpbb.plupload.getIndex = function(attachId) {
-	var index = $.inArray(Number(attach_id), phpbb.plupload.ids);
+	var index = $.inArray(Number(attachId), phpbb.plupload.ids);
 	return (index !== -1) ? index : false;
 };
 
 /**
  * Set the data in phpbb.plupload.data and phpbb.plupload.ids arrays.
  *
- * @param array data	Array containing the new data to use. In the form of 
+ * @param {Array} data	Array containing the new data to use. In the form of
  * array(index => object(property: value). Requires attach_id to be one of the object properties.
- *
- * @return undefined
  */
 phpbb.plupload.setData = function(data) {
 	// Make sure that the array keys are reset.
@@ -130,11 +122,10 @@ phpbb.plupload.setData = function(data) {
 /**
  * Update the attachment data in the HTML and the phpbb & phpbb.plupload objects.
  *
- * @param array data		Array containing the new data to use.
+ * @param {Array} data			Array containing the new data to use.
- * @param string action		The action that required the update. Used to update the inline attachment bbcodes.
+ * @param {string} action		The action that required the update. Used to update the inline attachment bbcodes.
- * @param int index			The index from phpbb.plupload_ids that was affected by the action.
+ * @param {int} index			The index from phpbb.plupload_ids that was affected by the action.
- * @param array downloadUrl	Optional array of download urls to update.
+ * @param {Array} downloadUrl	Optional array of download urls to update.
- * @return undefined
  */
 phpbb.plupload.update = function(data, action, index, downloadUrl) {
 
@@ -148,8 +139,7 @@ phpbb.plupload.update = function(data, action, index, downloadUrl) {
 /**
  * Update the relevant elements and hidden data for all attachments.
  *
- * @param array downloadUrl	Optional array of download urls to update.
+ * @param {Array} downloadUrl Optional array of download urls to update.
- * @return undefined
  */
 phpbb.plupload.updateRows = function(downloadUrl) {
 	for (var i = 0; i < phpbb.plupload.ids.length; i++) {
@@ -163,8 +153,7 @@ phpbb.plupload.updateRows = function(downloadUrl) {
  * data for the file inserted into it. The row is then appended or prepended to
  * #file-list based on the attach_order setting.
  *
- * @param object file	Plupload file object for the new attachment.
+ * @param {object} file Plupload file object for the new attachment.
- * @return undefined
  */
 phpbb.plupload.insertRow = function(file) {
 	var row = $(phpbb.plupload.rowTpl);
@@ -173,7 +162,7 @@ phpbb.plupload.insertRow = function(file) {
 	row.find('.file-name').html(plupload.xmlEncode(file.name));
 	row.find('.file-size').html(plupload.formatSize(file.size));
 
-	if (phpbb.plupload.order == 'desc') {
+	if (phpbb.plupload.order === 'desc') {
 		$('#file-list').prepend(row);
 	} else {
 		$('#file-list').append(row);
@@ -183,9 +172,8 @@ phpbb.plupload.insertRow = function(file) {
 /**
  * Update the relevant elements and hidden data for an attachment.
  *
- * @param int index	The index from phpbb.plupload.ids of the attachment to edit.
+ * @param {int} index The index from phpbb.plupload.ids of the attachment to edit.
- * @param array downloadUrl	Optional array of download urls to update. 
+ * @param {Array} downloadUrl Optional array of download urls to update.
- * @return undefined
  */
 phpbb.plupload.updateRow = function(index, downloadUrl) {
 	var attach = phpbb.plupload.data[index],
@@ -197,7 +185,7 @@ phpbb.plupload.updateRow = function(index, downloadUrl) {
 			link = $('<a></a>');
 
 		link.attr('href', url).html(attach.real_filename);
-		row.find('.file-name').html(link)	
+		row.find('.file-name').html(link);
 	}
 
 	row.find('textarea').attr('name', 'comment_list[' + index + ']');
@@ -207,18 +195,21 @@ phpbb.plupload.updateRow = function(index, downloadUrl) {
 /**
  * Update hidden input data for an attachment.
  *
- * @param object row	jQuery object for the attachment row.
+ * @param {object} row		jQuery object for the attachment row.
- * @param object attach	Attachment data object from phpbb.plupload.data
+ * @param {object} attach	Attachment data object from phpbb.plupload.data
- * @param int index		Attachment index from phpbb.plupload.ids
+ * @param {int} index		Attachment index from phpbb.plupload.ids
- * @return undefined
  */
 phpbb.plupload.updateHiddenData = function(row, attach, index) {
 	row.find('input[type="hidden"]').remove();
 
 	for (var key in attach) {
+		if (!attach.hasOwnProperty(key)) {
+			return;
+		}
+
 		var input = $('<input />')
 			.attr('type', 'hidden')
-			.attr('name', 'attachment_data[' + index + '][' + key +']')
+			.attr('name', 'attachment_data[' + index + '][' + key + ']')
 			.attr('value', attach[key]);
 		$('textarea', row).after(input);
 	}
@@ -230,16 +221,14 @@ phpbb.plupload.updateHiddenData = function(row, attach, index) {
  * responds with the updated attachment data list so that any future
  * uploads can maintain state with the server
  *
- * @param object row	jQuery object for the attachment row.
+ * @param {object} row		jQuery object for the attachment row.
- * @param int attachId	Attachment id of the file to be removed.
+ * @param {int} attachId	Attachment id of the file to be removed.
- *
- * @return undefined
  */
 phpbb.plupload.deleteFile = function(row, attachId) {
 	// If there's no attach id, then the file hasn't been uploaded. Simply delete the row.
 	if (typeof attachId === 'undefined') {
-		var file = uploader.getFile(row.attr('id'));
+		var file = phpbb.plupload.uploader.getFile(row.attr('id'));
-		uploader.removeFile(file);
+		phpbb.plupload.uploader.removeFile(file);
 
 		row.slideUp(100, function() {
 			row.remove();
@@ -267,7 +256,7 @@ phpbb.plupload.deleteFile = function(row, attachId) {
 
 		// trigger_error() was called which likely means a permission error was encountered.
 		if (typeof response.title !== 'undefined') {
-			uploader.trigger('Error', {message: response.message});
+			phpbb.plupload.uploader.trigger('Error', { message: response.message });
 			// We will have to assume that the deletion failed. So leave the file status as uploaded.
 			row.find('.file-status').toggleClass('file-uploaded');
 
@@ -278,21 +267,21 @@ phpbb.plupload.deleteFile = function(row, attachId) {
 		phpbb.plupload.handleMaxFilesReached();
 
 		if (row.attr('id')) {
-			var file = uploader.getFile(row.attr('id'));
+			var file = phpbb.plupload.uploader.getFile(row.attr('id'));
-			uploader.removeFile(file);
+			phpbb.plupload.uploader.removeFile(file);
 		}
 		row.slideUp(100, function() {
 			row.remove();
 			// Hide the file list if it's empty now.
 			phpbb.plupload.hideEmptyList();
 		});
-		uploader.trigger('FilesRemoved');
+		phpbb.plupload.uploader.trigger('FilesRemoved');
 	};
 
 	$.ajax(phpbb.plupload.config.url, {
 		type: 'POST',
 		data: $.extend(fields, phpbb.plupload.getSerializedData()),
-		headers: {'X-PHPBB-USING-PLUPLOAD': '1', 'X-Requested-With': 'XMLHttpRequest'}
+		headers: { 'X-PHPBB-USING-PLUPLOAD': '1', 'X-Requested-With': 'XMLHttpRequest' }
 	})
 	.always(always)
 	.done(done);
@@ -300,25 +289,21 @@ phpbb.plupload.deleteFile = function(row, attachId) {
 
 /**
  * Check the attachment list and hide its container if it's empty.
- *
- * @return undefined
  */
 phpbb.plupload.hideEmptyList = function() {
 	if (!$('#file-list').children().length) {
 		$('#file-list-container').slideUp(100);
 	}
-}
+};
 
 /**
- * Update the indices used in inline attachment bbcodes. This ensures that the bbcodes
+ * Update the indices used in inline attachment bbcodes. This ensures that the
- * correspond to the correct file after a file is added or removed. This should be called 
+ * bbcodes correspond to the correct file after a file is added or removed.
- * before the phpbb.plupload,data and phpbb.plupload.ids arrays are updated, otherwise it will
+ * This should be called before the phpbb.plupload,data and phpbb.plupload.ids
- * not work correctly.
+ * arrays are updated, otherwise it will not work correctly.
  *
- * @param string action	The action that occurred -- either "addition" or "removal"
+ * @param {string} action	The action that occurred -- either "addition" or "removal"
- * @param int index		The index of the attachment from phpbb.plupload.ids that was affected.
+ * @param {int} index		The index of the attachment from phpbb.plupload.ids that was affected.
- *
- * @return undefined
  */
 phpbb.plupload.updateBbcode = function(action, index) {
 	var	textarea = $('#message', phpbb.plupload.form),
@@ -330,64 +315,59 @@ phpbb.plupload.updateBbcode = function(action, index) {
 		return;
 	}
 
-	// Private function used to replace the bbcode.
+	function runUpdate(i) {
-	var updateBbcode = function(match, fileName) {
+		var regex = new RegExp('\\[attachment=' + i + '\\](.*?)\\[\\/attachment\\]', 'g');
-		// Remove the bbcode if the file was removed.
+		text = text.replace(regex, function updateBbcode(_, fileName) {
-		if (removal && index === i) {
+			// Remove the bbcode if the file was removed.
-			return '';
+			if (removal && index === i) {
-		}
+				return '';
-		var newIndex = i + ((removal) ? -1 : 1);
+			}
-		return '[attachment=' + newIndex +']' + fileName + '[/attachment]';
+			var newIndex = i + ((removal) ? -1 : 1);
-	};
+			return '[attachment=' + newIndex + ']' + fileName + '[/attachment]';
+		});
+	}
 
-	// Private function used to generate search regexp
+	// Loop forwards when removing and backwards when adding ensures we don't
-	var searchRegexp = function(index) {
+	// corrupt the bbcode index.
-		return new RegExp('\\[attachment=' + index + '\\](.*?)\\[\\/attachment\\]', 'g');
-	}
-	// The update order of the indices is based on the action taken to ensure that we don't corrupt
-	// the bbcode index by updating it several times as we move through the loop.
-	// Removal loop starts at the removed index and moves to the end of the array.
-	// Addition loop starts at the end of the array and moves to the added index at 0.
-	var searchLoop = function() {
-		if (typeof i === 'undefined') {
-			i = (removal) ? index : phpbb.plupload.ids.length - 1;
-		}
-		return (removal) ? (i < phpbb.plupload.ids.length): (i >= index);
-	}
 	var i;
-
+	if (removal) {
-	while (searchLoop()) {
+		for (i = index; i < phpbb.plupload.ids.length; i++) {
-		text = text.replace(searchRegexp(i), updateBbcode);
+			runUpdate(i);
-		(removal) ? i++ : i--;
+		}
+	} else {
+		for (i = phpbb.plupload.ids.length - 1; i >= index; i--) {
+			runUpdate(i);
+		}
 	}
+
 	textarea.val(text);
 };
 
 /**
  * Get Plupload file objects based on their upload status.
  *
- * @param int status Plupload status - plupload.DONE, plupload.FAILED, plupload.QUEUED,
+ * @param {int} status Plupload status - plupload.DONE, plupload.FAILED,
- * plupload.STARTED, plupload.STOPPED
+ * plupload.QUEUED, plupload.STARTED, plupload.STOPPED
  *
- * @return Returns an array of the Plupload file objects matching the status.
+ * @returns {Array} The Plupload file objects matching the status.
  */
 phpbb.plupload.getFilesByStatus = function(status) {
 	var files = [];
 
-	$.each(uploader.files, function(i, file) {
+	$.each(phpbb.plupload.uploader.files, function(i, file) {
 		if (file.status === status) {
 			files.push(file);
 		}
 	});
 	return files;
-}
+};
 
 /**
  * Check whether the user has reached the maximun number of files that he's allowed
  * to upload. If so, disables the uploader and marks the queued files as failed. Otherwise
  * makes sure that the uploader is enabled.
  *
- * @return bool Returns true if the limit has been reached. False if otherwise.
+ * @returns {bool} True if the limit has been reached. False if otherwise.
  */
 phpbb.plupload.handleMaxFilesReached = function() {
 	// If there is no limit, the user is an admin or moderator.
@@ -400,41 +380,36 @@ phpbb.plupload.handleMaxFilesReached = function() {
 		phpbb.plupload.markQueuedFailed(phpbb.plupload.lang.TOO_MANY_ATTACHMENTS);
 		// Disable the uploader.
 		phpbb.plupload.disableUploader();
-		uploader.trigger('Error', {message: phpbb.plupload.lang.TOO_MANY_ATTACHMENTS});
+		phpbb.plupload.uploader.trigger('Error', { message: phpbb.plupload.lang.TOO_MANY_ATTACHMENTS });
 
 		return true;
-	} else if(phpbb.plupload.maxFiles > phpbb.plupload.ids.length) {
+	} else if (phpbb.plupload.maxFiles > phpbb.plupload.ids.length) {
 		// Enable the uploader if the user is under the limit
 		phpbb.plupload.enableUploader();
 	}
 	return false;
-}
+};
 
 /**
  * Disable the uploader
- *
- * @return undefined
  */
 phpbb.plupload.disableUploader = function() {
 	$('#add_files').addClass('disabled');
-	uploader.disableBrowse();
+	phpbb.plupload.uploader.disableBrowse();
-}
+};
 
 /**
  * Enable the uploader
- *
- * @return undefined
  */
 phpbb.plupload.enableUploader = function() {
 	$('#add_files').removeClass('disabled');
-	uploader.disableBrowse(false);
+	phpbb.plupload.uploader.disableBrowse(false);
-}
+};
 
 /**
  * Mark all queued files as failed.
  *
- * @param string error Error message to present to the user.
+ * @param {string} error Error message to present to the user.
- * @return undefined
  */
 phpbb.plupload.markQueuedFailed = function(error) {
 	var files = phpbb.plupload.getFilesByStatus(plupload.QUEUED);
@@ -443,48 +418,49 @@ phpbb.plupload.markQueuedFailed = function(error) {
 		$('#' + file.id).find('.file-progress').hide();
 		phpbb.plupload.fileError(file, error);
 	});
-}
+};
 
 /**
  * Marks a file as failed and sets the error message for it.
  *
- * @param object file	Plupload file object that failed.
+ * @param {object} file		Plupload file object that failed.
- * @param string error	Error message to present to the user.
+ * @param {string} error	Error message to present to the user.
- * @return undefined
  */
 phpbb.plupload.fileError = function(file, error) {
 	file.status = plupload.FAILED;
 	file.error = error;
-	$('#' + file.id).find('.file-status').addClass('file-error').attr({'data-error-title': phpbb.plupload.lang.ERROR, 'data-error-message': error});
+	$('#' + file.id).find('.file-status')
-}
+		.addClass('file-error')
-
+		.attr({
-
+			'data-error-title': phpbb.plupload.lang.ERROR,
+			'data-error-message': error
+		});
+};
 
 
 /**
  * Set up the Plupload object and get some basic data.
  */
-var	uploader = new plupload.Uploader(phpbb.plupload.config);
+phpbb.plupload.uploader = new plupload.Uploader(phpbb.plupload.config);
 phpbb.plupload.initialize();
 
-
+var $fileList = $('#file-list');
-
 
 /**
  * Insert inline attachment bbcode.
  */
- $('#file-list').on('click', '.file-inline-bbcode', function(e) {
+$fileList.on('click', '.file-inline-bbcode', function(e) {
 	var attachId = $(this).parents('.attach-row').attr('data-attach-id'),
 		index = phpbb.plupload.getIndex(attachId);
 
-	attach_inline(index, phpbb.plupload.data[index].real_filename);	
+	attachInline(index, phpbb.plupload.data[index].real_filename);
 	e.preventDefault();
 });
 
 /**
  * Delete a file.
  */
-$('#file-list').on('click', '.file-delete', function(e) {
+$fileList.on('click', '.file-delete', function(e) {
 	var row = $(this).parents('.attach-row'),
 		attachId = row.attr('data-attach-id');
 
@@ -495,7 +471,7 @@ $('#file-list').on('click', '.file-delete', function(e) {
 /**
  * Display the error message for a particular file when the error icon is clicked.
  */
-$('#file-list').on('click', '.file-error', function(e) {
+$fileList.on('click', '.file-error', function(e) {
 	phpbb.alert($(this).attr('data-error-title'), $(this).attr('data-error-message'));
 	e.preventDefault();
 });
@@ -503,7 +479,7 @@ $('#file-list').on('click', '.file-error', function(e) {
 /**
  * Fires when an error occurs.
  */
-uploader.bind('Error', function(up, error) {
+phpbb.plupload.uploader.bind('Error', function(up, error) {
 	error.file.name = plupload.xmlEncode(error.file.name);
 
 	// The error message that Plupload provides for these is vague, so we'll be more specific.
@@ -520,18 +496,15 @@ uploader.bind('Error', function(up, error) {
  * send the real filename along with the chunk. This is necessary because
  * for some reason the filename is set to 'blob' whenever a file is chunked
  *
- * @param object up		The plupload.Uploader object
+ * @param {object} up	The plupload.Uploader object
- * @param object file	The plupload.File object that is about to be
+ * @param {object} file	The plupload.File object that is about to be uploaded
- * 	uploaded
- *
- * @return undefined
  */
-uploader.bind('BeforeUpload', function(up, file) {
+phpbb.plupload.uploader.bind('BeforeUpload', function(up, file) {
 	if (phpbb.plupload.handleMaxFilesReached()) {
 		return;
 	}
 
-	phpbb.plupload.updateMultipartParams({'real_filename': file.name});
+	phpbb.plupload.updateMultipartParams({ real_filename: file.name });
 });
 
 /**
@@ -539,14 +512,12 @@ uploader.bind('BeforeUpload', function(up, file) {
  * response from the server and checks for an error. If an error occurs it
  * is reported to the user and the upload of this particular file is halted
  *
- * @param object up			The plupload.Uploader object
+ * @param {object} up		The plupload.Uploader object
- * @param object file		The plupload.File object whose chunk has just
+ * @param {object} file		The plupload.File object whose chunk has just
  * 	been uploaded
- * @param object response	The response object from the server
+ * @param {object} response	The response object from the server
- *
- * @return undefined
  */
-uploader.bind('ChunkUploaded', function(up, file, response) {
+phpbb.plupload.uploader.bind('ChunkUploaded', function(up, file, response) {
 	if (response.chunk >= response.chunks - 1) {
 		return;
 	}
@@ -567,7 +538,7 @@ uploader.bind('ChunkUploaded', function(up, file, response) {
 
 	// If trigger_error() was called, then a permission error likely occurred.
 	if (typeof json.title !== 'undefined') {
-		json.error = {message: json.message};
+		json.error = { message: json.message };
 	}
 
 	if (json.error) {
@@ -584,10 +555,8 @@ uploader.bind('ChunkUploaded', function(up, file, response) {
 
 /**
  * Fires when files are added to the queue.
- *
- * @return undefined
  */
-uploader.bind('FilesAdded', function(up, files) {
+phpbb.plupload.uploader.bind('FilesAdded', function(up, files) {
 	// Prevent unnecessary requests to the server if the user already uploaded
 	// the maximum number of files allowed.
 	if (phpbb.plupload.handleMaxFilesReached()) {
@@ -595,13 +564,14 @@ uploader.bind('FilesAdded', function(up, files) {
 	}
 
 	// Switch the active tab if the style supports it
-	if (typeof activateSubPanel == 'function') {
+	if (typeof activateSubPanel === 'function') {
-		activateSubPanel('attach-panel');
+		activateSubPanel('attach-panel'); // jshint ignore: line
 	}
 
 	// Show the file list if there aren't any files currently.
-	if (!$('#file-list-container').is(':visible')) {
+	var $fileListContainer = $('#file-list-container');
-		$('#file-list-container').show(100);
+	if (!$fileListContainer.is(':visible')) {
+		$fileListContainer.show(100);
 	}
 
 	$.each(files, function(i, file) {
@@ -609,7 +579,7 @@ uploader.bind('FilesAdded', function(up, files) {
 	});
 
 	up.bind('UploadProgress', function(up, file) {
-		$('#' + file.id + " .file-progress-bar").css('width', file.percent + '%');
+		$('.file-progress-bar', '#' + file.id).css('width', file.percent + '%');
 		$('#file-total-progress-bar').css('width', up.total.percent + '%');
 	});
 
@@ -627,14 +597,12 @@ uploader.bind('FilesAdded', function(up, files) {
  * appends it to the next file upload so that the server can maintain state
  * with regards to the attachments in a given post
  *
- * @param object up			The plupload.Uploader object
+ * @param {object} up		The plupload.Uploader object
- * @param object file		The plupload.File object that has just been
+ * @param {object} file		The plupload.File object that has just been
  * 	uploaded
- * @param string response	The response string from the server
+ * @param {string} response	The response string from the server
- *
- * @return undefined
  */
-uploader.bind('FileUploaded', function(up, file, response) {
+phpbb.plupload.uploader.bind('FileUploaded', function(up, file, response) {
 	var json = {},
 		row = $('#' + file.id),
 		error;
@@ -643,7 +611,7 @@ uploader.bind('FileUploaded', function(up, file, response) {
 	row.find('.file-progress').hide();
 
 	try {
-		json = $.parseJSON(response.response);
+		json = JSON.parse(response.response);
 	} catch (e) {
 		error = 'Error parsing server response.';
 	}
@@ -651,7 +619,7 @@ uploader.bind('FileUploaded', function(up, file, response) {
 	// If trigger_error() was called, then a permission error likely occurred.
 	if (typeof json.title !== 'undefined') {
 		error = json.message;
-		up.trigger('Error', {message: error});
+		up.trigger('Error', { message: error });
 
 		// The rest of the queue will fail.
 		phpbb.plupload.markQueuedFailed(error);
@@ -662,25 +630,19 @@ uploader.bind('FileUploaded', function(up, file, response) {
 	if (typeof error !== 'undefined') {
 		phpbb.plupload.fileError(file, error);
 	} else if (file.status === plupload.DONE) {
-		file.attachment_data = json['data'][0];
+		file.attachment_data = json.data[0];
 
 		row.attr('data-attach-id', file.attachment_data.attach_id);
 		row.find('.file-inline-bbcode').show();
 		row.find('.file-status').addClass('file-uploaded');
-		phpbb.plupload.update(json['data'], 'addition', 0, [json['download_url']]);
+		phpbb.plupload.update(json.data, 'addition', 0, [json.download_url]);
 	}
 });
 
 /**
  * Fires when the entire queue of files have been uploaded.
- *
- * @param object up		The plupload.Uploader object
- * @param array files	An array of plupload.File objects that have just
- * 	been uploaded as part of a queue
- *
- * @return undefined
  */
-uploader.bind('UploadComplete', function(up, files) {
+phpbb.plupload.uploader.bind('UploadComplete', function() {
 	// Hide the progress bar
 	setTimeout(function() {
 		$('#file-total-progress-bar').fadeOut(500, function() {

phpBB/composer.json

@@ -38,11 +38,11 @@
 	},
 	"require-dev": {
 		"fabpot/goutte": "1.0.*",
+		"phing/phing": "2.4.*",
 		"phpunit/dbunit": "1.3.*",
 		"phpunit/phpunit": "4.1.*",
-		"phing/phing": "2.4.*",
 		"sami/sami": "1.*",
-		"squizlabs/php_codesniffer": "1.*",
+		"squizlabs/php_codesniffer": "2.*",
 		"symfony/browser-kit": "2.3.*",
 		"symfony/css-selector": "2.3.*",
 		"symfony/debug": "2.3.*",

phpBB/composer.lock

@@ -1,9 +1,10 @@
 {
     "_readme": [
         "This file locks the dependencies of your project to a known state",
-        "Read more about it at http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file"
+        "Read more about it at http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
+        "This file is @generated automatically"
     ],
-    "hash": "d93446768ea0665b7c55c01890153a67",
+    "hash": "17b51553237b78392baf2ec78bfdfbc0",
     "packages": [
         {
             "name": "lusitanian/oauth",
@@ -652,12 +653,12 @@
             "version": "v1.13.2",
             "source": {
                 "type": "git",
-                "url": "https://github.com/fabpot/Twig.git",
+                "url": "https://github.com/twigphp/Twig.git",
                 "reference": "6d6a1009427d1f398c9d40904147bf9f723d5755"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/fabpot/Twig/zipball/6d6a1009427d1f398c9d40904147bf9f723d5755",
+                "url": "https://api.github.com/repos/twigphp/Twig/zipball/6d6a1009427d1f398c9d40904147bf9f723d5755",
                 "reference": "6d6a1009427d1f398c9d40904147bf9f723d5755",
                 "shasum": ""
             },
@@ -682,14 +683,11 @@
             "authors": [
                 {
                     "name": "Fabien Potencier",
-                    "email": "fabien@symfony.com",
+                    "email": "fabien@symfony.com"
-                    "homepage": "http://fabien.potencier.org",
-                    "role": "Lead Developer"
                 },
                 {
                     "name": "Armin Ronacher",
-                    "email": "armin.ronacher@active-4.com",
+                    "email": "armin.ronacher@active-4.com"
-                    "role": "Project Founder"
                 }
             ],
             "description": "Twig, the flexible, fast, and secure template language for PHP",
@@ -1914,41 +1912,45 @@
         },
         {
             "name": "squizlabs/php_codesniffer",
-            "version": "1.5.2",
+            "version": "2.3.2",
             "source": {
                 "type": "git",
                 "url": "https://github.com/squizlabs/PHP_CodeSniffer.git",
-                "reference": "a76a39b317ce8106abe6264daa505e24e1731860"
+                "reference": "e96d8579fbed0c95ecf2a0501ec4f307a4aa6404"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/squizlabs/PHP_CodeSniffer/zipball/a76a39b317ce8106abe6264daa505e24e1731860",
+                "url": "https://api.github.com/repos/squizlabs/PHP_CodeSniffer/zipball/e96d8579fbed0c95ecf2a0501ec4f307a4aa6404",
-                "reference": "a76a39b317ce8106abe6264daa505e24e1731860",
+                "reference": "e96d8579fbed0c95ecf2a0501ec4f307a4aa6404",
                 "shasum": ""
             },
             "require": {
                 "ext-tokenizer": "*",
+                "ext-xmlwriter": "*",
                 "php": ">=5.1.2"
             },
-            "suggest": {
-                "phpunit/php-timer": "dev-master"
-            },
             "bin": [
-                "scripts/phpcs"
+                "scripts/phpcs",
+                "scripts/phpcbf"
             ],
             "type": "library",
+            "extra": {
+                "branch-alias": {
+                    "dev-master": "2.0.x-dev"
+                }
+            },
             "autoload": {
                 "classmap": [
                     "CodeSniffer.php",
                     "CodeSniffer/CLI.php",
                     "CodeSniffer/Exception.php",
                     "CodeSniffer/File.php",
+                    "CodeSniffer/Fixer.php",
                     "CodeSniffer/Report.php",
                     "CodeSniffer/Reporting.php",
                     "CodeSniffer/Sniff.php",
                     "CodeSniffer/Tokens.php",
                     "CodeSniffer/Reports/",
-                    "CodeSniffer/CommentParser/",
                     "CodeSniffer/Tokenizers/",
                     "CodeSniffer/DocGenerators/",
                     "CodeSniffer/Standards/AbstractPatternSniff.php",
@@ -1974,13 +1976,13 @@
                     "role": "lead"
                 }
             ],
-            "description": "PHP_CodeSniffer tokenises PHP, JavaScript and CSS files and detects violations of a defined set of coding standards.",
+            "description": "PHP_CodeSniffer tokenizes PHP, JavaScript and CSS files and detects violations of a defined set of coding standards.",
             "homepage": "http://www.squizlabs.com/php-codesniffer",
             "keywords": [
                 "phpcs",
                 "standards"
             ],
-            "time": "2014-02-04 23:49:58"
+            "time": "2015-04-28 23:28:20"
         },
         {
             "name": "symfony/browser-kit",
@@ -2236,17 +2238,13 @@
             "time": "2014-10-01 05:38:33"
         }
     ],
-    "aliases": [
+    "aliases": [],
-
-    ],
     "minimum-stability": "stable",
-    "stability-flags": [
+    "stability-flags": [],
-
+    "prefer-stable": false,
-    ],
+    "prefer-lowest": false,
     "platform": {
         "php": ">=5.3.3"
     },
-    "platform-dev": [
+    "platform-dev": []
-
-    ]
 }

phpBB/config/cron.yml

@@ -120,6 +120,7 @@ services:
             - @config
             - @dbal.conn
             - @user
+            - @dispatcher
         calls:
             - [set_name, [cron.task.core.tidy_search]]
         tags:

phpBB/develop/export_events_for_wiki.php

@@ -18,15 +18,19 @@ if (php_sapi_name() != 'cli')
 
 $phpEx = substr(strrchr(__FILE__, '.'), 1);
 $phpbb_root_path = __DIR__ . '/../';
+define('IN_PHPBB', true);
 
 function usage()
 {
-	echo "Usage: export_events_for_wiki.php COMMAND [EXTENSION]\n";
+	echo "Usage: export_events_for_wiki.php COMMAND [VERSION] [EXTENSION]\n";
 	echo "\n";
 	echo "COMMAND:\n";
 	echo "    all:\n";
 	echo "        Generate the complete wikipage for https://wiki.phpbb.com/Event_List\n";
 	echo "\n";
+	echo "    diff:\n";
+	echo "        Generate the Event Diff for the release highlights\n";
+	echo "\n";
 	echo "    php:\n";
 	echo "        Generate the PHP event section of Event_List\n";
 	echo "\n";
@@ -36,6 +40,9 @@ function usage()
 	echo "    styles:\n";
 	echo "        Generate the Styles Template event section of Event_List\n";
 	echo "\n";
+	echo "VERSION (diff only):\n";
+	echo "    Filter events (minimum version)\n";
+	echo "\n";
 	echo "EXTENSION (Optional):\n";
 	echo "    If not given, only core events will be exported.\n";
 	echo "    Otherwise only events from the extension will be exported.\n";
@@ -55,20 +62,32 @@ validate_argument_count($argc, 1);
 
 $action = $argv[1];
 $extension = isset($argv[2]) ? $argv[2] : null;
+$min_version = null;
 require __DIR__ . '/../phpbb/event/php_exporter.' . $phpEx;
 require __DIR__ . '/../phpbb/event/md_exporter.' . $phpEx;
+require __DIR__ . '/../includes/functions.' . $phpEx;
 require __DIR__ . '/../phpbb/event/recursive_event_filter_iterator.' . $phpEx;
 require __DIR__ . '/../phpbb/recursive_dot_prefix_filter_iterator.' . $phpEx;
 
 switch ($action)
 {
+
+	case 'diff':
+		echo '== Event changes ==' . "\n";
+		$min_version = $extension;
+		$extension = isset($argv[3]) ? $argv[3] : null;
+
 	case 'all':
-		echo '__FORCETOC__' . "\n";
+		if ($action === 'all')
+		{
+			echo '__FORCETOC__' . "\n";
+		}
+
 
 	case 'php':
-		$exporter = new \phpbb\event\php_exporter($phpbb_root_path, $extension);
+		$exporter = new \phpbb\event\php_exporter($phpbb_root_path, $extension, $min_version);
 		$exporter->crawl_phpbb_directory_php();
-		echo $exporter->export_events_for_wiki();
+		echo $exporter->export_events_for_wiki($action);
 
 		if ($action === 'php')
 		{
@@ -78,9 +97,16 @@ switch ($action)
 		// no break;
 
 	case 'styles':
-		$exporter = new \phpbb\event\md_exporter($phpbb_root_path, $extension);
+		$exporter = new \phpbb\event\md_exporter($phpbb_root_path, $extension, $min_version);
-		$exporter->crawl_phpbb_directory_styles('docs/events.md');
+		if ($min_version && $action === 'diff')
-		echo $exporter->export_events_for_wiki();
+		{
+			$exporter->crawl_eventsmd('docs/events.md', 'styles');
+		}
+		else
+		{
+			$exporter->crawl_phpbb_directory_styles('docs/events.md');
+		}
+		echo $exporter->export_events_for_wiki($action);
 
 		if ($action === 'styles')
 		{
@@ -90,9 +116,16 @@ switch ($action)
 		// no break;
 
 	case 'adm':
-		$exporter = new \phpbb\event\md_exporter($phpbb_root_path, $extension);
+		$exporter = new \phpbb\event\md_exporter($phpbb_root_path, $extension, $min_version);
-		$exporter->crawl_phpbb_directory_adm('docs/events.md');
+		if ($min_version && $action === 'diff')
-		echo $exporter->export_events_for_wiki();
+		{
+			$exporter->crawl_eventsmd('docs/events.md', 'adm');
+		}
+		else
+		{
+			$exporter->crawl_phpbb_directory_adm('docs/events.md');
+		}
+		echo $exporter->export_events_for_wiki($action);
 
 		if ($action === 'all')
 		{

phpBB/develop/search_fill.php

@@ -40,7 +40,7 @@ if (!class_exists($search_type))
 }
 
 $error = false;
-$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user);
+$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher);
 
 if ($error)
 {

phpBB/docs/CHANGELOG.html

@@ -6,7 +6,7 @@
 <meta name="description" content="phpBB 3.1.x Changelog" />
 <title>phpBB &bull; Changelog</title>
 
-<link href="assets/css/stylesheet.css" rel="stylesheet" type="text/css" media="screen, projection" />
+<link href="assets/css/stylesheet.css" rel="stylesheet" type="text/css" media="screen" />
 
 </head>
 
@@ -49,7 +49,9 @@
 <ol>
 	<li><a href="#changelog">Changelog</a>
 	<ul>
-		<li><a href="#v312">Changes since 3.1.3-RC1</a></li>
+		<li><a href="#v314">Changes since 3.1.4</a></li>
+		<li><a href="#v313">Changes since 3.1.3</a></li>
+		<li><a href="#v313rc1">Changes since 3.1.3-RC1</a></li>
 		<li><a href="#v312">Changes since 3.1.2</a></li>
 		<li><a href="#v311">Changes since 3.1.1</a></li>
 		<li><a href="#v310">Changes since 3.1.0</a></li>
@@ -67,6 +69,7 @@
 		<li><a href="#v310a2">Changes since 3.1.0-a2</a></li>
 		<li><a href="#v310a1">Changes since 3.1.0-a1</a></li>
 		<li><a href="#v30x">Changes since 3.0.x</a></li>
+		<li><a href="#v3013-PL1">Changes since 3.0.13-PL1</a></li>
 		<li><a href="#v3013">Changes since 3.0.13</a></li>
 		<li><a href="#v3012">Changes since 3.0.12</a></li>
 		<li><a href="#v3011">Changes since 3.0.11</a></li>
@@ -109,6 +112,208 @@
 
 		<div class="content">
 
+	<a name="v314"></a><h3>Changes since 3.1.4</h3>
+
+	<h4>Bug</h4>
+	<ul>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-9563">PHPBB3-9563</a>] - Empty categories showing up on index</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11521">PHPBB3-11521</a>] - Missing language string when migration is invalid</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11532">PHPBB3-11532</a>] - acp_users_overview.html autocompletes &quot;confirm email&quot; and &quot;password&quot; fields in chrome</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13516">PHPBB3-13516</a>] - icc-profiler check should skip extensions vendor</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13564">PHPBB3-13564</a>] - User is not removed from oauth tables upon deletion</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13664">PHPBB3-13664</a>] - Allow changing total list for unapproved posts in mcp_front</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13755">PHPBB3-13755</a>] - uploading attachments results in error: parsing server response. </li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13763">PHPBB3-13763</a>] - Language Spelling Error: Completly</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13771">PHPBB3-13771</a>] - AJAX responses do not support exceptions messages</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13772">PHPBB3-13772</a>] - Error in @param variable type for phpbb\passwords\manager</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13779">PHPBB3-13779</a>] - Permission set migration tool grants regular users heightened permissions</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13787">PHPBB3-13787</a>] - Duplicate entry of poll_delete in prosilver template</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13792">PHPBB3-13792</a>] - Travis fails installing hhvm-nigthly</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13819">PHPBB3-13819</a>] - Add missing sql_freeresult() to files in includes/</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13822">PHPBB3-13822</a>] - Permissions are in the wrong category</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13823">PHPBB3-13823</a>] - Update package is missing file with inline whitespace changes</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13827">PHPBB3-13827</a>] - controller\helper::message does not return JSON object for AJAX requests</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13830">PHPBB3-13830</a>] - phpcs doesn't detect class using in catch blocks</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13833">PHPBB3-13833</a>] - Submit a lot of messages without timeout between messages</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13838">PHPBB3-13838</a>] - Add a sniff to ensure that the opening brace of a control statement is on the line after</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13852">PHPBB3-13852</a>] - Inconsistent tab navigation when login in</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13861">PHPBB3-13861</a>] - Old styles are not removed by style update migration</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13868">PHPBB3-13868</a>] - Adding multiple language files for acp/mcp/ucp modules is incorrectly handled for extensions</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13873">PHPBB3-13873</a>] - Remove broken print stylesheet in preference of &amp;view=print</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13875">PHPBB3-13875</a>] - Lint test should ignore cache, ext, and store folder</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13878">PHPBB3-13878</a>] - Properly display background images when printing with webkit browser</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13888">PHPBB3-13888</a>] - &quot;Couldn't fetch mysqli_result&quot; error on username search and egosearch</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13913">PHPBB3-13913</a>] - Post subject of password protected and list-only forums shown on board index</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13922">PHPBB3-13922</a>] - Whitespace found at end of line phpBB/includes/functions_admin.php</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13928">PHPBB3-13928</a>] - Fix build_cfg_template_test after ticket/sec-184 </li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13939">PHPBB3-13939</a>] - phpBB no longer shows error messages when uploading files with drag/drop</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13942">PHPBB3-13942</a>] - phpbb\user::set_lang() adds extra path and PHP extension to ext lang files</li>
+	</ul>
+	<h4>Improvement</h4>
+	<ul>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12101">PHPBB3-12101</a>] - Redirect for Microsoft servers in /includes/functions.php:redirect()</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12542">PHPBB3-12542</a>] - Highlight textarea when files are dragged over it</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12717">PHPBB3-12717</a>] - Improve the code sniffer</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13200">PHPBB3-13200</a>] - Add autocomplete=&quot;off&quot; to additional password fields</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13648">PHPBB3-13648</a>] - Allow extensions using custom bbcode validation methods</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13699">PHPBB3-13699</a>] - Add template events in viewforum_body.html before and after the title</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13745">PHPBB3-13745</a>] - Add veiwtopic.php core event to allow manipulating poll data</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13750">PHPBB3-13750</a>] - Add generate_forum_nav() core event to allow modifying navlinks text</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13752">PHPBB3-13752</a>] - Add viewonline.php core event to allow modifying forum data SQL query</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13753">PHPBB3-13753</a>] - Add template events to forum category header</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13778">PHPBB3-13778</a>] - Misleading instruction text for recaptcha plugin</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13790">PHPBB3-13790</a>] - Update phpcs to 2.3.2</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13791">PHPBB3-13791</a>] - Add more post buttons template events to viewtopic_body.html</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13808">PHPBB3-13808</a>] - Add event before and after the search form</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13809">PHPBB3-13809</a>] - Test php parsing on php7 on travis</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13841">PHPBB3-13841</a>] - Add event when topics are moved</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13858">PHPBB3-13858</a>] - Make the Plupload uploader instance available in the global namespace</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13872">PHPBB3-13872</a>] - Allow template events to have a changed tag</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13876">PHPBB3-13876</a>] - Use async webfontloader to load webfont from googles CDN</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13905">PHPBB3-13905</a>] - loading.gif loaded before document load when it isn't needed</li>
+	</ul>
+	<h4>Security Issue</h4>
+	<ul>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13917">PHPBB3-13917</a>] - Use hash_equals() if possible in password driver helper</li>
+		<li>[SECURITY-184] - Do not output passwords to HTML input fields</li>
+	</ul>
+	<h4>Sub-task</h4>
+	<ul>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13660">PHPBB3-13660</a>] - Allow changing the query for total reports in mcp_front</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13661">PHPBB3-13661</a>] - Allow changing how and which logs are retrieved</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13668">PHPBB3-13668</a>] - Allow modifying the query to get details from the post report</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13672">PHPBB3-13672</a>] - Allow changing the query to obtain the user-submitted report.</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13685">PHPBB3-13685</a>] - Allow modifying the keywords search query for mysql fulltext search</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13686">PHPBB3-13686</a>] - Allow modifying the fulltext native search query for total results before before</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13689">PHPBB3-13689</a>] - Allow modifying the Postgres native search query for results</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13691">PHPBB3-13691</a>] - Allow modifying the fulltext native search query for total results for author</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13693">PHPBB3-13693</a>] - Allow modifying the MySQL author search query for results</li>
+	</ul>
+	<h4>Task</h4>
+	<ul>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13807">PHPBB3-13807</a>] - Extend event exporter to filter by min or max version to allow generating event diffs for releases</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13887">PHPBB3-13887</a>] - JS could use some refactoring</li>
+	</ul>
+
+
+	<a name="v313"></a><h3>Changes since 3.1.3</h3>
+
+	<h4>Security</h4>
+	<ul>
+		<li>[SECURITY-180] - An insufficient check allowed users of the Google Chrome browser to be redirected to external domains (e.g. on login)</li>
+	</ul>
+	<h4>Bug</h4>
+	<ul>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-8050">PHPBB3-8050</a>] - Avatar &amp; Long PM recipients list break out of template</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-8250">PHPBB3-8250</a>] - Forum selections in MCP queue not working</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-8494">PHPBB3-8494</a>] - Cannot install two boards on the same postgresql database</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11424">PHPBB3-11424</a>] - Quick-Mod Tools race condition results in NO_MODE</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12368">PHPBB3-12368</a>] -  Updating database fails in upgrade from 3.0 when trying twice without purging the cache</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13348">PHPBB3-13348</a>] - sql_freeresult() should be called in feed base class</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13414">PHPBB3-13414</a>] - download/file.php 304 Not Modified bug</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13433">PHPBB3-13433</a>] - A dot in email address leads to unwanted extraneous dot</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13463">PHPBB3-13463</a>] - Mark read icon displays on wrong side in RTL</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13469">PHPBB3-13469</a>] - Soft delete fails with error message</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13472">PHPBB3-13472</a>] - Notification for admin activation of user doesn't get pruned after the user is deleted</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13477">PHPBB3-13477</a>] - File caching of extensions' version check file doesn't work</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13493">PHPBB3-13493</a>] - $helper-&gt;route gives wrong path for guests with trailing slashes and mod_rewrite disabled</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13522">PHPBB3-13522</a>] - Q&amp;A Captcha ACP, admins can add blank answers</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13538">PHPBB3-13538</a>] - Add tests for pagination in nested loops</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13542">PHPBB3-13542</a>] - Add $error to core UCP event for better validating of new UCP options</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13550">PHPBB3-13550</a>] - Invalid JSON response returned when plupload dir is not writable</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13551">PHPBB3-13551</a>] - Authentication method- LDAP- entered value 'ldap base dn' does not display</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13555">PHPBB3-13555</a>] - Poll options preview rendered incorrectly by &lt;br /&gt; collision</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13563">PHPBB3-13563</a>] - No Private Message button shown in memberlist for subsilver2</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13568">PHPBB3-13568</a>] - Imagick path validated as relative path although ACP asks for absolute path</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13569">PHPBB3-13569</a>] - Use sql_freeresult for $result assignments and remove unneeded $result assignments</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13570">PHPBB3-13570</a>] - Mysqli extension supports persistent connection since PHP 5.3.0</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13577">PHPBB3-13577</a>] - Skip tests requiring fileinfo if fileinfo is not enabled</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13586">PHPBB3-13586</a>] - Allow '0' as username with Jabber notifications</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13587">PHPBB3-13587</a>] - SQL syntax errors in get_prune_users()</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13588">PHPBB3-13588</a>] - Information message for disabled fsockopen() is not displayed correctly</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13590">PHPBB3-13590</a>] - Remember me login keys should be centered</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13597">PHPBB3-13597</a>] - Modify variable-variable syntax to be compatible with PHP7</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13612">PHPBB3-13612</a>] - Functional test of extension fails if ext requires page refresh</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13615">PHPBB3-13615</a>] - Avatar Gallery shows categories but no images in subsilver2</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13617">PHPBB3-13617</a>] - Bot session continuation with invalid f= query paramter causes SQL error</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13618">PHPBB3-13618</a>] - Small grammatical typo in the English FAQ regarding COPPA</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13631">PHPBB3-13631</a>] - Fix variable name in core.phpbb_content_visibility_get_global_visibility_before event</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13639">PHPBB3-13639</a>] - Unused class icon-search-advanced references nonexistent image</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13644">PHPBB3-13644</a>] - Type hint dispatcher_interface instead of dispatcher</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13649">PHPBB3-13649</a>] - Subforum tooltip always displays &quot;no unread posts&quot; on viewforum.php</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13655">PHPBB3-13655</a>] - $phpbb_dispatcher undefined in phpbb_mcp_sorting()</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13657">PHPBB3-13657</a>] - Start testing against PHP7</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13666">PHPBB3-13666</a>] - data-clicked attribute is not always removed on ajax form submissions</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13667">PHPBB3-13667</a>] - Big buttons are incorrectly aligned in Chrome on Windows</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13670">PHPBB3-13670</a>] - Fix fatal function name must be a string in functional tests</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13698">PHPBB3-13698</a>] - Incorrect password message shows unparsed &quot;Board Administrator&quot;-link</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13702">PHPBB3-13702</a>] - Page is zoomed in by default on iOS devices in landscape mode</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13703">PHPBB3-13703</a>] - Uploaded avatars are not loading correctly when passing through the events</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13719">PHPBB3-13719</a>] - Remove superfluous $search_options in acp_search.php </li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13721">PHPBB3-13721</a>] - URL Rewriting doesn't work on IIS7</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13723">PHPBB3-13723</a>] - Update docs/AUTHORS for 3.1.4-RC1</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13726">PHPBB3-13726</a>] - Responsive breadcrumbs JavaScript incorrectly calculates width of hidden items</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13727">PHPBB3-13727</a>] - Responsive breadcrumbs JavaScript doesn't reset wrap- classes when resizing</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13732">PHPBB3-13732</a>] - Update composer for PHP7 compatibility</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13736">PHPBB3-13736</a>] - Replace colons with colon lang keys in Contact us page</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13738">PHPBB3-13738</a>] - Sami still refers to develop-* branches</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13741">PHPBB3-13741</a>] - Remove outdated comments in CSS files</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13742">PHPBB3-13742</a>] - Local avatar driver is not generating correct urls on index</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13743">PHPBB3-13743</a>] - Missing global vars $phpbb_root_path and $phpEx in message_parser.php</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13747">PHPBB3-13747</a>] - Fix test_validate_path_linux method</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13749">PHPBB3-13749</a>] - Add missing slash to base uri in helper route tests</li>
+	</ul>
+	<h4>Improvement</h4>
+	<ul>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13313">PHPBB3-13313</a>] - Add a core php event to the mass email form</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13467">PHPBB3-13467</a>] - Add a CONTRIBUTING file to the project on Github</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13510">PHPBB3-13510</a>] - Add template event before/after the pagination on viewtopic</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13512">PHPBB3-13512</a>] - Add template events to viewtopic_body.html before/after the post details</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13518">PHPBB3-13518</a>] - Add core event to markread() in functions.php</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13532">PHPBB3-13532</a>] - Add core event to get_unread_topics() in functions.php</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13533">PHPBB3-13533</a>] - Add template events to the header of search_results.html</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13535">PHPBB3-13535</a>] - Add ucp_profile.php core event to allow modifying account settings on editing</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13536">PHPBB3-13536</a>] - Add UCP/ACP core events to allow modifying user profile data on editing</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13537">PHPBB3-13537</a>] - Add core events on mcp_queue for approval and disapproval</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13540">PHPBB3-13540</a>] - Add events to the topic review while posting and moderating posts</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13578">PHPBB3-13578</a>] - Add ucp_register.php core event</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13591">PHPBB3-13591</a>] - Add functions.php core event to the function obtain_users_online_string()</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13595">PHPBB3-13595</a>] - Remove unused instances of the bbcode class</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13596">PHPBB3-13596</a>] - Add display_forums() core event to allow modifying forums list data</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13600">PHPBB3-13600</a>] - Add core event to allow extensions to create a custom help page</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13602">PHPBB3-13602</a>] - Add template event overall_header_navbar_before</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13628">PHPBB3-13628</a>] - Add template events into ucp profile html files</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13635">PHPBB3-13635</a>] - Add sql_ary to UCP profile event</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13637">PHPBB3-13637</a>] - Add php event for modifying the data when composing a PM</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13643">PHPBB3-13643</a>] - kernel_terminate_subscriber should have a very low priority</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13650">PHPBB3-13650</a>] - New core event for UCP profile mode</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13658">PHPBB3-13658</a>] - [Event] - Before and after deletion of topics</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13675">PHPBB3-13675</a>] - Add validate to acp_profile event and add template events</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13679">PHPBB3-13679</a>] - Add template event overall_header_searchbox_before</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13701">PHPBB3-13701</a>] - New posting_pm_layout.html template events to wrap &quot;include posting_pm_header.html&quot;</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13710">PHPBB3-13710</a>] - Add template events around smilies display</li>
+	</ul>
+	<h4>New Feature</h4>
+	<ul>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13336">PHPBB3-13336</a>] - New core events for user activation</li>
+	</ul>
+	<h4>Sub-task</h4>
+	<ul>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13142">PHPBB3-13142</a>] - [Event] - Before query to list unapproved and deleted posts</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13592">PHPBB3-13592</a>] - Add core event to allow changing get_visibility_sql's result</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13621">PHPBB3-13621</a>] - Fix event phpbb_content_visibility_get_forums_visibility_before to get where_sql working as specified</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13625">PHPBB3-13625</a>] - Add more variables to core.viewforum_get_topic_data</li>
+	</ul>
+	<h4>Task</h4>
+	<ul>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-9457">PHPBB3-9457</a>] - [Accessibility] - Add WAI-ARIA landmarks to the Prosilver template files</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12599">PHPBB3-12599</a>] - Update documentation styling</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13572">PHPBB3-13572</a>] - Upgrade composer to 1.0.0-alpha9</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13626">PHPBB3-13626</a>] - Add branch aliases</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13634">PHPBB3-13634</a>] - Update README to show new branch names</li>
+		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13640">PHPBB3-13640</a>] - Rearrange order of color css rules</li>
+	</ul>
+
 	<a name="v313rc1"></a><h3>Changes since 3.1.3-RC1</h3>
 
 	<h4>Bug</h4>
@@ -2211,6 +2416,35 @@
 <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11870">PHPBB3-11870</a>] - No longer exclude ./phpBB/phpbb/search/fulltext_*.php from code coverage</li>
 <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11885">PHPBB3-11885</a>] - Add migrations for 3.0.12-RCx and 3.0.12</li>
 <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11913">PHPBB3-11913</a>] - Apply reorganisation of download.phpbb.com to build_announcement.php</li>
+</ul>
+
+	<a name="v3013-PL1"></a><h3>Changes since 3.0.13-PL1</h3>
+
+<h4>Security</h4>
+<ul>
+<li>[SECURITY-180] - An insufficient check allowed users of the Google Chrome browser to be redirected to external domains (e.g. on login)</li>
+</ul>
+<h4>Bug</h4>
+<ul>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13348">PHPBB3-13348</a>] - sql_freeresult() should be called in feed base class</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13414">PHPBB3-13414</a>] - download/file.php sends Content-Length header even when issuing 304 Not Modified</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13555">PHPBB3-13555</a>] - Poll options preview rendered incorrectly by &lt;br /&gt; collision</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13568">PHPBB3-13568</a>] - Imagick path validated as relative path although ACP asks for absolute path</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13617">PHPBB3-13617</a>] - Bot session continuation with invalid f= query parameter causes SQL error</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13738">PHPBB3-13738</a>] - Sami still refers to develop-* branches</li>
+</ul>
+<h4>Improvement</h4>
+<ul>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12089">PHPBB3-12089</a>] - Make HTTP status code assertion failure messages more informative</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13765">PHPBB3-13765</a>] - Verify that SERVER_PROTOCOL has the expected format</li>
+</ul>
+<h4>Task</h4>
+<ul>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11539">PHPBB3-11539</a>] - Add unit tests for several functions in functions.php</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13572">PHPBB3-13572</a>] - Upgrade composer to 1.0.0-alpha9</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13599">PHPBB3-13599</a>] - Remove PHP 5.2 Travis environment</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13634">PHPBB3-13634</a>] - Update README to show new branch names</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13723">PHPBB3-13723</a>] - Update docs/AUTHORS for 3.0.14-RC1 / 3.1.4-RC1</li>
 </ul>
 
 	<a name="v3013"></a><h3>Changes since 3.0.13</h3>
@@ -4745,7 +4979,7 @@
 </div></div>
 
 <div>
-	<a id="bottom" name="bottom" accesskey="z"></a>
+	<a id="bottom" accesskey="z"></a>
 </div>
 
 </body>

phpBB/docs/CREDITS.txt

@@ -23,6 +23,7 @@ phpBB Project Manager:   Marshalrusty (Yuriy Rusko)
 phpBB Lead Developer:    naderman (Nils Adermann)
 
 phpBB Developers:        bantu (Andreas Fischer)
+                         CHItA (Máté Bartus)
                          dhruv.goel92 (Dhruv Goel)
                          Elsensee (Oliver Schramm)
                          marc1706 (Marc Alexander)

phpBB/docs/FAQ.html

@@ -6,7 +6,7 @@
 <meta name="description" content="phpBB 3.1.x frequently asked questions" />
 <title>phpBB &bull; FAQ</title>
 
-<link href="assets/css/stylesheet.css" rel="stylesheet" type="text/css" media="screen, projection" />
+<link href="assets/css/stylesheet.css" rel="stylesheet" type="text/css" media="screen" />
 
 </head>
 
@@ -343,7 +343,7 @@ I want to sue you because i think you host an illegal board!</h2>
 </div></div>
 
 <div>
-	<a id="bottom" name="bottom" accesskey="z"></a>
+	<a id="bottom" accesskey="z"></a>
 </div>
 
 </body>

phpBB/docs/INSTALL.html

@@ -6,7 +6,7 @@
 <meta name="description" content="phpBB 3.1.x Installation, updating and conversion informations" />
 <title>phpBB &bull; Install</title>
 
-<link href="assets/css/stylesheet.css" rel="stylesheet" type="text/css" media="screen, projection" />
+<link href="assets/css/stylesheet.css" rel="stylesheet" type="text/css" media="screen" />
 
 </head>
 
@@ -303,7 +303,7 @@
 
 	<p>This update method is the recommended method for updating. This package detects changed files automatically and merges in changes if needed.</p>
 
-	<p>The automatic update package will update the board from a given version to the latest version. A number of automatic update files are available, and you should choose the one that corresponds to the version of the board that you are currently running. For example, if your current version is <strong>3.0.12</strong>, you need the <code>phpBB-3.0.12_to_3.0.13.zip/tar.bz2</code> file.</p>
+	<p>The automatic update package will update the board from a given version to the latest version. A number of automatic update files are available, and you should choose the one that corresponds to the version of the board that you are currently running. For example, if your current version is <strong>3.0.13</strong>, you need the <code>phpBB-3.0.13_to_3.0.14.zip/tar.bz2</code> file.</p>
 
 	<p>To perform the update, either follow the instructions from the <strong>Administration Control Panel-&gt;System</strong> Tab - this should point out that you are running an outdated version and will guide you through the update - or follow the instructions listed below.</p>
 
@@ -507,7 +507,7 @@
 </div></div>
 
 <div>
-	<a id="bottom" name="bottom" accesskey="z"></a>
+	<a id="bottom" accesskey="z"></a>
 </div>
 
 </body>

phpBB/docs/README.html

@@ -6,7 +6,7 @@
 <meta name="description" content="phpBB 3.1.x Readme" />
 <title>phpBB &bull; Readme</title>
 
-<link href="assets/css/stylesheet.css" rel="stylesheet" type="text/css" media="screen, projection" />
+<link href="assets/css/stylesheet.css" rel="stylesheet" type="text/css" media="screen" />
 
 </head>
 
@@ -366,7 +366,7 @@
 </div></div>
 
 <div>
-	<a id="bottom" name="bottom" accesskey="z"></a>
+	<a id="bottom" accesskey="z"></a>
 </div>
 
 </body>

phpBB/docs/auth_api.html

@@ -6,7 +6,7 @@
 <meta name="description" content="This is an explanation of how to use the phpBB auth/acl API" />
 <title>phpBB3 &bull; Auth API</title>
 
-<link href="assets/css/stylesheet.css" rel="stylesheet" type="text/css" media="screen, projection" />
+<link href="assets/css/stylesheet.css" rel="stylesheet" type="text/css" media="screen" />
 
 </head>
 
@@ -285,7 +285,7 @@ $auth_admin = new auth_admin();</pre>
 </div></div>
 
 <div>
-	<a id="bottom" name="bottom" accesskey="z"></a>
+	<a id="bottom" accesskey="z"></a>
 </div>
 
 </body>

phpBB/docs/coding-guidelines.html

@@ -6,7 +6,7 @@
 <meta name="description" content="Ascraeus coding guidelines document" />
 <title>phpBB3 &bull; Coding Guidelines</title>
 
-<link href="assets/css/stylesheet.css" rel="stylesheet" type="text/css" media="screen, projection" />
+<link href="assets/css/stylesheet.css" rel="stylesheet" type="text/css" media="screen" />
 
 </head>
 
@@ -2568,7 +2568,7 @@ if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
 </div></div>
 
 <div>
-	<a id="bottom" name="bottom" accesskey="z"></a>
+	<a id="bottom" accesskey="z"></a>
 </div>
 
 </body>

phpBB/docs/events.md

@@ -293,6 +293,20 @@ forumlist_body_category_header_before
 * Since: 3.1.0-a4
 * Purpose: Add content before the header of the category on the forum list.
 
+forumlist_body_category_header_row_append
+===
+* Locations:
+    + styles/prosilver/template/forumlist_body.html
+* Since: 3.1.5-RC1
+* Purpose: Add content after the header row of the category on the forum list.
+
+forumlist_body_category_header_row_prepend
+===
+* Locations:
+    + styles/prosilver/template/forumlist_body.html
+* Since: 3.1.5-RC1
+* Purpose: Add content before the header row of the category on the forum list.
+
 forumlist_body_forum_row_after
 ===
 * Locations:
@@ -517,6 +531,46 @@ mcp_front_latest_unapproved_before
 * Since: 3.1.3-RC1
 * Purpose: Add content before latest unapproved posts list
 
+mcp_post_additional_options
+===
+* Locations:
+    + styles/prosilver/template/mcp_post.html
+    + styles/subsilver2/template/mcp_post.html
+* Since: 3.1.5-RC1
+* Purpose: Add content within the list of post moderation actions
+
+mcp_warn_post_add_warning_field_after
+===
+* Locations:
+    + styles/prosilver/template/mcp_warn_post.html
+    + styles/subsilver2/template/mcp_warn_post.html
+* Since: 3.1.0-RC4
+* Purpose: Add content during warning for a post - after add warning field.
+
+mcp_warn_post_add_warning_field_before
+===
+* Locations:
+    + styles/prosilver/template/mcp_warn_post.html
+    + styles/subsilver2/template/mcp_warn_post.html
+* Since: 3.1.0-RC4
+* Purpose: Add content during warning for a post - before add warning field.
+
+mcp_warn_user_add_warning_field_after
+===
+* Locations:
+    + styles/prosilver/template/mcp_warn_user.html
+    + styles/subsilver2/template/mcp_warn_user.html
+* Since: 3.1.0-RC4
+* Purpose: Add content during warning a user - after add warning field.
+
+mcp_warn_user_add_warning_field_before
+===
+* Locations:
+    + styles/prosilver/template/mcp_warn_user.html
+    + styles/subsilver2/template/mcp_warn_user.html
+* Since: 3.1.0-RC4
+* Purpose: Add content during warning a user - before add warning field.
+
 memberlist_body_username_append
 ===
 * Locations:
@@ -607,38 +661,6 @@ memberlist_view_user_statistics_before
 * Since: 3.1.0-a1
 * Purpose: Add entries before the user statistics part of any user profile
 
-mcp_warn_post_add_warning_field_after
-===
-* Locations:
-    + styles/prosilver/template/mcp_warn_post.html
-    + styles/subsilver2/template/mcp_warn_post.html
-* Since: 3.1.0-RC4
-* Purpose: Add content during warning for a post - after add warning field.
-
-mcp_warn_post_add_warning_field_before
-===
-* Locations:
-    + styles/prosilver/template/mcp_warn_post.html
-    + styles/subsilver2/template/mcp_warn_post.html
-* Since: 3.1.0-RC4
-* Purpose: Add content during warning for a post - before add warning field.
-
-mcp_warn_user_add_warning_field_after
-===
-* Locations:
-    + styles/prosilver/template/mcp_warn_user.html
-    + styles/subsilver2/template/mcp_warn_user.html
-* Since: 3.1.0-RC4
-* Purpose: Add content during warning a user - after add warning field.
-
-mcp_warn_user_add_warning_field_before
-===
-* Locations:
-    + styles/prosilver/template/mcp_warn_user.html
-    + styles/subsilver2/template/mcp_warn_user.html
-* Since: 3.1.0-RC4
-* Purpose: Add content during warning a user - before add warning field.
-
 navbar_header_logged_out_content
 ===
 * Locations:
@@ -904,6 +926,14 @@ overall_header_stylesheets_after
 * Purpose: Add asset calls after stylesheets within the `</head>` tag.
 Note that INCLUDECSS will not work with this event.
 
+posting_editor_bbcode_status_after
+===
+* Locations:
+    + styles/prosilver/template/posting_editor.html
+    + styles/subsilver2/template/posting_body.html
+* Since: 3.1.4-RC1
+* Purpose: Add content after bbcode status
+
 posting_editor_buttons_after
 ===
 * Locations:
@@ -952,6 +982,22 @@ posting_editor_options_prepend
 * Since: 3.1.0-a1
 * Purpose: Add posting options on the posting screen
 
+posting_editor_smilies_after
+===
+* Locations:
+    + styles/prosilver/template/posting_editor.html
+    + styles/subsilver2/template/posting_body.html
+* Since: 3.1.4-RC1
+* Purpose: Add content after smilies
+
+posting_editor_smilies_before
+===
+* Locations:
+    + styles/prosilver/template/posting_editor.html
+    + styles/subsilver2/template/posting_body.html
+* Since: 3.1.4-RC1
+* Purpose: Add content before the smilies
+
 posting_editor_subject_after
 ===
 * Locations:
@@ -984,6 +1030,28 @@ posting_pm_header_find_username_before
 * Since: 3.1.0-RC4
 * Purpose: Add content before the find username link on composing pm
 
+posting_pm_layout_include_pm_header_after
+===
+* Locations:
+    + styles/prosilver/template/posting_pm_layout.html
+* Since: 3.1.4-RC1
+* Purpose: Add content after the include of posting_pm_header.html
+
+posting_pm_layout_include_pm_header_before
+===
+* Locations:
+    + styles/prosilver/template/posting_pm_layout.html
+* Since: 3.1.4-RC1
+* Purpose: Add content before the include of posting_pm_header.html
+
+posting_poll_body_options_after
+===
+* Locations:
+    + styles/prosilver/template/posting_poll_body.html
+    + styles/subsilver2/template/posting_poll_body.html
+* Since: 3.1.4-RC1
+* Purpose: Add content after the poll options on creating a poll
+
 quickreply_editor_panel_after
 ===
 * Locations:
@@ -1016,6 +1084,14 @@ quickreply_editor_message_before
 * Since: 3.1.0-a4
 * Purpose: Add content before the quick reply textbox
 
+search_body_form_before
+===
+* Locations:
+    + styles/prosilver/template/search_body.html
+    + styles/subsilver2/template/search_body.html
+* Since: 3.1.5-RC1
+* Purpose: Add content before the search form
+
 search_results_header_after
 ===
 * Locations:
@@ -1463,6 +1539,22 @@ viewforum_forum_name_prepend
 * Since: 3.1.0-b3
 * Purpose: Add content directly before the forum name link on the View forum screen
 
+viewforum_forum_title_after
+===
+* Locations:
+    + styles/prosilver/template/viewforum_body.html
+    + styles/subsilver2/template/viewforum_body.html
+* Since: 3.1.5-RC1
+* Purpose: Add content directly after the forum title on the View forum screen
+
+viewforum_forum_title_before
+===
+* Locations:
+    + styles/prosilver/template/viewforum_body.html
+    + styles/subsilver2/template/viewforum_body.html
+* Since: 3.1.5-RC1
+* Purpose: Add content directly before the forum title on the View forum screen
+
 viewtopic_print_head_append
 ===
 * Locations:
@@ -1589,6 +1681,22 @@ viewtopic_body_post_buttons_before
 * Purpose: Add post button to posts (next to edit, quote etc), at the start of
 the list.
 
+viewtopic_body_post_buttons_list_after
+===
+* Locations:
+    + styles/prosilver/template/viewtopic_body.html
+* Since: 3.1.5-RC1
+* Purpose: Add post button custom list to posts (next to edit, quote etc),
+after the original list.
+
+viewtopic_body_post_buttons_list_before
+===
+* Locations:
+    + styles/prosilver/template/viewtopic_body.html
+* Since: 3.1.5-RC1
+* Purpose: Add post button custom list to posts (next to edit, quote etc),
+before the original list.
+
 viewtopic_body_postrow_custom_fields_after
 ===
 * Locations:

phpBB/includes/acp/acp_board.php

@@ -500,7 +500,7 @@ class acp_board
 		}
 
 		// We go through the display_vars to make sure no one is trying to set variables he/she is not allowed to...
-		foreach ($display_vars['vars'] as $config_name => $null)
+		foreach ($display_vars['vars'] as $config_name => $data)
 		{
 			if (!isset($cfg_array[$config_name]) || strpos($config_name, 'legend') !== false)
 			{
@@ -514,7 +514,8 @@ class acp_board
 
 			if ($config_name == 'guest_style')
 			{
-				if (isset($cfg_array[$config_name])) {
+				if (isset($cfg_array[$config_name]))
+				{
 					$this->guest_style_set($cfg_array[$config_name]);
 				}
 				continue;
@@ -531,6 +532,13 @@ class acp_board
 
 			if ($submit)
 			{
+				if (strpos($data['type'], 'password') === 0 && $config_value === '********')
+				{
+					// Do not update password fields if the content is ********,
+					// because that is the password replacement we use to not
+					// send the password to the output
+					continue;
+				}
 				set_config($config_name, $config_value);
 
 				if ($config_name == 'allow_quick_reply' && isset($_POST['allow_quick_reply_enable']))
@@ -559,6 +567,7 @@ class acp_board
 			$old_auth_config = array();
 			foreach ($auth_providers as $provider)
 			{
+				/** @var \phpbb\auth\provider\provider_interface $provider */
 				if ($fields = $provider->acp())
 				{
 					// Check if we need to create config fields for this plugin and save config when submit was pressed
@@ -574,6 +583,14 @@ class acp_board
 							continue;
 						}
 
+						if (substr($field, -9) === '_password' && $cfg_array[$field] === '********')
+						{
+							// Do not update password fields if the content is ********,
+							// because that is the password replacement we use to not
+							// send the password to the output
+							continue;
+						}
+
 						$old_auth_config[$field] = $this->new_config[$field];
 						$config_value = $cfg_array[$field];
 						$this->new_config[$field] = $config_value;

phpBB/includes/acp/acp_database.php

@@ -1173,6 +1173,7 @@ class postgres_extractor extends base_extractor
 				$this->flush($sql_data . ";\n");
 			}
 		}
+		$db->sql_freeresult($result);
 
 		$sql_data = '-- Table: ' . $table_name . "\n";
 		$sql_data .= "DROP TABLE $table_name;\n";
@@ -1557,7 +1558,7 @@ class mssql_extractor extends base_extractor
 		{
 			$this->write_data_mssql($table_name);
 		}
-		else if($db->get_sql_layer() === 'mssqlnative')
+		else if ($db->get_sql_layer() === 'mssqlnative')
 		{
 			$this->write_data_mssqlnative($table_name);
 		}

phpBB/includes/acp/acp_extensions.php

@@ -76,7 +76,7 @@ class acp_extensions
 			{
 				$md_manager->get_metadata('all');
 			}
-			catch(\phpbb\extension\exception $e)
+			catch (\phpbb\extension\exception $e)
 			{
 				trigger_error($e, E_USER_WARNING);
 			}
@@ -352,7 +352,7 @@ class acp_extensions
 				$enabled_extension_meta_data[$name]['S_VERSIONCHECK'] = true;
 				$enabled_extension_meta_data[$name]['U_VERSIONCHECK_FORCE'] = $this->u_action . '&action=details&versioncheck_force=1&ext_name=' . urlencode($md_manager->get_metadata('name'));
 			}
-			catch(\phpbb\extension\exception $e)
+			catch (\phpbb\extension\exception $e)
 			{
 				$this->template->assign_block_vars('disabled', array(
 					'META_DISPLAY_NAME'		=> $this->user->lang('EXTENSION_INVALID_LIST', $name, $e),
@@ -408,7 +408,7 @@ class acp_extensions
 				$disabled_extension_meta_data[$name]['S_VERSIONCHECK'] = true;
 				$disabled_extension_meta_data[$name]['U_VERSIONCHECK_FORCE'] = $this->u_action . '&action=details&versioncheck_force=1&ext_name=' . urlencode($md_manager->get_metadata('name'));
 			}
-			catch(\phpbb\extension\exception $e)
+			catch (\phpbb\extension\exception $e)
 			{
 				$this->template->assign_block_vars('disabled', array(
 					'META_DISPLAY_NAME'		=> $this->user->lang('EXTENSION_INVALID_LIST', $name, $e),
@@ -467,7 +467,7 @@ class acp_extensions
 				$available_extension_meta_data[$name]['S_VERSIONCHECK'] = true;
 				$available_extension_meta_data[$name]['U_VERSIONCHECK_FORCE'] = $this->u_action . '&action=details&versioncheck_force=1&ext_name=' . urlencode($md_manager->get_metadata('name'));
 			}
-			catch(\phpbb\extension\exception $e)
+			catch (\phpbb\extension\exception $e)
 			{
 				$this->template->assign_block_vars('disabled', array(
 					'META_DISPLAY_NAME'		=> $this->user->lang('EXTENSION_INVALID_LIST', $name, $e),

phpBB/includes/acp/acp_jabber.php

@@ -107,7 +107,10 @@ class acp_jabber
 			set_config('jab_host', $jab_host);
 			set_config('jab_port', $jab_port);
 			set_config('jab_username', $jab_username);
-			set_config('jab_password', $jab_password);
+			if ($jab_password !== '********')
+			{
+				set_config('jab_password', $jab_password);
+			}
 			set_config('jab_package_size', $jab_package_size);
 			set_config('jab_use_ssl', $jab_use_ssl);
 
@@ -122,7 +125,7 @@ class acp_jabber
 			'JAB_HOST'				=> $jab_host,
 			'JAB_PORT'				=> ($jab_port) ? $jab_port : '',
 			'JAB_USERNAME'			=> $jab_username,
-			'JAB_PASSWORD'			=> $jab_password,
+			'JAB_PASSWORD'			=> $jab_password !== '' ? '********' : '',
 			'JAB_PACKAGE_SIZE'		=> $jab_package_size,
 			'JAB_USE_SSL'			=> $jab_use_ssl,
 			'S_CAN_USE_SSL'			=> jabber::can_use_ssl(),

phpBB/includes/acp/acp_main.php

@@ -632,7 +632,7 @@ class acp_main
 		{
 			$error = false;
 			$search_type = $config['search_type'];
-			$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user);
+			$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher);
 
 			if (!$search->index_created())
 			{

phpBB/includes/acp/acp_prune.php

@@ -506,9 +506,9 @@ class acp_prune
 				WHERE ug.group_id = ' . (int) $group_id . '
 					AND ug.user_id <> ' . ANONYMOUS . '
 					AND u.user_type <> ' . USER_FOUNDER . '
-					AND ug.user_pending = 0 ' .
+					AND ug.user_pending = 0
-					((!empty($user_ids)) ? ' AND ' . $db->sql_in_set('ug.user_id', $user_ids) : '') . '
+					AND u.user_id = ug.user_id
-					AND u.user_id = ug.user_id';
+					' . (!empty($user_ids) ? ' AND ' . $db->sql_in_set('ug.user_id', $user_ids) : '');
 			$result = $db->sql_query($sql);
 
 			// we're performing an intersection operation, so all the relevant users
@@ -532,10 +532,10 @@ class acp_prune
 			$sql = 'SELECT u.user_id, u.username, COUNT(p.post_id) AS queue_posts
 				FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u
 				WHERE u.user_id <> ' . ANONYMOUS . '
-					AND u.user_type <> ' . USER_FOUNDER .
+					AND u.user_type <> ' . USER_FOUNDER . '
-					((!empty($user_ids)) ? ' AND ' . $db->sql_in_set('p.poster_id', $user_ids) : '') . '
 					AND ' . $db->sql_in_set('p.post_visibility', array(ITEM_UNAPPROVED, ITEM_REAPPROVE)) . '
 					AND u.user_id = p.poster_id
+					' . (!empty($user_ids) ? ' AND ' . $db->sql_in_set('p.poster_id', $user_ids) : '') . '
 				GROUP BY p.poster_id
 				HAVING queue_posts ' . $key_match[$queue_select] . ' ' . $posts_on_queue;
 			$result = $db->sql_query($sql);

phpBB/includes/acp/acp_search.php

@@ -598,7 +598,7 @@ class acp_search
 	*/
 	function init_search($type, &$search, &$error)
 	{
-		global $phpbb_root_path, $phpEx, $user, $auth, $config, $db;
+		global $phpbb_root_path, $phpEx, $user, $auth, $config, $db, $phpbb_dispatcher;
 
 		if (!class_exists($type) || !method_exists($type, 'keyword_search'))
 		{
@@ -607,7 +607,7 @@ class acp_search
 		}
 
 		$error = false;
-		$search = new $type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user);
+		$search = new $type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher);
 
 		return $error;
 	}

phpBB/includes/acp/acp_styles.php

@@ -995,7 +995,7 @@ class acp_styles
 
 		// Assign template variables
 		$this->template->assign_block_vars('styles_list', $row);
-		foreach($actions as $action)
+		foreach ($actions as $action)
 		{
 			$this->template->assign_block_vars('styles_list.actions', $action);
 		}

phpBB/includes/bbcode.php

@@ -182,6 +182,8 @@ class bbcode
 			$db->sql_freeresult($result);
 		}
 
+		// To perform custom second pass in extension, use $this->bbcode_second_pass_by_extension()
+		// method which accepts variable number of parameters
 		foreach ($bbcode_ids as $bbcode_id)
 		{
 			switch ($bbcode_id)
@@ -613,4 +615,36 @@ class bbcode
 
 		return $code;
 	}
+
+	/**
+	* Function to perform custom bbcode second pass by extensions
+	* can be used to assign bbcode pattern replacement
+	* Example: '#\[list=([^\[]+):$uid\]#e'	=> "\$this->bbcode_second_pass_by_extension('\$1')"
+	*
+	* Accepts variable number of parameters
+	*
+	* @return mixed Second pass result
+	*/
+	function bbcode_second_pass_by_extension()
+	{
+		global $phpbb_dispatcher;
+
+		$return = false;
+		$params_array = func_get_args();
+
+		/**
+		* Event to perform bbcode second pass with
+		* the custom validating methods provided by extensions
+		*
+		* @event core.bbcode_second_pass_by_extension
+		* @var array	params_array	Array with the function parameters
+		* @var mixed	return			Second pass result to return
+		*
+		* @since 3.1.5-RC1
+		*/
+		$vars = array('params_array', 'return');
+		extract($phpbb_dispatcher->trigger_event('core.bbcode_second_pass_by_extension', compact($vars)));
+
+		return $return;
+	}
 }

phpBB/includes/constants.php

@@ -28,7 +28,7 @@ if (!defined('IN_PHPBB'))
 */
 
 // phpBB Version
-define('PHPBB_VERSION', '3.1.4-dev');
+define('PHPBB_VERSION', '3.1.6-dev');
 
 // QA-related
 // define('PHPBB_QA', 1);

phpBB/includes/functions.php

@@ -1258,6 +1258,10 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $
 		{
 			$forum_id = array($forum_id);
 		}
+		else
+		{
+			$forum_id = array_unique($forum_id);
+		}
 
 		$phpbb_notifications = $phpbb_container->get('notification_manager');
 
@@ -2309,7 +2313,7 @@ function redirect($url, $return = false, $disable_cd_check = false)
 		// Attention: only able to redirect within the same domain if $disable_cd_check is false (yourdomain.com -> www.yourdomain.com will not work)
 		if (!$disable_cd_check && $url_parts['host'] !== $user->host)
 		{
-			$url = generate_board_url();
+			trigger_error('INSECURE_REDIRECT', E_USER_ERROR);
 		}
 	}
 	else if ($url[0] == '/')
@@ -2347,7 +2351,7 @@ function redirect($url, $return = false, $disable_cd_check = false)
 	// Clean URL and check if we go outside the forum directory
 	$url = $phpbb_path_helper->clean_url($url);
 
-	if (!$disable_cd_check && strpos($url, generate_board_url(true)) === false)
+	if (!$disable_cd_check && strpos($url, generate_board_url(true) . '/') !== 0)
 	{
 		trigger_error('INSECURE_REDIRECT', E_USER_ERROR);
 	}
@@ -2389,7 +2393,7 @@ function redirect($url, $return = false, $disable_cd_check = false)
 	}
 
 	// Redirect via an HTML form for PITA webservers
-	if (@preg_match('#Microsoft|WebSTAR|Xitami#', getenv('SERVER_SOFTWARE')))
+	if (@preg_match('#WebSTAR|Xitami#', getenv('SERVER_SOFTWARE')))
 	{
 		header('Refresh: 0; URL=' . $url);
 
@@ -2544,13 +2548,19 @@ function phpbb_request_http_version()
 {
 	global $request;
 
+	$version = '';
 	if ($request && $request->server('SERVER_PROTOCOL'))
 	{
-		return $request->server('SERVER_PROTOCOL');
+		$version = $request->server('SERVER_PROTOCOL');
 	}
 	else if (isset($_SERVER['SERVER_PROTOCOL']))
 	{
-		return $_SERVER['SERVER_PROTOCOL'];
+		$version = $_SERVER['SERVER_PROTOCOL'];
+	}
+
+	if (!empty($version) && is_string($version) && preg_match('#^HTTP/[0-9]\.[0-9]$#', $version))
+	{
+		return $version;
 	}
 
 	return 'HTTP/1.0';
@@ -4773,13 +4783,14 @@ function phpbb_build_hidden_fields_for_query_params($request, $exclude = null)
 * @param array $user_row Row from the users table
 * @param string $alt Optional language string for alt tag within image, can be a language key or text
 * @param bool $ignore_config Ignores the config-setting, to be still able to view the avatar in the UCP
+* @param bool $lazy If true, will be lazy loaded (requires JS)
 *
 * @return string Avatar html
 */
-function phpbb_get_user_avatar($user_row, $alt = 'USER_AVATAR', $ignore_config = false)
+function phpbb_get_user_avatar($user_row, $alt = 'USER_AVATAR', $ignore_config = false, $lazy = false)
 {
 	$row = \phpbb\avatar\manager::clean_row($user_row, 'user');
-	return phpbb_get_avatar($row, $alt, $ignore_config);
+	return phpbb_get_avatar($row, $alt, $ignore_config, $lazy);
 }
 
 /**
@@ -4788,13 +4799,14 @@ function phpbb_get_user_avatar($user_row, $alt = 'USER_AVATAR', $ignore_config =
 * @param array $group_row Row from the groups table
 * @param string $alt Optional language string for alt tag within image, can be a language key or text
 * @param bool $ignore_config Ignores the config-setting, to be still able to view the avatar in the UCP
+* @param bool $lazy If true, will be lazy loaded (requires JS)
 *
 * @return string Avatar html
 */
-function phpbb_get_group_avatar($user_row, $alt = 'GROUP_AVATAR', $ignore_config = false)
+function phpbb_get_group_avatar($user_row, $alt = 'GROUP_AVATAR', $ignore_config = false, $lazy = false)
 {
 	$row = \phpbb\avatar\manager::clean_row($user_row, 'group');
-	return phpbb_get_avatar($row, $alt, $ignore_config);
+	return phpbb_get_avatar($row, $alt, $ignore_config, $lazy);
 }
 
 /**
@@ -4803,10 +4815,11 @@ function phpbb_get_group_avatar($user_row, $alt = 'GROUP_AVATAR', $ignore_config
 * @param array $row Row cleaned by \phpbb\avatar\manager::clean_row
 * @param string $alt Optional language string for alt tag within image, can be a language key or text
 * @param bool $ignore_config Ignores the config-setting, to be still able to view the avatar in the UCP
+* @param bool $lazy If true, will be lazy loaded (requires JS)
 *
 * @return string Avatar html
 */
-function phpbb_get_avatar($row, $alt, $ignore_config = false)
+function phpbb_get_avatar($row, $alt, $ignore_config = false, $lazy = false)
 {
 	global $user, $config, $cache, $phpbb_root_path, $phpEx;
 	global $request;
@@ -4844,7 +4857,28 @@ function phpbb_get_avatar($row, $alt, $ignore_config = false)
 
 	if (!empty($avatar_data['src']))
 	{
-		$html = '<img src="' . $avatar_data['src'] . '" ' .
+		if ($lazy)
+		{
+			// Determine board url - we may need it later
+			$board_url = generate_board_url() . '/';
+			// This path is sent with the base template paths in the assign_vars()
+			// call below. We need to correct it in case we are accessing from a
+			// controller because the web paths will be incorrect otherwise.
+			$phpbb_path_helper = $phpbb_container->get('path_helper');
+			$corrected_path = $phpbb_path_helper->get_web_root_path();
+
+			$web_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? $board_url : $corrected_path;
+
+			$theme = "{$web_path}styles/" . rawurlencode($user->style['style_path']) . '/theme';
+
+			$src = 'src="' . $theme . '/images/no_avatar.gif" data-src="' . $avatar_data['src'] . '"';
+		}
+		else
+		{
+			$src = 'src="' . $avatar_data['src'] . '"';
+		}
+
+		$html = '<img class="avatar" ' . $src . ' ' .
 			($avatar_data['width'] ? ('width="' . $avatar_data['width'] . '" ') : '') .
 			($avatar_data['height'] ? ('height="' . $avatar_data['height'] . '" ') : '') .
 			'alt="' . ((!empty($user->lang[$alt])) ? $user->lang[$alt] : $alt) . '" />';

phpBB/includes/functions_acp.php

@@ -245,8 +245,13 @@ function build_cfg_template($tpl_type, $key, &$new, $config_key, $vars)
 
 	switch ($tpl_type[0])
 	{
-		case 'text':
 		case 'password':
+			if ($new[$config_key] !== '')
+			{
+				// replace passwords with asterixes
+				$new[$config_key] = '********';
+			}
+		case 'text':
 		case 'url':
 		case 'email':
 		case 'color':

phpBB/includes/functions_admin.php

@@ -500,7 +500,7 @@ function filelist($rootdir, $dir = '', $type = 'gif|jpg|jpeg|png')
 */
 function move_topics($topic_ids, $forum_id, $auto_sync = true)
 {
-	global $db;
+	global $db, $phpbb_dispatcher;
 
 	if (empty($topic_ids))
 	{
@@ -534,6 +534,27 @@ function move_topics($topic_ids, $forum_id, $auto_sync = true)
 	}
 
 	$table_ary = array(TOPICS_TABLE, POSTS_TABLE, LOG_TABLE, DRAFTS_TABLE, TOPICS_TRACK_TABLE);
+
+	/**
+	 * Perform additional actions before topics move
+	 *
+	 * @event core.move_topics_before_query
+	 * @var	array	table_ary	Array of tables from which forum_id will be updated for all rows that hold the moved topics
+	 * @var	array	topic_ids	Array of the moved topic ids
+	 * @var	string	forum_id	The forum id from where the topics are moved
+	 * @var	array	forum_ids	Array of the forums where the topics are moving (includes also forum_id)
+	 * @var bool	auto_sync	Whether or not to perform auto sync
+	 * @since 3.1.5-RC1
+	 */
+	$vars = array(
+			'table_ary',
+			'topic_ids',
+			'forum_id',
+			'forum_ids',
+			'auto_sync',
+	);
+	extract($phpbb_dispatcher->trigger_event('core.move_topics_before_query', compact($vars)));
+
 	foreach ($table_ary as $table)
 	{
 		$sql = "UPDATE $table
@@ -920,7 +941,7 @@ function delete_posts($where_type, $where_ids, $auto_sync = true, $posted_sync =
 	}
 
 	$error = false;
-	$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user);
+	$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher);
 
 	if ($error)
 	{

phpBB/includes/functions_compatibility.php

@@ -30,10 +30,11 @@ if (!defined('IN_PHPBB'))
 * @param string $avatar_height Height of users avatar
 * @param string $alt Optional language string for alt tag within image, can be a language key or text
 * @param bool $ignore_config Ignores the config-setting, to be still able to view the avatar in the UCP
+* @param bool $lazy If true, will be lazy loaded (requires JS)
 *
 * @return string Avatar image
 */
-function get_user_avatar($avatar, $avatar_type, $avatar_width, $avatar_height, $alt = 'USER_AVATAR', $ignore_config = false)
+function get_user_avatar($avatar, $avatar_type, $avatar_width, $avatar_height, $alt = 'USER_AVATAR', $ignore_config = false, $lazy = false)
 {
 	// map arguments to new function phpbb_get_avatar()
 	$row = array(
@@ -43,7 +44,7 @@ function get_user_avatar($avatar, $avatar_type, $avatar_width, $avatar_height, $
 		'avatar_height'	=> $avatar_height,
 	);
 
-	return phpbb_get_avatar($row, $alt, $ignore_config);
+	return phpbb_get_avatar($row, $alt, $ignore_config, $lazy);
 }
 
 /**

phpBB/includes/functions_convert.php

@@ -966,7 +966,7 @@ function get_remote_avatar_dim($src, $axis)
 	$protocol = (isset($url_info['scheme'])) ? $url_info['scheme'] : 'http';
 	if (empty($port))
 	{
-		switch(strtolower($protocol))
+		switch (strtolower($protocol))
 		{
 			case 'ftp':
 				$port = 21;

phpBB/includes/functions_display.php

@@ -150,7 +150,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
 	$sql = $db->sql_build_query('SELECT', $sql_ary);
 	$result = $db->sql_query($sql);
 
-	$forum_tracking_info = array();
+	$forum_tracking_info = $valid_categories = array();
 	$branch_root_id = $root_data['forum_id'];
 
 	$phpbb_content_visibility = $phpbb_container->get('content.visibility');
@@ -250,6 +250,12 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
 			}
 		}
 
+		// Fill list of categories with forums
+		if (isset($forum_rows[$row['parent_id']]))
+		{
+			$valid_categories[$row['parent_id']] = true;
+		}
+
 		//
 		if ($row['parent_id'] == $root_data['forum_id'] || $row['parent_id'] == $branch_root_id)
 		{
@@ -267,6 +273,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
 				$branch_root_id = $forum_id;
 			}
 			$forum_rows[$parent_id]['forum_id_last_post'] = $row['forum_id'];
+			$forum_rows[$parent_id]['forum_password_last_post'] = $row['forum_password'];
 			$forum_rows[$parent_id]['orig_forum_last_post_time'] = $row['forum_last_post_time'];
 		}
 		else if ($row['forum_type'] != FORUM_CAT)
@@ -308,6 +315,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
 				$forum_rows[$parent_id]['forum_last_poster_name'] = $row['forum_last_poster_name'];
 				$forum_rows[$parent_id]['forum_last_poster_colour'] = $row['forum_last_poster_colour'];
 				$forum_rows[$parent_id]['forum_id_last_post'] = $forum_id;
+				$forum_rows[$parent_id]['forum_password_last_post'] = $row['forum_password'];
 			}
 		}
 
@@ -404,6 +412,12 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
 		// Category
 		if ($row['parent_id'] == $root_data['forum_id'] && $row['forum_type'] == FORUM_CAT)
 		{
+			// Do not display categories without any forums to display
+			if (!isset($valid_categories[$row['forum_id']]))
+			{
+				continue;
+			}
+
 			$cat_row = array(
 				'S_IS_CAT'				=> true,
 				'FORUM_ID'				=> $row['forum_id'],
@@ -522,8 +536,15 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
 		// Create last post link information, if appropriate
 		if ($row['forum_last_post_id'])
 		{
-			$last_post_subject = $row['forum_last_post_subject'];
+			if ($row['forum_password_last_post'] === '' && $auth->acl_get('f_read', $row['forum_id_last_post']))
-			$last_post_subject_truncated = truncate_string(censor_text($last_post_subject), 30, 255, false, $user->lang['ELLIPSIS']);
+			{
+				$last_post_subject = censor_text($row['forum_last_post_subject']);
+				$last_post_subject_truncated = truncate_string($last_post_subject, 30, 255, false, $user->lang['ELLIPSIS']);
+			}
+			else
+			{
+				$last_post_subject = $last_post_subject_truncated = '';
+			}
 			$last_post_time = $user->format_date($row['forum_last_post_time']);
 			$last_post_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id_last_post'] . '&p=' . $row['forum_last_post_id']) . '#p' . $row['forum_last_post_id'];
 		}
@@ -583,7 +604,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
 			'S_LOCKED_FORUM'	=> ($row['forum_status'] == ITEM_LOCKED) ? true : false,
 			'S_LIST_SUBFORUMS'	=> ($row['display_subforum_list']) ? true : false,
 			'S_SUBFORUMS'		=> (sizeof($subforums_list)) ? true : false,
-			'S_DISPLAY_SUBJECT'	=>	($last_post_subject && $config['display_last_subject'] && !$row['forum_password'] && $auth->acl_get('f_read', $row['forum_id'])) ? true : false,
+			'S_DISPLAY_SUBJECT'	=>	($last_post_subject !== '' && $config['display_last_subject']) ? true : false,
 			'S_FEED_ENABLED'	=> ($config['feed_forum'] && !phpbb_optionget(FORUM_OPTION_FEED_EXCLUDE, $row['forum_options']) && $row['forum_type'] == FORUM_POST) ? true : false,
 
 			'FORUM_ID'				=> $row['forum_id'],
@@ -596,8 +617,8 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
 			'FORUM_FOLDER_IMG_ALT'	=> isset($user->lang[$folder_alt]) ? $user->lang[$folder_alt] : '',
 			'FORUM_IMAGE'			=> ($row['forum_image']) ? '<img src="' . $phpbb_root_path . $row['forum_image'] . '" alt="' . $user->lang[$folder_alt] . '" />' : '',
 			'FORUM_IMAGE_SRC'		=> ($row['forum_image']) ? $phpbb_root_path . $row['forum_image'] : '',
-			'LAST_POST_SUBJECT'		=> (!$row['forum_password'] && $auth->acl_get('f_read', $row['forum_id'])) ? censor_text($last_post_subject) : "",
+			'LAST_POST_SUBJECT'		=> $last_post_subject,
-			'LAST_POST_SUBJECT_TRUNCATED'	=> (!$row['forum_password'] && $auth->acl_get('f_read', $row['forum_id'])) ? $last_post_subject_truncated : "",
+			'LAST_POST_SUBJECT_TRUNCATED'	=> $last_post_subject_truncated,
 			'LAST_POST_TIME'		=> $last_post_time,
 			'LAST_POSTER'			=> get_username_string('username', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']),
 			'LAST_POSTER_COLOUR'	=> get_username_string('colour', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']),
@@ -732,13 +753,15 @@ function generate_forum_rules(&$forum_data)
 function generate_forum_nav(&$forum_data)
 {
 	global $db, $user, $template, $auth, $config;
-	global $phpEx, $phpbb_root_path;
+	global $phpEx, $phpbb_root_path, $phpbb_dispatcher;
 
 	if (!$auth->acl_get('f_list', $forum_data['forum_id']))
 	{
 		return;
 	}
 
+	$navlinks = $navlinks_parents = $forum_template_data = array();
+
 	// Get forum parents
 	$forum_parents = get_forum_parents($forum_data);
 
@@ -757,35 +780,59 @@ function generate_forum_nav(&$forum_data)
 				continue;
 			}
 
-			$template->assign_block_vars('navlinks', array(
+			$navlinks_parents[] = array(
 				'S_IS_CAT'		=> ($parent_type == FORUM_CAT) ? true : false,
 				'S_IS_LINK'		=> ($parent_type == FORUM_LINK) ? true : false,
 				'S_IS_POST'		=> ($parent_type == FORUM_POST) ? true : false,
 				'FORUM_NAME'	=> $parent_name,
 				'FORUM_ID'		=> $parent_forum_id,
 				'MICRODATA'		=> $microdata_attr . '="' . $parent_forum_id . '"',
-				'U_VIEW_FORUM'	=> append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $parent_forum_id))
+				'U_VIEW_FORUM'	=> append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $parent_forum_id),
 			);
 		}
 	}
 
-	$template->assign_block_vars('navlinks', array(
+	$navlinks = array(
 		'S_IS_CAT'		=> ($forum_data['forum_type'] == FORUM_CAT) ? true : false,
 		'S_IS_LINK'		=> ($forum_data['forum_type'] == FORUM_LINK) ? true : false,
 		'S_IS_POST'		=> ($forum_data['forum_type'] == FORUM_POST) ? true : false,
 		'FORUM_NAME'	=> $forum_data['forum_name'],
 		'FORUM_ID'		=> $forum_data['forum_id'],
 		'MICRODATA'		=> $microdata_attr . '="' . $forum_data['forum_id'] . '"',
-		'U_VIEW_FORUM'	=> append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_data['forum_id']))
+		'U_VIEW_FORUM'	=> append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_data['forum_id']),
 	);
 
-	$template->assign_vars(array(
+	$forum_template_data = array(
 		'FORUM_ID' 		=> $forum_data['forum_id'],
 		'FORUM_NAME'	=> $forum_data['forum_name'],
 		'FORUM_DESC'	=> generate_text_for_display($forum_data['forum_desc'], $forum_data['forum_desc_uid'], $forum_data['forum_desc_bitfield'], $forum_data['forum_desc_options']),
 
 		'S_ENABLE_FEEDS_FORUM'	=> ($config['feed_forum'] && $forum_data['forum_type'] == FORUM_POST && !phpbb_optionget(FORUM_OPTION_FEED_EXCLUDE, $forum_data['forum_options'])) ? true : false,
-	));
+	);
+
+	/**
+	* Event to modify the navlinks text
+	*
+	* @event core.generate_forum_nav
+	* @var	array	forum_data				Array with the forum data
+	* @var	array	forum_template_data		Array with generic forum template data
+	* @var	string	microdata_attr			The microdata attribute
+	* @var	array	navlinks_parents		Array with the forum parents navlinks data
+	* @var	array	navlinks				Array with the forum navlinks data
+	* @since 3.1.5-RC1
+	*/
+	$vars = array(
+		'forum_data',
+		'forum_template_data',
+		'microdata_attr',
+		'navlinks_parents',
+		'navlinks',
+	);
+	extract($phpbb_dispatcher->trigger_event('core.generate_forum_nav', compact($vars)));
+
+	$template->assign_block_vars_array('navlinks', $navlinks_parents);
+	$template->assign_block_vars('navlinks', $navlinks);
+	$template->assign_vars($forum_template_data);
 
 	return;
 }

phpBB/includes/functions_module.php

@@ -976,7 +976,7 @@ class p_master
 	*
 	* @param string $class module class (acp/mcp/ucp)
 	* @param string $name module name (class name of the module, or its basename
-    *                     phpbb_ext_foo_acp_bar_module, ucp_zebra or zebra)
+	*                     phpbb_ext_foo_acp_bar_module, ucp_zebra or zebra)
 	* @param string $mode mode, as passed through to the module
 	*
 	*/
@@ -1086,7 +1086,7 @@ class p_master
 			->core_path('language/' . $user->lang_name . '/mods/')
 			->find();
 
-		$lang_files = array_unique(array_merge($user_lang_files, $english_lang_files, $default_lang_files));
+		$lang_files = array_merge($english_lang_files, $default_lang_files, $user_lang_files);
 		foreach ($lang_files as $lang_file => $ext_name)
 		{
 			$user->add_lang_ext($ext_name, $lang_file);

phpBB/includes/functions_posting.php

@@ -1542,7 +1542,14 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
 		return false;
 	}
 
-	$current_time = time();
+	if (!empty($data['post_time']))
+	{
+		$current_time = $data['post_time'];
+	}
+	else
+	{
+		$current_time = time();
+	}
 
 	if ($mode == 'post')
 	{
@@ -1738,6 +1745,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
 				'topic_type'				=> $topic_type,
 				'topic_time_limit'			=> ($topic_type == POST_STICKY || $topic_type == POST_ANNOUNCE) ? ($data['topic_time_limit'] * 86400) : 0,
 				'topic_attachment'			=> (!empty($data['attachment_data'])) ? 1 : 0,
+				'topic_status'				=> (isset($data['topic_status'])) ? $data['topic_status'] : ITEM_UNLOCKED,
 			);
 
 			if (isset($poll['poll_options']) && !empty($poll['poll_options']))
@@ -2209,7 +2217,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
 		}
 
 		$error = false;
-		$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user);
+		$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher);
 
 		if ($error)
 		{

phpBB/includes/functions_upload.php

@@ -213,6 +213,8 @@ class filespec
 	*/
 	static public function get_extension($filename)
 	{
+		$filename = utf8_basename($filename);
+
 		if (strpos($filename, '.') === false)
 		{
 			return '';

phpBB/includes/functions_user.php

@@ -500,6 +500,9 @@ function user_delete($mode, $user_ids, $retain_username = true)
 
 	$num_users_delta = 0;
 
+	// Get auth provider collection in case accounts might need to be unlinked
+	$provider_collection = $phpbb_container->get('auth.provider_collection');
+
 	// Some things need to be done in the loop (if the query changes based
 	// on which user is currently being deleted)
 	$added_guest_posts = 0;
@@ -510,6 +513,38 @@ function user_delete($mode, $user_ids, $retain_username = true)
 			avatar_delete('user', $user_row);
 		}
 
+		// Unlink accounts
+		foreach ($provider_collection as $provider_name => $auth_provider)
+		{
+			$provider_data = $auth_provider->get_auth_link_data($user_id);
+
+			if ($provider_data !== null)
+			{
+				$link_data = array(
+					'user_id' => $user_id,
+					'link_method' => 'user_delete',
+				);
+
+				// BLOCK_VARS might contain hidden fields necessary for unlinking accounts
+				if (isset($provider_data['BLOCK_VARS']) && is_array($provider_data['BLOCK_VARS']))
+				{
+					foreach ($provider_data['BLOCK_VARS'] as $provider_service)
+					{
+						if (!array_key_exists('HIDDEN_FIELDS', $provider_service))
+						{
+							$provider_service['HIDDEN_FIELDS'] = array();
+						}
+
+						$auth_provider->unlink_account(array_merge($link_data, $provider_service['HIDDEN_FIELDS']));
+					}
+				}
+				else
+				{
+					$auth_provider->unlink_account($link_data);
+				}
+			}
+		}
+
 		// Decrement number of users if this user is active
 		if ($user_row['user_type'] != USER_INACTIVE && $user_row['user_type'] != USER_IGNORE)
 		{
@@ -1367,7 +1402,7 @@ function user_ipwhois($ip)
 	$match = array();
 
 	// Test for referrals from $whois_host to other whois databases, roll on rwhois
-	if (preg_match('#ReferralServer: whois://(.+)#im', $ipwhois, $match))
+	if (preg_match('#ReferralServer:[\x20]*whois://(.+)#im', $ipwhois, $match))
 	{
 		if (strpos($match[1], ':') !== false)
 		{

phpBB/includes/mcp/mcp_front.php

@@ -41,10 +41,27 @@ function mcp_front_view($id, $mode, $action)
 
 		if (!empty($forum_list))
 		{
-			$sql = 'SELECT COUNT(post_id) AS total
+			$sql_ary = array(
-				FROM ' . POSTS_TABLE . '
+				'SELECT' => 'COUNT(post_id) AS total',
-				WHERE ' . $db->sql_in_set('forum_id', $forum_list) . '
+				'FROM' => array(
-					AND ' . $db->sql_in_set('post_visibility', array(ITEM_UNAPPROVED, ITEM_REAPPROVE));
+						POSTS_TABLE => 'p',
+					),
+				'WHERE' => $db->sql_in_set('p.forum_id', $forum_list) . '
+					AND ' . $db->sql_in_set('p.post_visibility', array(ITEM_UNAPPROVED, ITEM_REAPPROVE))
+			);
+
+			/**
+			* Allow altering the query to get the number of unapproved posts
+			*
+			* @event core.mcp_front_queue_unapproved_total_before
+			* @var	int		sql_ary						Query to get the total number of unapproved posts
+			* @var	array	forum_list					List of forums to look for unapproved posts
+			* @since 3.1.5-RC1
+			*/
+			$vars = array('sql_ary', 'forum_list');
+			extract($phpbb_dispatcher->trigger_event('core.mcp_front_queue_unapproved_total_before', compact($vars)));
+
+			$sql = $db->sql_build_query('SELECT', $sql_ary);
 			$result = $db->sql_query($sql);
 			$total = (int) $db->sql_fetchfield('total');
 			$db->sql_freeresult($result);
@@ -157,6 +174,18 @@ function mcp_front_view($id, $mode, $action)
 					AND r.pm_id = 0
 					AND r.report_closed = 0
 					AND ' . $db->sql_in_set('p.forum_id', $forum_list);
+
+			/**
+			* Alter sql query to count the number of reported posts
+			*
+			* @event core.mcp_front_reports_count_query_before
+			* @var	int		sql				The query string used to get the number of reports that exist
+			* @var	array	forum_list		List of forums that contain the posts
+			* @since 3.1.5-RC1
+			*/
+			$vars = array('sql', 'forum_list');
+			extract($phpbb_dispatcher->trigger_event('core.mcp_front_reports_count_query_before', compact($vars)));
+
 			$result = $db->sql_query($sql);
 			$total = (int) $db->sql_fetchfield('total');
 			$db->sql_freeresult($result);

phpBB/includes/mcp/mcp_main.php

@@ -226,6 +226,31 @@ class mcp_main
 			break;
 
 			default:
+				if ($quickmod)
+				{
+					switch ($action)
+					{
+						case 'lock':
+						case 'unlock':
+						case 'make_announce':
+						case 'make_sticky':
+						case 'make_global':
+						case 'make_normal':
+						case 'make_onindex':
+						case 'move':
+						case 'fork':
+						case 'delete_topic':
+							trigger_error('TOPIC_NOT_EXIST');
+						break;
+
+						case 'lock_post':
+						case 'unlock_post':
+						case 'delete_post':
+							trigger_error('POST_NOT_EXIST');
+						break;
+					}
+				}
+
 				trigger_error('NO_MODE', E_USER_ERROR);
 			break;
 		}
@@ -1119,7 +1144,7 @@ function mcp_delete_post($post_ids, $is_soft = false, $soft_delete_reason = '',
 function mcp_fork_topic($topic_ids)
 {
 	global $auth, $user, $db, $template, $config;
-	global $phpEx, $phpbb_root_path;
+	global $phpEx, $phpbb_root_path, $phpbb_dispatcher;
 
 	if (!phpbb_check_ids($topic_ids, TOPICS_TABLE, 'topic_id', array('m_')))
 	{
@@ -1197,7 +1222,7 @@ function mcp_fork_topic($topic_ids)
 				}
 
 				$error = false;
-				$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user);
+				$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher);
 				$search_mode = 'post';
 
 				if ($error)

phpBB/includes/mcp/mcp_post.php

@@ -26,6 +26,7 @@ function mcp_post_details($id, $mode, $action)
 {
 	global $phpEx, $phpbb_root_path, $config;
 	global $template, $db, $user, $auth, $cache;
+	global $phpbb_dispatcher;
 
 	$user->add_lang('posting');
 
@@ -106,6 +107,21 @@ function mcp_post_details($id, $mode, $action)
 			}
 
 		break;
+
+		default:
+
+			/**
+			* This event allows you to handle custom post moderation options
+			*
+			* @event core.mcp_post_additional_options
+			* @var	string	action		Post moderation action name
+			* @var	array	post_info	Information on the affected post
+			* @since 3.1.5-RC1
+			*/
+			$vars = array('action', 'post_info');
+			extract($phpbb_dispatcher->trigger_event('core.mcp_post_additional_options', compact($vars)));
+
+		break;
 	}
 
 	// Set some vars
@@ -197,7 +213,7 @@ function mcp_post_details($id, $mode, $action)
 		$l_deleted_by = '';
 	}
 
-	$template->assign_vars(array(
+	$mcp_post_template_data = array(
 		'U_MCP_ACTION'			=> "$url&i=main&quickmod=1&mode=post_details", // Use this for mode paramaters
 		'U_POST_ACTION'			=> "$url&i=$id&mode=post_details", // Use this for action parameters
 		'U_APPROVE_ACTION'		=> append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&p=$post_id&f={$post_info['forum_id']}"),
@@ -249,7 +265,32 @@ function mcp_post_details($id, $mode, $action)
 
 		'U_LOOKUP_IP'			=> ($auth->acl_get('m_info', $post_info['forum_id'])) ? "$url&i=$id&mode=$mode&lookup={$post_info['poster_ip']}#ip" : '',
 		'U_WHOIS'				=> ($auth->acl_get('m_info', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", "i=$id&mode=$mode&action=whois&p=$post_id&ip={$post_info['poster_ip']}") : '',
-	));
+	);
+
+	$s_additional_opts = false;
+
+	/**
+	* Event to add/modify MCP post template data
+	*
+	* @event core.mcp_post_template_data
+	* @var	array	post_info					Array with the post information
+	* @var	array	mcp_post_template_data		Array with the MCP post template data
+	* @var	array	attachments					Array with the post attachments, if any
+	* @var	bool	s_additional_opts			Must be set to true in extension if additional options are presented in MCP post panel
+	* @since 3.1.5-RC1
+	*/
+	$vars = array(
+		'post_info',
+		'mcp_post_template_data',
+		'attachments',
+		's_additional_opts',
+	);
+	extract($phpbb_dispatcher->trigger_event('core.mcp_post_template_data', compact($vars)));
+
+	$template->assign_vars($mcp_post_template_data);
+	$template->assign_var('S_MCP_POST_ADDITIONAL_OPTS', $s_additional_opts);
+
+	unset($mcp_post_template_data);
 
 	// Get User Notes
 	$log_data = array();
@@ -420,7 +461,7 @@ function mcp_post_details($id, $mode, $action)
 */
 function change_poster(&$post_info, $userdata)
 {
-	global $auth, $db, $config, $phpbb_root_path, $phpEx, $user;
+	global $auth, $db, $config, $phpbb_root_path, $phpEx, $user, $phpbb_dispatcher;
 
 	if (empty($userdata) || $userdata['user_id'] == $post_info['user_id'])
 	{
@@ -497,7 +538,7 @@ function change_poster(&$post_info, $userdata)
 	{
 		// We do some additional checks in the module to ensure it can actually be utilised
 		$error = false;
-		$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user);
+		$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher);
 
 		if (!$error && method_exists($search, 'destroy_cache'))
 		{

phpBB/includes/mcp/mcp_queue.php

@@ -404,7 +404,7 @@ class mcp_queue
 				$forum_options = '<option value="0"' . (($forum_id == 0) ? ' selected="selected"' : '') . '>' . $user->lang['ALL_FORUMS'] . '</option>';
 				foreach ($forum_list_approve as $row)
 				{
-					$forum_options .= '<option value="' . $row['forum_id'] . '"' . (($forum_id == $row['forum_id']) ? ' selected="selected"' : '') . '>' . str_repeat('&nbsp; &nbsp;', $row['padding']) . $row['forum_name'] . '</option>';
+					$forum_options .= '<option value="' . $row['forum_id'] . '"' . (($forum_id == $row['forum_id']) ? ' selected="selected"' : '') . '>' . str_repeat('&nbsp; &nbsp;', $row['padding']) . truncate_string($row['forum_name'], 30, 255, false, $user->lang['ELLIPSIS']) . '</option>';
 				}
 
 				$sort_days = $total = 0;

phpBB/includes/mcp/mcp_reports.php

@@ -73,18 +73,66 @@ class mcp_reports
 
 				// closed reports are accessed by report id
 				$report_id = request_var('r', 0);
+				$sql_ary = array(
+					'SELECT'	=> 'r.post_id, r.user_id, r.report_id, r.report_closed, report_time, r.report_text, r.reported_post_text, r.reported_post_uid, r.reported_post_bitfield, r.reported_post_enable_magic_url, r.reported_post_enable_smilies, r.reported_post_enable_bbcode, rr.reason_title, rr.reason_description, u.username, u.username_clean, u.user_colour',
 
-				$sql = 'SELECT r.post_id, r.user_id, r.report_id, r.report_closed, report_time, r.report_text, r.reported_post_text, r.reported_post_uid, r.reported_post_bitfield, r.reported_post_enable_magic_url, r.reported_post_enable_smilies, r.reported_post_enable_bbcode, rr.reason_title, rr.reason_description, u.username, u.username_clean, u.user_colour
+					'FROM'		=> array(
-					FROM ' . REPORTS_TABLE . ' r, ' . REPORTS_REASONS_TABLE . ' rr, ' . USERS_TABLE . ' u
+						REPORTS_TABLE			=> 'r',
-					WHERE ' . (($report_id) ? 'r.report_id = ' . $report_id : "r.post_id = $post_id") . '
+						REPORTS_REASONS_TABLE	=> 'rr',
+						USERS_TABLE				=> 'u',
+					),
+
+					'WHERE'		=> (($report_id) ? 'r.report_id = ' . $report_id : "r.post_id = $post_id") . '
 						AND rr.reason_id = r.reason_id
 						AND r.user_id = u.user_id
-						AND r.pm_id = 0
+						AND r.pm_id = 0',
-					ORDER BY report_closed ASC';
+
+					'ORDER_BY'	=> 'report_closed ASC',
+				);
+
+				/**
+				* Allow changing the query to obtain the user-submitted report.
+				*
+				* @event core.mcp_reports_report_details_query_before
+				* @var	array	sql_ary			The array in the format of the query builder with the query
+				* @var	mixed	forum_id		The forum_id, the number in the f GET parameter
+				* @var	int		post_id			The post_id of the report being viewed (if 0, it is meaningless)
+				* @var	int		report_id		The report_id of the report being viewed
+				* @since 3.1.5-RC1
+				*/
+				$vars = array(
+					'sql_ary',
+					'forum_id',
+					'post_id',
+					'report_id',
+				);
+				extract($phpbb_dispatcher->trigger_event('core.mcp_reports_report_details_query_before', compact($vars)));
+
+				$sql = $db->sql_build_query('SELECT', $sql_ary);
 				$result = $db->sql_query_limit($sql, 1);
 				$report = $db->sql_fetchrow($result);
 				$db->sql_freeresult($result);
 
+				/**
+				* Allow changing the data obtained from the user-submitted report.
+				*
+				* @event core.mcp_reports_report_details_query_after
+				* @var	array	sql_ary		The array in the format of the query builder with the query that had been executted
+				* @var	mixed	forum_id	The forum_id, the number in the f GET parameter
+				* @var	int		post_id		The post_id of the report being viewed (if 0, it is meaningless)
+				* @var	int		report_id	The report_id of the report being viewed
+				* @var	int		report		The query's resulting row.
+				* @since 3.1.5-RC1
+				*/
+				$vars = array(
+					'sql_ary',
+					'forum_id',
+					'post_id',
+					'report_id',
+					'report',
+				);
+				extract($phpbb_dispatcher->trigger_event('core.mcp_reports_report_details_query_after', compact($vars)));
+
 				if (!$report)
 				{
 					trigger_error('NO_REPORT');
@@ -489,6 +537,7 @@ function close_report($report_id_list, $mode, $action, $pm = false)
 	{
 		$post_id_list[] = $row[$id_column];
 	}
+	$db->sql_freeresult($result);
 	$post_id_list = array_unique($post_id_list);
 
 	if ($pm)

phpBB/includes/message_parser.php

@@ -21,6 +21,19 @@ if (!defined('IN_PHPBB'))
 
 if (!class_exists('bbcode'))
 {
+	// The following lines are for extensions which include message_parser.php
+	// while $phpbb_root_path and $phpEx are out of the script scope
+	// which may lead to the 'Undefined variable' and 'failed to open stream' errors
+	if (!isset($phpbb_root_path))
+	{
+		global $phpbb_root_path;
+	}
+
+	if (!isset($phpEx))
+	{
+		global $phpEx;
+	}
+
 	include($phpbb_root_path . 'includes/bbcode.' . $phpEx);
 }
 
@@ -115,6 +128,9 @@ class bbcode_firstpass extends bbcode
 		// [quote] in second position.
 		// To parse multiline URL we enable dotall option setting only for URL text
 		// but not for link itself, thus [url][/url] is not affected.
+		//
+		// To perform custom validation in extension, use $this->validate_bbcode_by_extension()
+		// method which accepts variable number of parameters
 		$this->bbcodes = array(
 			'code'			=> array('bbcode_id' => 8,	'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#uise' => "\$this->bbcode_code('\$1', '\$2')")),
 			'quote'			=> array('bbcode_id' => 0,	'regexp' => array('#\[quote(?:="(.*?)")?\](.+)\[/quote\]#uise' => "\$this->bbcode_quote('\$0')")),
@@ -775,28 +791,6 @@ class bbcode_firstpass extends bbcode
 				else if (preg_match('#^quote(?:="(.*?)")?$#is', $buffer, $m) && substr($out, -1, 1) == '[')
 				{
 					$this->parsed_items['quote']++;
-
-					// the buffer holds a valid opening tag
-					if ($config['max_quote_depth'] && sizeof($close_tags) >= $config['max_quote_depth'])
-					{
-						if ($config['max_quote_depth'] == 1)
-						{
-							// Depth 1 - no nesting is allowed
-							$error_ary['quote_depth'] = $user->lang('QUOTE_NO_NESTING');
-						}
-						else
-						{
-							// There are too many nested quotes
-							$error_ary['quote_depth'] = $user->lang('QUOTE_DEPTH_EXCEEDED', (int) $config['max_quote_depth']);
-						}
-
-						$out .= $buffer . $tok;
-						$tok = '[]';
-						$buffer = '';
-
-						continue;
-					}
-
 					array_push($close_tags, '/quote:' . $this->bbcode_uid);
 
 					if (isset($m[1]) && $m[1])
@@ -1261,6 +1255,12 @@ class parse_message extends bbcode_firstpass
 			return $update_this_message ? $this->warn_msg : $return_message;
 		}
 
+		// Remove quotes that are nested too deep
+		if ($config['max_quote_depth'] > 0)
+		{
+			$this->remove_nested_quotes($config['max_quote_depth']);
+		}
+
 		// Check for "empty" message. We do not check here for maximum length, because bbcode, smilies, etc. can add to the length.
 		// The maximum length check happened before any parsings.
 		if ($mode === 'post' && utf8_clean_string($this->message) === '')
@@ -1839,6 +1839,50 @@ class parse_message extends bbcode_firstpass
 		$poll['poll_max_options'] = ($poll['poll_max_options'] < 1) ? 1 : (($poll['poll_max_options'] > $config['max_poll_options']) ? $config['max_poll_options'] : $poll['poll_max_options']);
 	}
 
+	/**
+	* Remove nested quotes at given depth in current parsed message
+	*
+	* @param  integer $max_depth Depth limit
+	* @return null
+	*/
+	public function remove_nested_quotes($max_depth)
+	{
+		// Capture all [quote] and [/quote] tags
+		preg_match_all('(\\[/?quote(?:=&quot;(.*?)&quot;)?:' . $this->bbcode_uid . '\\])', $this->message, $matches, PREG_OFFSET_CAPTURE);
+
+		// Iterate over the quote tags to mark the ranges that must be removed
+		$depth = 0;
+		$ranges = array();
+		$start_pos = 0;
+		foreach ($matches[0] as $match)
+		{
+			if ($match[0][1] === '/')
+			{
+				--$depth;
+				if ($depth == $max_depth)
+				{
+					$end_pos = $match[1] + strlen($match[0]);
+					$length = $end_pos - $start_pos;
+					$ranges[] = array($start_pos, $length);
+				}
+			}
+			else
+			{
+				++$depth;
+				if ($depth == $max_depth + 1)
+				{
+					$start_pos = $match[1];
+				}
+			}
+		}
+
+		foreach (array_reverse($ranges) as $range)
+		{
+			list($start_pos, $length) = $range;
+			$this->message = substr_replace($this->message, '', $start_pos, $length);
+		}
+	}
+
 	/**
 	* Setter function for passing the plupload object
 	*
@@ -1862,4 +1906,36 @@ class parse_message extends bbcode_firstpass
 	{
 		$this->mimetype_guesser = $mimetype_guesser;
 	}
+
+	/**
+	* Function to perform custom bbcode validation by extensions
+	* can be used in bbcode_init() to assign regexp replacement
+	* Example: 'regexp' => array('#\[b\](.*?)\[/b\]#uise' => "\$this->validate_bbcode_by_extension('\$1')")
+	*
+	* Accepts variable number of parameters
+	*
+	* @return mixed Validation result
+	*/
+	public function validate_bbcode_by_extension()
+	{
+		global $phpbb_dispatcher;
+
+		$return = false;
+		$params_array = func_get_args();
+
+		/**
+		* Event to validate bbcode with the custom validating methods
+		* provided by extensions
+		*
+		* @event core.validate_bbcode_by_extension
+		* @var array	params_array	Array with the function parameters
+		* @var mixed	return			Validation result to return
+		*
+		* @since 3.1.5-RC1
+		*/
+		$vars = array('params_array', 'return');
+		extract($phpbb_dispatcher->trigger_event('core.validate_bbcode_by_extension', compact($vars)));
+
+		return $return;
+	}
 }

phpBB/includes/startup.php

@@ -94,7 +94,11 @@ if (version_compare(PHP_VERSION, '5.4.0-dev', '>='))
 }
 else
 {
-	@set_magic_quotes_runtime(0);
+	if (get_magic_quotes_runtime())
+	{
+		// Deactivate
+		@set_magic_quotes_runtime(0);
+	}
 
 	// Be paranoid with passed vars
 	if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on' || !function_exists('ini_get'))

phpBB/includes/ucp/ucp_notifications.php

@@ -52,11 +52,11 @@ class ucp_notifications
 
 					$notification_methods = $phpbb_notifications->get_subscription_methods();
 
-					foreach($phpbb_notifications->get_subscription_types() as $group => $subscription_types)
+					foreach ($phpbb_notifications->get_subscription_types() as $group => $subscription_types)
 					{
-						foreach($subscription_types as $type => $data)
+						foreach ($subscription_types as $type => $data)
 						{
-							foreach($notification_methods as $method => $method_data)
+							foreach ($notification_methods as $method => $method_data)
 							{
 								if ($request->is_set_post(str_replace('.', '_', $type . '_' . $method_data['id'])) && (!isset($subscriptions[$type]) || !in_array($method_data['id'], $subscriptions[$type])))
 								{
@@ -180,13 +180,13 @@ class ucp_notifications
 	{
 		$notification_methods = $phpbb_notifications->get_subscription_methods();
 
-		foreach($phpbb_notifications->get_subscription_types() as $group => $subscription_types)
+		foreach ($phpbb_notifications->get_subscription_types() as $group => $subscription_types)
 		{
 			$template->assign_block_vars($block, array(
 				'GROUP_NAME'	=> $user->lang($group),
 			));
 
-			foreach($subscription_types as $type => $data)
+			foreach ($subscription_types as $type => $data)
 			{
 				$template->assign_block_vars($block, array(
 					'TYPE'				=> $type,
@@ -197,7 +197,7 @@ class ucp_notifications
 					'SUBSCRIBED'		=> (isset($subscriptions[$type])) ? true : false,
 				));
 
-				foreach($notification_methods as $method => $method_data)
+				foreach ($notification_methods as $method => $method_data)
 				{
 					$template->assign_block_vars($block . '.notification_methods', array(
 						'METHOD'			=> $method_data['id'],
@@ -227,7 +227,7 @@ class ucp_notifications
 	{
 		$notification_methods = $phpbb_notifications->get_subscription_methods();
 
-		foreach($notification_methods as $method => $method_data)
+		foreach ($notification_methods as $method => $method_data)
 		{
 			$template->assign_block_vars($block, array(
 				'METHOD'			=> $method_data['id'],

phpBB/includes/ucp/ucp_pm_compose.php

@@ -55,7 +55,6 @@ function compose_pm($id, $mode, $action, $user_folders = array())
 
 	$address_list	= $request->variable('address_list', array('' => array(0 => '')));
 
-	$submit		= (isset($_POST['post'])) ? true : false;
 	$preview	= (isset($_POST['preview'])) ? true : false;
 	$save		= (isset($_POST['save'])) ? true : false;
 	$load		= (isset($_POST['load'])) ? true : false;
@@ -69,6 +68,7 @@ function compose_pm($id, $mode, $action, $user_folders = array())
 
 	$refresh	= isset($_POST['add_file']) || isset($_POST['delete_file']) || $save || $load
 		|| $remove_u || $remove_g || $add_to || $add_bcc;
+	$submit = $request->is_set_post('post') && !$refresh && !$preview;
 
 	$action		= ($delete && !$preview && !$refresh && $submit) ? 'delete' : $action;
 	$select_single = ($config['allow_mass_pm'] && $auth->acl_get('u_masspm')) ? false : true;

phpBB/includes/ucp/ucp_prefs.php

@@ -69,7 +69,7 @@ class ucp_prefs
 				* @var	array	data		Array with current ucp options data
 				* @var	array	error		Array with list of errors
 				* @since 3.1.0-a1
-				* @changed 3.1.4-rc1 Added error variable to the event
+				* @changed 3.1.4-RC1 Added error variable to the event
 				*/
 				$vars = array('submit', 'data', 'error');
 				extract($phpbb_dispatcher->trigger_event('core.ucp_prefs_personal_data', compact($vars)));

phpBB/install/convertors/convert_phpbb20.php

@@ -38,7 +38,7 @@ $dbms = $phpbb_config_php_file->convert_30_dbms_to_31($dbms);
 $convertor_data = array(
 	'forum_name'	=> 'phpBB 2.0.x',
 	'version'		=> '1.0.3',
-	'phpbb_version'	=> '3.1.3',
+	'phpbb_version'	=> '3.1.5',
 	'author'		=> '<a href="https://www.phpbb.com/">phpBB Limited</a>',
 	'dbms'			=> $dbms,
 	'dbhost'		=> $dbhost,

phpBB/install/install_convert.php

@@ -619,7 +619,7 @@ class install_convert extends module
 	{
 		global $template, $user, $phpbb_root_path, $phpEx, $db, $lang, $config, $cache, $auth;
 		global $convert, $convert_row, $message_parser, $skip_rows, $language;
-		global $request, $phpbb_config_php_file;
+		global $request, $phpbb_config_php_file, $phpbb_dispatcher;
 
 		extract($phpbb_config_php_file->get_all());
 
@@ -796,7 +796,7 @@ class install_convert extends module
 		}
 
 		$error = false;
-		$convert->fulltext_search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user);
+		$convert->fulltext_search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher);
 
 		if ($error)
 		{

phpBB/install/install_install.php

@@ -1164,12 +1164,10 @@ class install_install extends module
 
 			foreach ($sql_query as $sql)
 			{
-				//$sql = trim(str_replace('|', ';', $sql));
+				// Ignore errors when the functions or types already exist
-				if (!$db->sql_query($sql))
+				// to allow installing phpBB twice in the same database with
-				{
+				// a different prefix
-					$error = $db->sql_error();
+				$db->sql_query($sql);
-					$this->p_master->db_error($error['message'], $sql, __LINE__, __FILE__);
-				}
 			}
 			unset($sql_query);
 		}
@@ -1461,7 +1459,7 @@ class install_install extends module
 	*/
 	function build_search_index($mode, $sub)
 	{
-		global $db, $lang, $phpbb_root_path, $phpEx, $config, $auth, $user;
+		global $db, $lang, $phpbb_root_path, $phpbb_dispatcher, $phpEx, $config, $auth, $user;
 
 		// Obtain any submitted data
 		$data = $this->get_submitted_data();
@@ -1494,7 +1492,7 @@ class install_install extends module
 		set_config_count(null, null, null, $config);
 
 		$error = false;
-		$search = new \phpbb\search\fulltext_native($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user);
+		$search = new \phpbb\search\fulltext_native($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher);
 
 		$sql = 'SELECT post_id, post_subject, post_text, poster_id, forum_id
 			FROM ' . POSTS_TABLE;

phpBB/install/schemas/schema_data.sql

@@ -273,7 +273,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('tpl_allow_php', '0
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_icons_path', 'images/upload_icons');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_path', 'files');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('use_system_cron', '0');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.1.4-dev');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.1.6-dev');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_expire_days', '90');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_gc', '14400');
 

phpBB/language/en/acp/extensions.php

@@ -68,6 +68,12 @@ $lang = array_merge($lang, array(
 	'EXTENSION_NAME'			=> 'Extension Name',
 	'EXTENSION_ACTIONS'			=> 'Actions',
 	'EXTENSION_OPTIONS'			=> 'Options',
+	'EXTENSION_INSTALL_HEADLINE'=> 'Installing an extension',
+	'EXTENSION_INSTALL_EXPLAIN'	=> '<ol>
+			<li>Download an extension from phpBB’s extensions database</li>
+			<li>Unzip the extension and upload it to the <samp>ext/</samp> directory of your phpBB board</li>
+			<li>Enable the extension, here in the Extensions manager</li>
+		</ol>',
 	'EXTENSION_UPDATE_HEADLINE'	=> 'Updating an extension',
 	'EXTENSION_UPDATE_EXPLAIN'	=> '<ol>
 			<li>Disable the extension</li>
@@ -75,7 +81,7 @@ $lang = array_merge($lang, array(
 			<li>Upload the new files</li>
 			<li>Enable the extension</li>
 		</ol>',
-	'EXTENSION_REMOVE_HEADLINE'	=> 'Completly removing an extension from your board',
+	'EXTENSION_REMOVE_HEADLINE'	=> 'Completely removing an extension from your board',
 	'EXTENSION_REMOVE_EXPLAIN'	=> '<ol>
 			<li>Disable the extension</li>
 			<li>Delete the extension’s data</li>
@@ -119,6 +125,8 @@ $lang = array_merge($lang, array(
 	'FORCE_UNSTABLE'					=> 'Always check for unstable versions',
 	'EXTENSIONS_VERSION_CHECK_SETTINGS'	=> 'Version check settings',
 
+	'BROWSE_EXTENSIONS_DATABASE'		=> 'Browse extensions database',
+
 	'META_FIELD_NOT_SET'	=> 'Required meta field %s has not been set.',
 	'META_FIELD_INVALID'	=> 'Meta field %s is invalid.',
 ));

phpBB/language/en/acp/language.php

@@ -73,4 +73,6 @@ $lang = array_merge($lang, array(
 	'THOSE_MISSING_LANG_VARIABLES'		=> 'The following language variables are missing from the “%s” language pack',
 
 	'UNINSTALLED_LANGUAGE_PACKS'	=> 'Uninstalled language packs',
+
+	'BROWSE_LANGUAGE_PACKS_DATABASE'	=> 'Browse language packs database',
 ));

phpBB/language/en/acp/styles.php

@@ -83,4 +83,6 @@ $lang = array_merge($lang, array(
 	'STYLE_USED_BY'				=> 'Used by (including robots)',
 
 	'UNINSTALL_DEFAULT'		=> 'You cannot uninstall the default style.',
+
+	'BROWSE_STYLES_DATABASE'	=> 'Browse styles database',
 ));

phpBB/language/en/captcha_recaptcha.php

@@ -47,6 +47,6 @@ $lang = array_merge($lang, array(
 	'RECAPTCHA_PRIVATE'				=> 'Private reCaptcha key',
 	'RECAPTCHA_PRIVATE_EXPLAIN'		=> 'Your private reCaptcha key. Keys can be obtained on <a href="http://www.google.com/recaptcha">www.google.com/recaptcha</a>.',
 
-	'RECAPTCHA_EXPLAIN'				=> 'In an effort to prevent automatic submissions, we require that you enter both of the words displayed into the text field underneath.',
+	'RECAPTCHA_EXPLAIN'				=> 'In an effort to prevent automatic submissions, we require that you type the text displayed into the field underneath.',
 	'RECAPTCHA_SOCKET_ERROR'		=> 'There was a problem connecting to the RECAPTCHA service: could not open socket. Try again later.',
 ));

phpBB/language/en/help_bbcode.php

@@ -90,7 +90,7 @@ $help = array(
 	),
 	array(
 		0 => 'Linking to another site',
-		1 => 'phpBB BBCode supports a number of ways of creating URIs (Uniform Resource Indicators) better known as URLs.<ul><li>The first of these uses the <strong>[url=][/url]</strong> tag, whatever you type after the = sign will cause the contents of that tag to act as a URL. For example to link to phpBB.com you could use:<br /><br /><strong>[url=http://www.phpbb.com/]</strong>Visit phpBB!<strong>[/url]</strong><br /><br />This would generate the following link, <a href="http://www.phpbb.com/">Visit phpBB!</a> Please notice that the link opens in the same window or a new window depending on the users browser preferences.</li><li>If you want the URL itself displayed as the link you can do this by simply using:<br /><br /><strong>[url]</strong>http://www.phpbb.com/<strong>[/url]</strong><br /><br />This would generate the following link, <a href="http://www.phpbb.com/">http://www.phpbb.com/</a></li><li>Additionally, phpBB features something called <i>Magic Links</i>, this will turn any syntactically correct URL into a link without you needing to specify any tags or even the leading http://. For example typing www.phpbb.com into your message will automatically lead to <a href="http://www.phpbb.com/">www.phpbb.com</a> being output when you view the message.</li><li>The same thing applies equally to email addresses, you can either specify an address explicitly for example:<br /><br /><strong>[email]</strong>no.one@domain.adr<strong>[/email]</strong><br /><br />which will output <a href="mailto:no.one@domain.adr">no.one@domain.adr</a> or you can just type no.one@domain.adr into your message and it will be automatically converted when you view.</li></ul>As with all the BBCode tags you can wrap URLs around any of the other tags such as <strong>[img][/img]</strong> (see next entry), <strong>[b][/b]</strong>, etc. As with the formatting tags it is up to you to ensure the correct open and close order is following, for example:<br /><br /><strong>[url=http://www.phpbb.com/][img]</strong>http://www.phpbb.com/theme/images/logos/blue/160x52.png<strong>[/url][/img]</strong><br /><br />is <span style="text-decoration: underline">not</span> correct which may lead to your post being deleted so take care.'
+		1 => 'phpBB BBCode supports a number of ways of creating URIs (Uniform Resource Indicators) better known as URLs.<ul><li>The first of these uses the <strong>[url=][/url]</strong> tag, whatever you type after the = sign will cause the contents of that tag to act as a URL. For example to link to phpBB.com you could use:<br /><br /><strong>[url=https://www.phpbb.com/]</strong>Visit phpBB!<strong>[/url]</strong><br /><br />This would generate the following link, <a href="https://www.phpbb.com/">Visit phpBB!</a> Please notice that the link opens in the same window or a new window depending on the users browser preferences.</li><li>If you want the URL itself displayed as the link you can do this by simply using:<br /><br /><strong>[url]</strong>https://www.phpbb.com/<strong>[/url]</strong><br /><br />This would generate the following link, <a href="https://www.phpbb.com/">https://www.phpbb.com/</a></li><li>Additionally, phpBB features something called <i>Magic Links</i>, this will turn any syntactically correct URL into a link without you needing to specify any tags or even the leading https://. For example typing www.phpbb.com into your message will automatically lead to <a href="https://www.phpbb.com/">www.phpbb.com</a> being output when you view the message.</li><li>The same thing applies equally to email addresses, you can either specify an address explicitly for example:<br /><br /><strong>[email]</strong>no.one@domain.adr<strong>[/email]</strong><br /><br />which will output <a href="mailto:no.one@domain.adr">no.one@domain.adr</a> or you can just type no.one@domain.adr into your message and it will be automatically converted when you view.</li></ul>As with all the BBCode tags you can wrap URLs around any of the other tags such as <strong>[img][/img]</strong> (see next entry), <strong>[b][/b]</strong>, etc. As with the formatting tags it is up to you to ensure the correct open and close order is following, for example:<br /><br /><strong>[url=https://www.phpbb.com/][img]</strong>https://www.phpbb.com/theme/images/logos/blue/160x52.png<strong>[/url][/img]</strong><br /><br />is <span style="text-decoration: underline">not</span> correct which may lead to your post being deleted so take care.'
 	),
 	array(
 		0 => '--',
@@ -98,7 +98,7 @@ $help = array(
 	),
 	array(
 		0 => 'Adding an image to a post',
-		1 => 'phpBB BBCode incorporates a tag for including images in your posts. Two very important things to remember when using this tag are: many users do not appreciate lots of images being shown in posts and secondly the image you display must already be available on the internet (it cannot exist only on your computer for example, unless you run a webserver!). To display an image you must surround the URL pointing to the image with <strong>[img][/img]</strong> tags. For example:<br /><br /><strong>[img]</strong>http://www.phpbb.com/theme/images/logos/blue/160x52.png<strong>[/img]</strong><br /><br />As noted in the URL section above you can wrap an image in a <strong>[url][/url]</strong> tag if you wish, e.g.<br /><br /><strong>[url=http://www.phpbb.com/][img]</strong>http://www.phpbb.com/theme/images/logos/blue/160x52.png<strong>[/img][/url]</strong><br /><br />would generate:<br /><br /><a href="http://www.phpbb.com/"><img src="http://www.phpbb.com/theme/images/logos/blue/160x52.png" alt="" /></a>'
+		1 => 'phpBB BBCode incorporates a tag for including images in your posts. Two very important things to remember when using this tag are: many users do not appreciate lots of images being shown in posts and secondly the image you display must already be available on the internet (it cannot exist only on your computer for example, unless you run a webserver!). To display an image you must surround the URL pointing to the image with <strong>[img][/img]</strong> tags. For example:<br /><br /><strong>[img]</strong>https://www.phpbb.com/theme/images/logos/blue/160x52.png<strong>[/img]</strong><br /><br />As noted in the URL section above you can wrap an image in a <strong>[url][/url]</strong> tag if you wish, e.g.<br /><br /><strong>[url=https://www.phpbb.com/][img]</strong>https://www.phpbb.com/theme/images/logos/blue/160x52.png<strong>[/img][/url]</strong><br /><br />would generate:<br /><br /><a href="https://www.phpbb.com/"><img src="https://www.phpbb.com/theme/images/logos/blue/160x52.png" alt="" /></a>'
 	),
 	array(
 		0 => 'Adding attachments into a post',

phpBB/language/en/migrator.php

@@ -52,6 +52,13 @@ $lang = array_merge($lang, array(
 	'MIGRATION_SCHEMA_DONE'				=> 'Installed Schema: %1$s; Time: %2$.2f seconds',
 	'MIGRATION_SCHEMA_RUNNING'			=> 'Installing Schema: %s.',
 
+	'MIGRATION_INVALID_DATA_MISSING_CONDITION'		=> 'A migration is invalid. An if statement helper is missing a condition.',
+	'MIGRATION_INVALID_DATA_MISSING_STEP'			=> 'A migration is invalid. An if statement helper is missing a valid call to a migration step.',
+	'MIGRATION_INVALID_DATA_CUSTOM_NOT_CALLABLE'	=> 'A migration is invalid. A custom callable function could not be called.',
+	'MIGRATION_INVALID_DATA_UNKNOWN_TYPE'			=> 'A migration is invalid. An unknown migration tool type was encountered.',
+	'MIGRATION_INVALID_DATA_UNDEFINED_TOOL'			=> 'A migration is invalid. An undefined migration tool was encountered.',
+	'MIGRATION_INVALID_DATA_UNDEFINED_METHOD'		=> 'A migration is invalid. An undefined migration tool method was encountered.',
+
 	'MODULE_ERROR'						=> 'An error occurred while creating a module: %s',
 	'MODULE_INFO_FILE_NOT_EXIST'		=> 'A required module info file is missing: %2$s',
 	'MODULE_NOT_EXIST'					=> 'A required module does not exist: %s',

phpBB/phpbb/auth/provider/base.php

@@ -61,7 +61,7 @@ abstract class base implements \phpbb\auth\provider\provider_interface
 	/**
 	* {@inheritdoc}
 	*/
-	public function get_auth_link_data()
+	public function get_auth_link_data($user_id = 0)
 	{
 		return;
 	}

phpBB/phpbb/auth/provider/ldap.php

@@ -289,7 +289,6 @@ class ldap extends \phpbb\auth\provider\base
 	/**
 	 * {@inheritdoc}
 	 */
-
 	public function acp()
 	{
 		// These are fields required in the config table
@@ -308,7 +307,7 @@ class ldap extends \phpbb\auth\provider\base
 			'TEMPLATE_VARS'	=> array(
 				'AUTH_LDAP_BASE_DN'		=> $new_config['ldap_base_dn'],
 				'AUTH_LDAP_EMAIL'		=> $new_config['ldap_email'],
-				'AUTH_LDAP_PASSORD'		=> $new_config['ldap_password'],
+				'AUTH_LDAP_PASSORD'		=> $new_config['ldap_password'] !== '' ? '********' : '',
 				'AUTH_LDAP_PORT'		=> $new_config['ldap_port'],
 				'AUTH_LDAP_SERVER'		=> $new_config['ldap_server'],
 				'AUTH_LDAP_UID'			=> $new_config['ldap_uid'],

phpBB/phpbb/auth/provider/oauth/oauth.php

@@ -553,13 +553,13 @@ class oauth extends \phpbb\auth\provider\base
 	/**
 	* {@inheritdoc}
 	*/
-	public function get_auth_link_data()
+	public function get_auth_link_data($user_id = 0)
 	{
 		$block_vars = array();
 
 		// Get all external accounts tied to the current user
 		$data = array(
-			'user_id' => (int) $this->user->data['user_id'],
+			'user_id' => ($user_id <= 0) ? (int) $this->user->data['user_id'] : (int) $user_id,
 		);
 		$sql = 'SELECT oauth_provider_id, provider FROM ' . $this->auth_provider_oauth_token_account_assoc . '
 			WHERE ' . $this->db->sql_build_array('SELECT', $data);
@@ -616,10 +616,13 @@ class oauth extends \phpbb\auth\provider\base
 			return 'LOGIN_LINK_MISSING_DATA';
 		}
 
+		// Remove user specified in $link_data if possible
+		$user_id = isset($link_data['user_id']) ? $link_data['user_id'] : $this->user->data['user_id'];
+
 		// Remove the link
 		$sql = 'DELETE FROM ' . $this->auth_provider_oauth_token_account_assoc . "
 			WHERE provider = '" . $this->db->sql_escape($link_data['oauth_service']) . "'
-				AND user_id = " . (int) $this->user->data['user_id'];
+				AND user_id = " . (int) $user_id;
 		$this->db->sql_query($sql);
 
 		// Clear all tokens belonging to the user on this servce

phpBB/phpbb/auth/provider/oauth/token_storage.php

@@ -13,7 +13,6 @@
 
 namespace phpbb\auth\provider\oauth;
 
-
 use OAuth\OAuth1\Token\StdOAuth1Token;
 use OAuth\Common\Token\TokenInterface;
 use OAuth\Common\Storage\TokenStorageInterface;
@@ -117,7 +116,8 @@ class token_storage implements TokenStorageInterface
 	{
 		$service = $this->get_service_name_for_db($service);
 
-		if ($this->cachedToken) {
+		if ($this->cachedToken)
+		{
 			return true;
 		}
 
@@ -232,7 +232,8 @@ class token_storage implements TokenStorageInterface
 	{
 		$service = $this->get_service_name_for_db($service);
 
-		if ($this->cachedToken instanceof TokenInterface) {
+		if ($this->cachedToken instanceof TokenInterface)
+		{
 			return $this->cachedToken;
 		}
 

phpBB/phpbb/auth/provider/provider_interface.php

@@ -166,6 +166,10 @@ interface provider_interface
 	/**
 	* Returns an array of data necessary to build the ucp_auth_link page
 	*
+	* @param int $user_id User ID for whom the data should be retrieved.
+	*						defaults to 0, which is not a valid ID. The method
+	*						should fall back to the current user's ID in this
+	*						case.
 	* @return	array|null	If this function is not implemented on an auth
 	*						provider then it returns null. If it is implemented
 	*						it will return an array of up to four elements of
@@ -181,7 +185,7 @@ interface provider_interface
 	*							'VARS'				=> array(...),
 	*						)
 	*/
-	public function get_auth_link_data();
+	public function get_auth_link_data($user_id = 0);
 
 	/**
 	* Unlinks an external account from a phpBB account.

phpBB/phpbb/cache/driver/memcache.php

@@ -50,7 +50,7 @@ class memcache extends \phpbb\cache\driver\memory
 		parent::__construct();
 
 		$this->memcache = new \Memcache;
-		foreach(explode(',', PHPBB_ACM_MEMCACHE) as $u)
+		foreach (explode(',', PHPBB_ACM_MEMCACHE) as $u)
 		{
 			$parts = explode('/', $u);
 			$this->memcache->addServer(trim($parts[0]), trim($parts[1]));

phpBB/phpbb/captcha/plugins/qa.php

@@ -125,7 +125,7 @@ class qa
 	*/
 	public function is_available()
 	{
-		global $config, $db, $phpbb_root_path, $phpEx, $user;
+		global $config, $db, $user;
 
 		// load language file for pretty display in the ACP dropdown
 		$user->add_lang('captcha_qa');
@@ -263,7 +263,7 @@ class qa
 	*/
 	function garbage_collect($type = 0)
 	{
-		global $db, $config;
+		global $db;
 
 		$sql = 'SELECT c.confirm_id
 			FROM ' . $this->table_qa_confirm . ' c
@@ -310,8 +310,6 @@ class qa
 
 		$db_tool = new \phpbb\db\tools($db);
 
-		$tables = array($this->table_captcha_questions, $this->table_captcha_answers, $this->table_qa_confirm);
-
 		$schemas = array(
 				$this->table_captcha_questions		=> array (
 					'COLUMNS' => array(
@@ -352,7 +350,7 @@ class qa
 				),
 		);
 
-		foreach($schemas as $table => $schema)
+		foreach ($schemas as $table => $schema)
 		{
 			if (!$db_tool->sql_table_exists($table))
 			{
@@ -366,7 +364,7 @@ class qa
 	*/
 	function validate()
 	{
-		global $config, $db, $user;
+		global $user;
 
 		$error = '';
 
@@ -414,7 +412,7 @@ class qa
 
 		if (!sizeof($this->question_ids))
 		{
-			return false;
+			return;
 		}
 		$this->confirm_id = md5(unique_id($user->ip));
 		$this->question = (int) array_rand($this->question_ids);
@@ -440,7 +438,7 @@ class qa
 
 		if (!sizeof($this->question_ids))
 		{
-			return false;
+			return;
 		}
 
 		$this->question = (int) array_rand($this->question_ids);
@@ -611,8 +609,8 @@ class qa
 	*/
 	function acp_page($id, &$module)
 	{
-		global $db, $user, $auth, $template;
+		global $user, $template;
-		global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;
+		global $config;
 
 		$user->add_lang('acp/board');
 		$user->add_lang('captcha_qa');
@@ -674,11 +672,7 @@ class qa
 		else
 		{
 			// okay, show the editor
-			$error = false;
+			$question_input = $this->acp_get_question_input();
-			$input_question = request_var('question_text', '', true);
-			$input_answers = request_var('answers', '', true);
-			$input_lang = request_var('lang_iso', '', true);
-			$input_strict = request_var('strict', false);
 			$langs = $this->get_languages();
 
 			foreach ($langs as $lang => $entry)
@@ -697,13 +691,11 @@ class qa
 			{
 				if ($question = $this->acp_get_question_data($question_id))
 				{
-					$answers = (isset($input_answers[$lang])) ? $input_answers[$lang] : implode("\n", $question['answers']);
-
 					$template->assign_vars(array(
-						'QUESTION_TEXT'		=> ($input_question) ? $input_question : $question['question_text'],
+						'QUESTION_TEXT'		=> ($question_input['question_text']) ? $question_input['question_text'] : $question['question_text'],
-						'LANG_ISO'			=> ($input_lang) ? $input_lang : $question['lang_iso'],
+						'LANG_ISO'			=> ($question_input['lang_iso']) ? $question_input['lang_iso'] : $question['lang_iso'],
-						'STRICT'			=> (isset($_REQUEST['strict'])) ? $input_strict : $question['strict'],
+						'STRICT'			=> (isset($_REQUEST['strict'])) ? $question_input['strict'] : $question['strict'],
-						'ANSWERS'			=> $answers,
+						'ANSWERS'			=> implode("\n", $question['answers']),
 					));
 				}
 				else
@@ -714,18 +706,16 @@ class qa
 			else
 			{
 				$template->assign_vars(array(
-					'QUESTION_TEXT'		=> $input_question,
+					'QUESTION_TEXT'		=> $question_input['question_text'],
-					'LANG_ISO'			=> $input_lang,
+					'LANG_ISO'			=> $question_input['lang_iso'],
-					'STRICT'			=> $input_strict,
+					'STRICT'			=> $question_input['strict'],
-					'ANSWERS'			=> $input_answers,
+					'ANSWERS'			=> (is_array($question_input['answers'])) ? implode("\n", $question_input['answers']) : '',
 				));
 			}
 
 			if ($submit && check_form_key($form_key))
 			{
-				$data = $this->acp_get_question_input();
+				if (!$this->validate_input($question_input))
-
-				if (!$this->validate_input($data))
 				{
 					$template->assign_vars(array(
 						'S_ERROR'			=> true,
@@ -735,11 +725,11 @@ class qa
 				{
 					if ($question_id)
 					{
-						$this->acp_update_question($data, $question_id);
+						$this->acp_update_question($question_input, $question_id);
 					}
 					else
 					{
-						$this->acp_add_question($data);
+						$this->acp_add_question($question_input);
 					}
 
 					add_log('admin', 'LOG_CONFIG_VISUAL');
@@ -819,6 +809,8 @@ class qa
 
 			return $question;
 		}
+
+		return false;
 	}
 
 	/**
@@ -827,13 +819,21 @@ class qa
 	function acp_get_question_input()
 	{
 		$answers = utf8_normalize_nfc(request_var('answers', '', true));
+
+		// Convert answers into array and filter if answers are set
+		if (strlen($answers))
+		{
+			$answers = array_filter(array_map('trim', explode("\n", $answers)), function ($value) {
+				return $value !== '';
+			});
+		}
+
 		$question = array(
 			'question_text'	=> request_var('question_text', '', true),
 			'strict'		=> request_var('strict', false),
 			'lang_iso'		=> request_var('lang_iso', ''),
-			'answers'		=> (strlen($answers)) ? explode("\n", $answers) : '',
+			'answers'		=> $answers,
 		);
-
 		return $question;
 	}
 

phpBB/phpbb/content_visibility.php

@@ -237,7 +237,7 @@ class content_visibility
 			if (!sizeof($forum_ids))
 			{
 				// The user can see all posts/topics in all specified forums
-				return $this->db->sql_in_set($table_alias . 'forum_id', $approve_forums);
+				return $where_sql . $this->db->sql_in_set($table_alias . 'forum_id', $approve_forums) . ')';
 			}
 			else
 			{
@@ -248,8 +248,8 @@ class content_visibility
 		else
 		{
 			// The user is just a normal user
-			return $table_alias . $mode . '_visibility = ' . ITEM_APPROVED . '
+			return $where_sql . $table_alias . $mode . '_visibility = ' . ITEM_APPROVED . '
-				AND ' . $this->db->sql_in_set($table_alias . 'forum_id', $forum_ids, false, true);
+				AND ' . $this->db->sql_in_set($table_alias . 'forum_id', $forum_ids, false, true) . ')';
 		}
 
 		$where_sql .= '(' . $table_alias . $mode . '_visibility = ' . ITEM_APPROVED . '

phpBB/phpbb/controller/helper.php

@@ -13,6 +13,7 @@
 
 namespace phpbb\controller;
 
+use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Generator\UrlGenerator;
 use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
@@ -142,6 +143,12 @@ class helper
 
 		$base_url = $context->getBaseUrl();
 
+		// Append page name if base URL does not contain it
+		if (!empty($page_name) && strpos($base_url, '/' . $page_name) === false)
+		{
+			$base_url .= '/' . $page_name;
+		}
+
 		// If enable_mod_rewrite is false we need to replace the current front-end by app.php, otherwise we need to remove it.
 		$base_url = str_replace('/' . $page_name, empty($this->config['enable_mod_rewrite']) ? '/app.' . $this->php_ext : '', $base_url);
 
@@ -206,12 +213,31 @@ class helper
 	public function message($message, array $parameters = array(), $title = 'INFORMATION', $code = 200)
 	{
 		array_unshift($parameters, $message);
+		$message_text = call_user_func_array(array($this->user, 'lang'), $parameters);
+		$message_title = $this->user->lang($title);
+
+		if ($this->request->is_ajax())
+		{
+			global $refresh_data;
+
+			return new JsonResponse(
+				array(
+					'MESSAGE_TITLE'		=> $message_title,
+					'MESSAGE_TEXT'		=> $message_text,
+					'S_USER_WARNING'	=> false,
+					'S_USER_NOTICE'		=> false,
+					'REFRESH_DATA'		=> (!empty($refresh_data)) ? $refresh_data : null
+				),
+				$code
+			);
+		}
+
 		$this->template->assign_vars(array(
-			'MESSAGE_TEXT'	=> call_user_func_array(array($this->user, 'lang'), $parameters),
+			'MESSAGE_TEXT'	=> $message_text,
-			'MESSAGE_TITLE'	=> $this->user->lang($title),
+			'MESSAGE_TITLE'	=> $message_title,
 		));
 
-		return $this->render('message_body.html', $this->user->lang($title), $code);
+		return $this->render('message_body.html', $message_title, $code);
 	}
 
 	/**

phpBB/phpbb/cron/task/core/tidy_search.php

@@ -20,24 +20,60 @@ namespace phpbb\cron\task\core;
 */
 class tidy_search extends \phpbb\cron\task\base
 {
+	/**
+	* phpBB root path
+	* @var string
+	*/
 	protected $phpbb_root_path;
+
+	/**
+	* PHP file extension
+	* @var string
+	*/
 	protected $php_ext;
+
+	/**
+	* Auth object
+	* @var \phpbb\auth\auth
+	*/
 	protected $auth;
+
+	/**
+	* Config object
+	* @var \phpbb\config\config
+	*/
 	protected $config;
+
+	/**
+	* Database object
+	* @var \phpbb\db\driver\driver_interface
+	*/
 	protected $db;
+
+	/**
+	* User object
+	* @var \phpbb\user
+	*/
 	protected $user;
 
+	/**
+	* Event dispatcher object
+	* @var \phpbb\event\dispatcher_interface
+	*/
+	protected $phpbb_dispatcher;
+
 	/**
 	* Constructor.
 	*
-	* @param string $phpbb_root_path The root path
+	* @param string $phpbb_root_path The phpBB root path
 	* @param string $php_ext The PHP file extension
-	* @param \phpbb\auth\auth $auth The auth
+	* @param \phpbb\auth\auth $auth The auth object
-	* @param \phpbb\config\config $config The config
+	* @param \phpbb\config\config $config The config object
-	* @param \phpbb\db\driver\driver_interface $db The db connection
+	* @param \phpbb\db\driver\driver_interface $db The database object
-	* @param \phpbb\user $user The user
+	* @param \phpbb\user $user The user object
+	* @param \phpbb\event\dispatcher_interface $phpbb_dispatcher The event dispatcher object
 	*/
-	public function __construct($phpbb_root_path, $php_ext, \phpbb\auth\auth $auth, \phpbb\config\config $config, \phpbb\db\driver\driver_interface $db, \phpbb\user $user)
+	public function __construct($phpbb_root_path, $php_ext, \phpbb\auth\auth $auth, \phpbb\config\config $config, \phpbb\db\driver\driver_interface $db, \phpbb\user $user, \phpbb\event\dispatcher_interface $phpbb_dispatcher)
 	{
 		$this->phpbb_root_path = $phpbb_root_path;
 		$this->php_ext = $php_ext;
@@ -45,6 +81,7 @@ class tidy_search extends \phpbb\cron\task\base
 		$this->config = $config;
 		$this->db = $db;
 		$this->user = $user;
+		$this->phpbb_dispatcher = $phpbb_dispatcher;
 	}
 
 	/**
@@ -58,7 +95,7 @@ class tidy_search extends \phpbb\cron\task\base
 
 		// We do some additional checks in the module to ensure it can actually be utilised
 		$error = false;
-		$search = new $search_type($error, $this->phpbb_root_path, $this->php_ext, $this->auth, $this->config, $this->db, $this->user);
+		$search = new $search_type($error, $this->phpbb_root_path, $this->php_ext, $this->auth, $this->config, $this->db, $this->user, $this->phpbb_dispatcher);
 
 		if (!$error)
 		{

phpBB/phpbb/db/migration/data/v30x/release_3_0_14.php

@@ -0,0 +1,37 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+namespace phpbb\db\migration\data\v30x;
+
+class release_3_0_14 extends \phpbb\db\migration\migration
+{
+	public function effectively_installed()
+	{
+		return phpbb_version_compare($this->config['version'], '3.0.14', '>=') && phpbb_version_compare($this->config['version'], '3.1.0-dev', '<');
+	}
+
+	static public function depends_on()
+	{
+		return array('\phpbb\db\migration\data\v30x\release_3_0_14_rc1');
+	}
+
+	public function update_data()
+	{
+		return array(
+			array('if', array(
+				phpbb_version_compare($this->config['version'], '3.0.14', '<'),
+				array('config.update', array('version', '3.0.14')),
+			)),
+		);
+	}
+}

phpBB/phpbb/db/migration/data/v30x/release_3_0_14_rc1.php

@@ -0,0 +1,37 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+namespace phpbb\db\migration\data\v30x;
+
+class release_3_0_14_rc1 extends \phpbb\db\migration\migration
+{
+	public function effectively_installed()
+	{
+		return phpbb_version_compare($this->config['version'], '3.0.14-RC1', '>=') && phpbb_version_compare($this->config['version'], '3.1.0-dev', '<');
+	}
+
+	static public function depends_on()
+	{
+		return array('\phpbb\db\migration\data\v30x\release_3_0_13');
+	}
+
+	public function update_data()
+	{
+		return array(
+			array('if', array(
+				phpbb_version_compare($this->config['version'], '3.0.14-RC1', '<'),
+				array('config.update', array('version', '3.0.14-RC1')),
+			)),
+		);
+	}
+}

phpBB/phpbb/db/migration/data/v310/avatars.php

@@ -17,7 +17,29 @@ class avatars extends \phpbb\db\migration\migration
 {
 	public function effectively_installed()
 	{
-		return isset($this->config['allow_avatar_gravatar']);
+		// Get current avatar type of guest user
+		$sql = 'SELECT user_avatar_type
+			FROM ' . $this->table_prefix . 'users
+			WHERE user_id = ' . ANONYMOUS;
+		$result = $this->db->sql_query($sql);
+		$backup_type = $this->db->sql_fetchfield('user_avatar_type');
+		$this->db->sql_freeresult($result);
+
+		// Try to set avatar type to string
+		$sql = 'UPDATE ' . $this->table_prefix . "users
+			SET user_avatar_type = 'avatar.driver.upload'
+			WHERE user_id = " . ANONYMOUS;
+		$this->db->sql_return_on_error(true);
+		$effectively_installed = $this->db->sql_query($sql);
+		$this->db->sql_return_on_error();
+
+		// Restore avatar type of guest user to previous state
+		$sql = 'UPDATE ' . $this->table_prefix . "users
+			SET user_avatar_type = '{$backup_type}'
+			WHERE user_id = " . ANONYMOUS;
+		$this->db->sql_query($sql);
+
+		return $effectively_installed !== false;
 	}
 
 	static public function depends_on()

phpBB/phpbb/db/migration/data/v310/style_update_p1.php

@@ -136,7 +136,7 @@ class style_update_p1 extends \phpbb\db\migration\migration
 		if (!sizeof($valid_styles))
 		{
 			// No valid styles: remove everything and add prosilver
-			$this->sql_query('DELETE FROM ' . STYLES_TABLE, $errored, $error_ary);
+			$this->sql_query('DELETE FROM ' . STYLES_TABLE);
 
 			$sql_ary = array(
 				'style_name'		=> 'prosilver',
@@ -157,13 +157,13 @@ class style_update_p1 extends \phpbb\db\migration\migration
 			$this->sql_query($sql);
 
 			$sql = 'SELECT style_id
-				FROM ' . $table . "
+				FROM ' . STYLES_TABLE . "
 				WHERE style_name = 'prosilver'";
 			$result = $this->sql_query($sql);
 			$default_style = $this->db->sql_fetchfield($result);
 			$this->db->sql_freeresult($result);
 
-			set_config('default_style', $default_style);
+			$this->config->set('default_style', $default_style);
 
 			$sql = 'UPDATE ' . USERS_TABLE . ' SET user_style = 0';
 			$this->sql_query($sql);

phpBB/phpbb/db/migration/data/v31x/v314.php

@@ -0,0 +1,32 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+namespace phpbb\db\migration\data\v31x;
+
+class v314 extends \phpbb\db\migration\migration
+{
+	static public function depends_on()
+	{
+		return array(
+			'\phpbb\db\migration\data\v30x\release_3_0_14',
+			'\phpbb\db\migration\data\v31x\v314rc2',
+		);
+	}
+
+	public function update_data()
+	{
+		return array(
+			array('config.update', array('version', '3.1.4')),
+		);
+	}
+}

phpBB/phpbb/db/migration/data/v31x/v314rc1.php

@@ -0,0 +1,31 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+namespace phpbb\db\migration\data\v31x;
+
+class v314rc1 extends \phpbb\db\migration\migration
+{
+	static public function depends_on()
+	{
+		return array(
+			'\phpbb\db\migration\data\v31x\v313',
+		);
+	}
+
+	public function update_data()
+	{
+		return array(
+			array('config.update', array('version', '3.1.4-RC1')),
+		);
+	}
+}

phpBB/phpbb/db/migration/data/v31x/v314rc2.php

@@ -0,0 +1,32 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+namespace phpbb\db\migration\data\v31x;
+
+class v314rc2 extends \phpbb\db\migration\migration
+{
+	static public function depends_on()
+	{
+		return array(
+			'\phpbb\db\migration\data\v30x\release_3_0_14_rc1',
+			'\phpbb\db\migration\data\v31x\v314rc1',
+		);
+	}
+
+	public function update_data()
+	{
+		return array(
+			array('config.update', array('version', '3.1.4-RC2')),
+		);
+	}
+}

phpBB/phpbb/db/migration/data/v31x/v315.php

@@ -0,0 +1,31 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+namespace phpbb\db\migration\data\v31x;
+
+class v315 extends \phpbb\db\migration\migration
+{
+	static public function depends_on()
+	{
+		return array(
+			'\phpbb\db\migration\data\v31x\v315rc1',
+		);
+	}
+
+	public function update_data()
+	{
+		return array(
+			array('config.update', array('version', '3.1.5')),
+		);
+	}
+}

phpBB/phpbb/db/migration/data/v31x/v315rc1.php

@@ -0,0 +1,31 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+namespace phpbb\db\migration\data\v31x;
+
+class v315rc1 extends \phpbb\db\migration\migration
+{
+	static public function depends_on()
+	{
+		return array(
+			'\phpbb\db\migration\data\v31x\v314',
+		);
+	}
+
+	public function update_data()
+	{
+		return array(
+			array('config.update', array('version', '3.1.5-RC1')),
+		);
+	}
+}

phpBB/phpbb/db/migration/tool/permission.php

@@ -425,13 +425,27 @@ class permission implements \phpbb\db\migration\tool\tool_interface
 				$role_id = (int) $this->db->sql_fetchfield('auth_role_id');
 				if ($role_id)
 				{
-					$sql = 'SELECT role_name
+					$sql = 'SELECT role_name, role_type
 						FROM ' . ACL_ROLES_TABLE . '
 						WHERE role_id = ' . $role_id;
 					$this->db->sql_query($sql);
-					$role_name = $this->db->sql_fetchfield('role_name');
+					$role_data = $this->db->sql_fetchrow();
+					$role_name = $role_data['role_name'];
+					$role_type = $role_data['role_type'];
 
-					return $this->permission_set($role_name, $auth_option, 'role', $has_permission);
+					// Filter new auth options to match the role type: a_ | f_ | m_ | u_
+					// Set new auth options to the role only if options matching the role type were found
+					$auth_option = array_filter($auth_option,
+						function ($option) use ($role_type)
+						{
+							return strpos($option, $role_type) === 0;
+						}
+					);
+
+					if (sizeof($auth_option))
+					{
+						return $this->permission_set($role_name, $auth_option, 'role', $has_permission);
+					}
 				}
 
 				$sql = 'SELECT auth_option_id, auth_setting

phpBB/phpbb/di/container_builder.php

@@ -399,7 +399,6 @@ class container_builder
 	*/
 	protected function get_container_filename()
 	{
-		$filename = str_replace(array('/', '.'), array('slash', 'dot'), $this->phpbb_root_path);
+		return $this->phpbb_root_path . 'cache/container_' . md5($this->phpbb_root_path) . '.' . $this->php_ext;
-		return $this->phpbb_root_path . 'cache/container_' . $filename . '.' . $this->php_ext;
 	}
 }

phpBB/phpbb/event/md_exporter.php

@@ -24,6 +24,12 @@ class md_exporter
 	/** @var string phpBB Root Path */
 	protected $root_path;
 
+	/** @var string The minimum version for the events to return */
+	protected $min_version;
+
+	/** @var string The maximum version for the events to return */
+	protected $max_version;
+
 	/** @var string */
 	protected $filter;
 
@@ -36,8 +42,10 @@ class md_exporter
 	/**
 	* @param string $phpbb_root_path
 	* @param mixed $extension	String 'vendor/ext' to filter, null for phpBB core
+	* @param string $min_version
+	* @param string $max_version
 	*/
-	public function __construct($phpbb_root_path, $extension = null)
+	public function __construct($phpbb_root_path, $extension = null, $min_version = null, $max_version = null)
 	{
 		$this->root_path = $phpbb_root_path;
 		$this->path = $this->root_path;
@@ -49,6 +57,8 @@ class md_exporter
 		$this->events = array();
 		$this->events_by_file = array();
 		$this->filter = $this->current_event = '';
+		$this->min_version = $min_version;
+		$this->max_version = $max_version;
 	}
 
 	/**
@@ -147,15 +157,64 @@ class md_exporter
 			}
 
 			list($file_details, $details) = explode("\n* Since: ", $details, 2);
-			list($since, $description) = explode("\n* Purpose: ", $details, 2);
+
+			$changed_versions = array();
+			if (strpos($details, "\n* Changed: ") !== false)
+			{
+				list($since, $details) = explode("\n* Changed: ", $details, 2);
+				while (strpos($details, "\n* Changed: ") !== false)
+				{
+					list($changed, $details) = explode("\n* Changed: ", $details, 2);
+					$changed_versions[] = $changed;
+				}
+				list($changed, $description) = explode("\n* Purpose: ", $details, 2);
+				$changed_versions[] = $changed;
+			}
+			else
+			{
+				list($since, $description) = explode("\n* Purpose: ", $details, 2);
+				$changed_versions = array();
+			}
 
 			$files = $this->validate_file_list($file_details);
 			$since = $this->validate_since($since);
+			$changes = array();
+			foreach ($changed_versions as $changed)
+			{
+				list($changed_version, $changed_description) = $this->validate_changed($changed);
+
+				if (isset($changes[$changed_version]))
+				{
+					throw new \LogicException("Duplicate change information found for event '{$this->current_event}'");
+				}
+
+				$changes[$changed_version] = $changed_description;
+			}
+			$description = trim($description, "\n") . "\n";
+
+			if (!$this->version_is_filtered($since))
+			{
+				$is_filtered = false;
+				foreach ($changes as $version => $null)
+				{
+					if ($this->version_is_filtered($version))
+					{
+						$is_filtered = true;
+						break;
+					}
+				}
+
+				if (!$is_filtered)
+				{
+					continue;
+				}
+			}
 
 			$this->events[$event_name] = array(
 				'event'			=> $this->current_event,
 				'files'			=> $files,
 				'since'			=> $since,
+				'changed'		=> $changes,
 				'description'	=> $description,
 			);
 		}
@@ -163,21 +222,49 @@ class md_exporter
 		return sizeof($this->events);
 	}
 
+	/**
+	 * The version to check
+	 *
+	 * @param string $version
+	 * @return bool
+	 */
+	protected function version_is_filtered($version)
+	{
+		return (!$this->min_version || phpbb_version_compare($this->min_version, $version, '<='))
+		&& (!$this->max_version || phpbb_version_compare($this->max_version, $version, '>='));
+	}
+
 	/**
 	* Format the php events as a wiki table
+	*
+	* @param string $action
 	* @return string		Number of events found
 	*/
-	public function export_events_for_wiki()
+	public function export_events_for_wiki($action = '')
 	{
 		if ($this->filter === 'adm')
 		{
-			$wiki_page = '= ACP Template Events =' . "\n";
+			if ($action === 'diff')
+			{
+				$wiki_page = '=== ACP Template Events ===' . "\n";
+			}
+			else
+			{
+				$wiki_page = '= ACP Template Events =' . "\n";
+			}
 			$wiki_page .= '{| class="zebra sortable" cellspacing="0" cellpadding="5"' . "\n";
 			$wiki_page .= '! Identifier !! Placement !! Added in Release !! Explanation' . "\n";
 		}
 		else
 		{
-			$wiki_page = '= Template Events =' . "\n";
+			if ($action === 'diff')
+			{
+				$wiki_page = '=== Template Events ===' . "\n";
+			}
+			else
+			{
+				$wiki_page = '= Template Events =' . "\n";
+			}
 			$wiki_page .= '{| class="zebra sortable" cellspacing="0" cellpadding="5"' . "\n";
 			$wiki_page .= '! Identifier !! Prosilver Placement (If applicable) !! Subsilver Placement (If applicable) !! Added in Release !! Explanation' . "\n";
 		}
@@ -227,7 +314,7 @@ class md_exporter
 	*/
 	public function validate_since($since)
 	{
-		if (!preg_match('#^\d+\.\d+\.\d+(?:-(?:a|b|RC|pl)\d+)?$#', $since))
+		if (!$this->validate_version($since))
 		{
 			throw new \LogicException("Invalid since information found for event '{$this->current_event}'");
 		}
@@ -235,6 +322,44 @@ class md_exporter
 		return $since;
 	}
 
+	/**
+	* Validate "Changed" Information
+	*
+	* @param string $changed
+	* @return string
+	* @throws \LogicException
+	*/
+	public function validate_changed($changed)
+	{
+		if (strpos($changed, ' ') !== false)
+		{
+			list($version, $description) = explode(' ', $changed, 2);
+		}
+		else
+		{
+			$version = $changed;
+			$description = '';
+		}
+
+		if (!$this->validate_version($version))
+		{
+			throw new \LogicException("Invalid changed information found for event '{$this->current_event}'");
+		}
+
+		return array($version, $description);
+	}
+
+	/**
+	* Validate "version" Information
+	*
+	* @param string $version
+	* @return bool True if valid, false otherwise
+	*/
+	public function validate_version($version)
+	{
+		return preg_match('#^\d+\.\d+\.\d+(?:-(?:a|b|RC|pl)\d+)?$#', $version);
+	}
+
 	/**
 	* Validate the files list
 	*

phpBB/phpbb/event/php_exporter.php

@@ -25,6 +25,12 @@ class php_exporter
 	/** @var string phpBB Root Path */
 	protected $root_path;
 
+	/** @var string The minimum version for the events to return */
+	protected $min_version;
+
+	/** @var string The maximum version for the events to return */
+	protected $max_version;
+
 	/** @var string */
 	protected $current_file;
 
@@ -43,14 +49,18 @@ class php_exporter
 	/**
 	* @param string $phpbb_root_path
 	* @param mixed $extension	String 'vendor/ext' to filter, null for phpBB core
+	* @param string $min_version
+	* @param string $max_version
 	*/
-	public function __construct($phpbb_root_path, $extension = null)
+	public function __construct($phpbb_root_path, $extension = null, $min_version = null, $max_version = null)
 	{
 		$this->root_path = $phpbb_root_path;
 		$this->path = $phpbb_root_path;
 		$this->events = $this->file_lines = array();
 		$this->current_file = $this->current_event = '';
 		$this->current_event_line = 0;
+		$this->min_version = $min_version;
+		$this->max_version = $max_version;
 
 		$this->path = $this->root_path;
 		if ($extension)
@@ -148,11 +158,20 @@ class php_exporter
 
 	/**
 	* Format the php events as a wiki table
+	*
+	* @param string $action
 	* @return string
 	*/
-	public function export_events_for_wiki()
+	public function export_events_for_wiki($action = '')
 	{
-		$wiki_page = '= PHP Events (Hook Locations) =' . "\n";
+		if ($action === 'diff')
+		{
+			$wiki_page = '=== PHP Events (Hook Locations) ===' . "\n";
+		}
+		else
+		{
+			$wiki_page = '= PHP Events (Hook Locations) =' . "\n";
+		}
 		$wiki_page .= '{| class="sortable zebra" cellspacing="0" cellpadding="5"' . "\n";
 		$wiki_page .= '! Identifier !! Placement !! Arguments !! Added in Release !! Explanation' . "\n";
 		foreach ($this->events as $event)
@@ -215,6 +234,34 @@ class php_exporter
 					$since_line_num = $this->find_since();
 					$since = $this->validate_since($this->file_lines[$since_line_num]);
 
+					$changed_line_nums = $this->find_changed('changed');
+					if (empty($changed_line_nums))
+					{
+						$changed_line_nums = $this->find_changed('change');
+					}
+					$changed_versions = array();
+					if (!empty($changed_line_nums))
+					{
+						foreach ($changed_line_nums as $changed_line_num)
+						{
+							$changed_versions[] = $this->validate_changed($this->file_lines[$changed_line_num]);
+						}
+					}
+
+					if (!$this->version_is_filtered($since))
+					{
+						$valid_version = false;
+						foreach ($changed_versions as $changed)
+						{
+							$valid_version = $valid_version || $this->version_is_filtered($changed);
+						}
+
+						if (!$valid_version)
+						{
+							continue;
+						}
+					}
+
 					// Find event description line
 					$description_line_num = $this->find_description();
 					$description = substr(trim($this->file_lines[$description_line_num]), strlen('* '));
@@ -242,6 +289,18 @@ class php_exporter
 		return $num_events_found;
 	}
 
+	/**
+	 * The version to check
+	 *
+	 * @param string $version
+	 * @return bool
+	 */
+	protected function version_is_filtered($version)
+	{
+		return (!$this->min_version || phpbb_version_compare($this->min_version, $version, '<='))
+			&& (!$this->max_version || phpbb_version_compare($this->max_version, $version, '>='));
+	}
+
 	/**
 	* Find the name of the event inside the dispatch() line
 	*
@@ -448,6 +507,33 @@ class php_exporter
 		return $this->find_tag('since', array('event', 'var'));
 	}
 
+	/**
+	* Find the "@changed" Information lines
+	*
+	* @param string $tag_name Should be 'changed' or 'change'
+	* @return array Absolute line numbers
+	* @throws \LogicException
+	*/
+	public function find_changed($tag_name)
+	{
+		$lines = array();
+		$last_line = 0;
+		try
+		{
+			while ($line = $this->find_tag($tag_name, array('since'), $last_line))
+			{
+				$lines[] = $line;
+				$last_line = $line;
+			}
+		}
+		catch (\LogicException $e)
+		{
+			// Not changed? No problem!
+		}
+
+		return $lines;
+	}
+
 	/**
 	* Find the "@event" Information line
 	*
@@ -464,13 +550,14 @@ class php_exporter
 	* @param string $find_tag		Name of the tag we are trying to find
 	* @param array $disallowed_tags		List of tags that must not appear between
 	*									the tag and the actual event
+	* @param int $skip_to_line		Skip lines until this one
 	* @return int Absolute line number
 	* @throws \LogicException
 	*/
-	public function find_tag($find_tag, $disallowed_tags)
+	public function find_tag($find_tag, $disallowed_tags, $skip_to_line = 0)
 	{
-		$find_tag_line = 0;
+		$find_tag_line = $skip_to_line ? $this->current_event_line - $skip_to_line + 1 : 0;
-		$found_comment_end = false;
+		$found_comment_end = ($skip_to_line) ? true : false;
 		while (strpos(ltrim($this->file_lines[$this->current_event_line - $find_tag_line], "\t "), '* @' . $find_tag . ' ') !== 0)
 		{
 			if ($found_comment_end && ltrim($this->file_lines[$this->current_event_line - $find_tag_line], "\t") === '/**')
@@ -560,6 +647,27 @@ class php_exporter
 		return $match[1];
 	}
 
+	/**
+	* Validate "@changed" Information
+	*
+	* @param string $line
+	* @return string
+	* @throws \LogicException
+	*/
+	public function validate_changed($line)
+	{
+		$match = array();
+		$line = str_replace("\t", ' ', ltrim($line, "\t "));
+		preg_match('#^\* @change(d)? (\d+\.\d+\.\d+(?:-(?:a|b|RC|pl)\d+)?)( (?:.*))?$#', $line, $match);
+		if (!isset($match[2]))
+		{
+			throw new \LogicException("Invalid '@changed' information for event "
+				. "'{$this->current_event}' in file '{$this->current_file}:{$this->current_event_line}'");
+		}
+
+		return $match[2];
+	}
+
 	/**
 	* Validate "@event" Information
 	*

phpBB/phpbb/log/log.php

@@ -521,15 +521,77 @@ class log implements \phpbb\log\log_interface
 			$sql_keywords = $this->generate_sql_keyword($keywords);
 		}
 
+		$get_logs_sql_ary = array(
+			'SELECT' => 'l.*, u.username, u.username_clean, u.user_colour',
+			'FROM' => array(
+						$this->log_table => 'l',
+						USERS_TABLE => 'u',
+					),
+			'WHERE' => 'l.log_type = ' . (int) $log_type . "
+					AND l.user_id = u.user_id
+					$sql_keywords
+					$sql_additional",
+
+			'ORDER_BY' => $sort_by,
+		);
+
+		if ($log_time)
+		{
+			$get_logs_sql_ary['WHERE'] = 'l.log_time >= ' . (int) $log_time . '
+					AND ' . $get_logs_sql_ary['WHERE'];
+		}
+
+		/**
+		* Modify the query to obtain the logs data
+		*
+		* @event core.get_logs_main_query_before
+		* @var	array	get_logs_sql_ary	The array in the format of the query builder with the query
+		*									to get the log count and the log list
+		* @var	string	mode				Mode of the entries we display
+		* @var	bool	count_logs			Do we count all matching entries?
+		* @var	int		limit				Limit the number of entries
+		* @var	int		offset				Offset when fetching the entries
+		* @var	mixed	forum_id			Limit entries to the forum_id,
+		*									can also be an array of forum_ids
+		* @var	int		topic_id			Limit entries to the topic_id
+		* @var	int		user_id				Limit entries to the user_id
+		* @var	int		log_time			Limit maximum age of log entries
+		* @var	string	sort_by				SQL order option
+		* @var	string	keywords			Will only return entries that have the
+		*									keywords in log_operation or log_data
+		* @var	string	profile_url			URL to the users profile
+		* @var	int		log_type			Limit logs to a certain type. If log_type
+		*									is false, no entries will be returned.
+		* @var	string	sql_additional		Additional conditions for the entries,
+		*									e.g.: 'AND l.forum_id = 1'
+		* @since 3.1.5-RC1
+		*/
+		$vars = array(
+			'get_logs_sql_ary',
+			'mode',
+			'count_logs',
+			'limit',
+			'offset',
+			'forum_id',
+			'topic_id',
+			'user_id',
+			'log_time',
+			'sort_by',
+			'keywords',
+			'profile_url',
+			'log_type',
+			'sql_additional',
+		);
+		extract($this->dispatcher->trigger_event('core.get_logs_main_query_before', compact($vars)));
+
 		if ($count_logs)
 		{
-			$sql = 'SELECT COUNT(l.log_id) AS total_entries
+			$count_logs_sql_ary = $get_logs_sql_ary;
-				FROM ' . $this->log_table . ' l, ' . USERS_TABLE . ' u
+
-				WHERE l.log_type = ' . (int) $log_type . '
+			$count_logs_sql_ary['SELECT'] = 'COUNT(l.log_id) AS total_entries';
-					AND l.user_id = u.user_id
+			unset($count_logs_sql_ary['ORDER_BY']);
-					AND l.log_time >= ' . (int) $log_time . "
+
-					$sql_keywords
+			$sql = $this->db->sql_build_query('SELECT', $count_logs_sql_ary);
-					$sql_additional";
 			$result = $this->db->sql_query($sql);
 			$this->entry_count = (int) $this->db->sql_fetchfield('total_entries');
 			$this->db->sql_freeresult($result);
@@ -548,14 +610,7 @@ class log implements \phpbb\log\log_interface
 			}
 		}
 
-		$sql = 'SELECT l.*, u.username, u.username_clean, u.user_colour
+		$sql = $this->db->sql_build_query('SELECT', $get_logs_sql_ary);
-			FROM ' . $this->log_table . ' l, ' . USERS_TABLE . ' u
-			WHERE l.log_type = ' . (int) $log_type . '
-				AND u.user_id = l.user_id
-				' . (($log_time) ? 'AND l.log_time >= ' . (int) $log_time : '') . "
-				$sql_keywords
-				$sql_additional
-			ORDER BY $sort_by";
 		$result = $this->db->sql_query_limit($sql, $limit, $this->last_page_offset);
 
 		$i = 0;

phpBB/phpbb/notification/type/admin_activate_user.php

@@ -104,7 +104,7 @@ class admin_activate_user extends \phpbb\notification\type\base
 	*/
 	public function get_avatar()
 	{
-		return $this->user_loader->get_avatar($this->item_id);
+		return $this->user_loader->get_avatar($this->item_id, false, true);
 	}
 
 	/**

phpBB/phpbb/notification/type/group_request.php

@@ -96,7 +96,7 @@ class group_request extends \phpbb\notification\type\base
 	*/
 	public function get_avatar()
 	{
-		return $this->user_loader->get_avatar($this->item_id);
+		return $this->user_loader->get_avatar($this->item_id, false, true);
 	}
 
 	/**

phpBB/phpbb/notification/type/pm.php

@@ -100,7 +100,7 @@ class pm extends \phpbb\notification\type\base
 	*/
 	public function get_avatar()
 	{
-		return $this->user_loader->get_avatar($this->get_data('from_user_id'));
+		return $this->user_loader->get_avatar($this->get_data('from_user_id'), false, true);
 	}
 
 	/**

phpBB/phpbb/notification/type/post.php

@@ -165,7 +165,7 @@ class post extends \phpbb\notification\type\base
 	*/
 	public function get_avatar()
 	{
-		return $this->user_loader->get_avatar($this->get_data('poster_id'));
+		return $this->user_loader->get_avatar($this->get_data('poster_id'), false, true);
 	}
 
 	/**