From 12c75a0991a59eecd274eb2b03476e80ae608eaa Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Mon, 30 Oct 2006 19:51:56 +0000 Subject: [PATCH] - temporarily disable x-sendfile support (we need to look into methods of checking if it is enabled/disabled or introducing a switch) - finally allow custom permission settings files (in acp/ as well as in mods/) git-svn-id: file:///svn/phpbb/trunk@6539 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/download.php | 22 +++++---- phpBB/includes/acp/acp_permission_roles.php | 2 +- phpBB/includes/acp/acp_permissions.php | 2 +- phpBB/includes/acp/acp_users.php | 2 +- phpBB/includes/functions_admin.php | 41 ++++++++++++++++- phpBB/includes/utf/utf_tools.php | 15 +++--- phpBB/install/index.php | 4 +- phpBB/language/en/acp/permissions_phpbb.php | 51 ++++++++++++--------- 8 files changed, 97 insertions(+), 42 deletions(-) diff --git a/phpBB/download.php b/phpBB/download.php index 6f4dc329f7..dd81f1df4c 100644 --- a/phpBB/download.php +++ b/phpBB/download.php @@ -222,14 +222,20 @@ function send_file_to_browser($attachment, $upload_dir, $category) // Now the tricky part... let's dance header('Pragma: public'); - // Try X-Sendfile since it is much more server friendly - only works if the path is *not* outside of the root path... - // lighttpd has core support for it. An apache2 module is available at http://celebnamer.celebworld.ws/stuff/mod_xsendfile/ - - // Not really ideal, but should work fine... - if (strpos($upload_dir, '/') !== 0 && strpos($upload_dir, '../') === false) - { - header('X-Sendfile: ' . $filename); - } + /** + * Commented out X-Sendfile support. To not expose the physical filename within the header if xsendfile is absent we need to look into methods of checking it's status. + * + * Try X-Sendfile since it is much more server friendly - only works if the path is *not* outside of the root path... + * lighttpd has core support for it. An apache2 module is available at http://celebnamer.celebworld.ws/stuff/mod_xsendfile/ + * + * Not really ideal, but should work fine... + * + * if (strpos($upload_dir, '/') !== 0 && strpos($upload_dir, '../') === false) + { + header('X-Sendfile: ' . $filename); + } + * + */ // Send out the Headers. Do not set Content-Disposition to inline please, it is a security measure for users using the Internet Explorer. header('Content-Type: ' . $attachment['mimetype']); diff --git a/phpBB/includes/acp/acp_permission_roles.php b/phpBB/includes/acp/acp_permission_roles.php index 99c0181f0a..004d9f55af 100644 --- a/phpBB/includes/acp/acp_permission_roles.php +++ b/phpBB/includes/acp/acp_permission_roles.php @@ -26,7 +26,7 @@ class acp_permission_roles $auth_admin = new auth_admin(); $user->add_lang('acp/permissions'); - $user->add_lang('acp/permissions_phpbb'); + add_permission_language(); $this->tpl_name = 'acp_permission_roles'; diff --git a/phpBB/includes/acp/acp_permissions.php b/phpBB/includes/acp/acp_permissions.php index 5fcf692735..5354d70f72 100644 --- a/phpBB/includes/acp/acp_permissions.php +++ b/phpBB/includes/acp/acp_permissions.php @@ -27,7 +27,7 @@ class acp_permissions $auth_admin = new auth_admin(); $user->add_lang('acp/permissions'); - $user->add_lang('acp/permissions_phpbb'); + add_permission_language(); $this->tpl_name = 'acp_permissions'; diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index 485bff7bc8..7728df6275 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -1959,7 +1959,7 @@ class acp_users $auth_admin = new auth_admin(); $user->add_lang('acp/permissions'); - $user->add_lang('acp/permissions_phpbb'); + add_permission_language(); // Select auth options $sql = 'SELECT auth_option, is_local, is_global diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index ceb14d42e1..70c5b2bae3 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -2608,9 +2608,46 @@ function tidy_database() { global $db; - - set_config('database_last_gc', time(), true); } +/** +* Add permission language - this will make sure custom files will be included +*/ +function add_permission_language() +{ + global $user, $phpEx; + + // First of all, our own file. + $user->add_lang('acp/permissions_phpbb'); + + $files_to_add = array(); + + // Now search in acp and mods folder for permissions_ files. + foreach (array('acp/', 'mods/') as $path) + { + $dh = opendir($user->lang_path . $path); + + if ($dh !== false) + { + while (($file = readdir($dh)) !== false) + { + if (strpos($file, 'permissions_') === 0 && strpos($file, 'permissions_phpbb') === false && substr($file, -(strlen($phpEx) + 1)) === '.' . $phpEx) + { + $files_to_add[] = $path . substr($file, 0, -(strlen($phpEx) + 1)); + } + } + closedir($dh); + } + } + + if (!sizeof($files_to_add)) + { + return false; + } + + $user->add_lang($files_to_add); + return true; +} + ?> \ No newline at end of file diff --git a/phpBB/includes/utf/utf_tools.php b/phpBB/includes/utf/utf_tools.php index 1f9a698163..24aeb35d02 100644 --- a/phpBB/includes/utf/utf_tools.php +++ b/phpBB/includes/utf/utf_tools.php @@ -111,16 +111,13 @@ if (extension_loaded('mbstring')) * * Notes: * - offset for mb_strrpos was added in 5.2.0, we emulate if it is lower - * - * @author Harry Fuecks - * @param string haystack - * @param string needle - * @param integer (optional) offset (from left) - * @return mixed integer position or FALSE on failure - * @ignore */ if (version_compare(phpversion(), '5.2.0', '>=')) { + /** + * UTF-8 aware alternative to strrpos + * @ignore + */ function utf8_strrpos($str, $needle, $offset = null) { // Emulate behaviour of strrpos rather than raising warning @@ -134,6 +131,10 @@ if (extension_loaded('mbstring')) } else { + /** + * UTF-8 aware alternative to strrpos + * @ignore + */ function utf8_strrpos($str, $needle, $offset = null) { // offset for mb_strrpos was added in 5.2.0 diff --git a/phpBB/install/index.php b/phpBB/install/index.php index 172d296399..eaa0ff12d4 100755 --- a/phpBB/install/index.php +++ b/phpBB/install/index.php @@ -8,10 +8,12 @@ * */ -/** +/**#@+ +* @ignore */ define('IN_PHPBB', true); define('IN_INSTALL', true); +/**#@-*/ $phpbb_root_path = './../'; $phpEx = substr(strrchr(__FILE__, '.'), 1); diff --git a/phpBB/language/en/acp/permissions_phpbb.php b/phpBB/language/en/acp/permissions_phpbb.php index ddadceac7a..df2d9e8c6f 100644 --- a/phpBB/language/en/acp/permissions_phpbb.php +++ b/phpBB/language/en/acp/permissions_phpbb.php @@ -1,14 +1,11 @@ array('lang' => 'Can view bug reports', 'cat' => 'bugs'), - 'acl_bug_post' => array('lang' => 'Can post bugs', 'cat' => 'post'), // Using a phpBB category here - )); +/** +* MODDERS PLEASE NOTE +* +* You are able to put your permission sets into a seperate file too by +* prefixing the new file with permissions_ and putting it into the acp +* language folder. +* +* An example of how the file could look like: +* +* +* +* if (empty($lang) || !is_array($lang)) +* { +* $lang = array(); +* } +* +* // Adding new category +* $lang['permission_cat']['bugs'] = 'Bugs'; +* +* // Adding new permission set +* $lang['permission_type']['bug_'] = 'Bug Permissions'; +* +* // Adding the permissions +* $lang = array_merge($lang, array( +* 'acl_bug_view' => array('lang' => 'Can view bug reports', 'cat' => 'bugs'), +* 'acl_bug_post' => array('lang' => 'Can post bugs', 'cat' => 'post'), // Using a phpBB category here +* )); +* +* */ // Define categories and permission types @@ -214,8 +224,7 @@ $lang = array_merge($lang, array( 'acl_a_email' => array('lang' => 'Can send mass email', 'cat' => 'misc'), 'acl_a_bots' => array('lang' => 'Can manage bots', 'cat' => 'misc'), 'acl_a_reasons' => array('lang' => 'Can manage report/denial reasons', 'cat' => 'misc'), - 'acl_a_backup' => array('lang' => 'Can backup database', 'cat' => 'misc'), -# 'acl_a_restore' => array('lang' => 'Can restore database', 'cat' => 'misc'), + 'acl_a_backup' => array('lang' => 'Can backup/restore database', 'cat' => 'misc'), 'acl_a_search' => array('lang' => 'Can manage search backends and settings', 'cat' => 'misc'), ));