- temporarily disable x-sendfile support (we need to look into methods of checking if it is enabled/disabled or introducing a switch)

- finally allow custom permission settings files (in acp/ as well as in mods/) git-svn-id: file:///svn/phpbb/trunk@6539 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-06-12 22:38:52 +00:00 · 2006-10-30 19:51:56 +00:00 · 2006-10-30 19:51:56 +00:00 · 12c75a0991
commit 12c75a0991
parent c44f6ca080
8 changed files with 97 additions and 42 deletions
--- a/phpBB/download.php
+++ b/phpBB/download.php
@ -222,14 +222,20 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 	// Now the tricky part... let's dance
 	header('Pragma: public');
-	// Try X-Sendfile since it is much more server friendly - only works if the path is *not* outside of the root path...
+	/**
-	// lighttpd has core support for it. An apache2 module is available at http://celebnamer.celebworld.ws/stuff/mod_xsendfile/
+	* Commented out X-Sendfile support. To not expose the physical filename within the header if xsendfile is absent we need to look into methods of checking it's status.
-
+	*
-	// Not really ideal, but should work fine...
+	* Try X-Sendfile since it is much more server friendly - only works if the path is *not* outside of the root path...
-	if (strpos($upload_dir, '/') !== 0 && strpos($upload_dir, '../') === false)
+	* lighttpd has core support for it. An apache2 module is available at http://celebnamer.celebworld.ws/stuff/mod_xsendfile/
-	{
+	*
-		header('X-Sendfile: ' . $filename);
+	* Not really ideal, but should work fine...
-	}
+	* <code>
 	*	if (strpos($upload_dir, '/') !== 0 && strpos($upload_dir, '../') === false)
 		{
 			header('X-Sendfile: ' . $filename);
 		}
 	* </code>
 	*/
 	// Send out the Headers. Do not set Content-Disposition to inline please, it is a security measure for users using the Internet Explorer.
 	header('Content-Type: ' . $attachment['mimetype']);
--- a/phpBB/includes/acp/acp_permission_roles.php
+++ b/phpBB/includes/acp/acp_permission_roles.php
@ -26,7 +26,7 @@ class acp_permission_roles
 		$auth_admin = new auth_admin();
 		$user->add_lang('acp/permissions');
-		$user->add_lang('acp/permissions_phpbb');
+		add_permission_language();
 		$this->tpl_name = 'acp_permission_roles';
--- a/phpBB/includes/acp/acp_permissions.php
+++ b/phpBB/includes/acp/acp_permissions.php
@ -27,7 +27,7 @@ class acp_permissions
 		$auth_admin = new auth_admin();
 		$user->add_lang('acp/permissions');
-		$user->add_lang('acp/permissions_phpbb');
+		add_permission_language();
 		$this->tpl_name = 'acp_permissions';
--- a/phpBB/includes/acp/acp_users.php
+++ b/phpBB/includes/acp/acp_users.php
@ -1959,7 +1959,7 @@ class acp_users
 				$auth_admin = new auth_admin();
 				$user->add_lang('acp/permissions');
-				$user->add_lang('acp/permissions_phpbb');
+				add_permission_language();
 				// Select auth options
 				$sql = 'SELECT auth_option, is_local, is_global
--- a/phpBB/includes/functions_admin.php
+++ b/phpBB/includes/functions_admin.php
@ -2608,9 +2608,46 @@ function tidy_database()
 {
 	global $db;
 	set_config('database_last_gc', time(), true);
 }
 /**
 * Add permission language - this will make sure custom files will be included
 */
 function add_permission_language()
 {
 	global $user, $phpEx;
 	// First of all, our own file.
 	$user->add_lang('acp/permissions_phpbb');
 	$files_to_add = array();
 	// Now search in acp and mods folder for permissions_ files.
 	foreach (array('acp/', 'mods/') as $path)
 	{
 		$dh = opendir($user->lang_path . $path);
 		if ($dh !== false)
 		{
 			while (($file = readdir($dh)) !== false)
 			{
 				if (strpos($file, 'permissions_') === 0 && strpos($file, 'permissions_phpbb') === false && substr($file, -(strlen($phpEx) + 1)) === '.' . $phpEx)
 				{
 					$files_to_add[] = $path . substr($file, 0, -(strlen($phpEx) + 1));
 				}
 			}
 			closedir($dh);
 		}
 	}
 	if (!sizeof($files_to_add))
 	{
 		return false;
 	}
 	$user->add_lang($files_to_add);
 	return true;
 }
 ?>
--- a/phpBB/includes/utf/utf_tools.php
+++ b/phpBB/includes/utf/utf_tools.php
@ -111,16 +111,13 @@ if (extension_loaded('mbstring'))
 	*
 	* Notes:
 	* - offset for mb_strrpos was added in 5.2.0, we emulate if it is lower
 	* 
 	* @author Harry Fuecks
 	* @param string haystack
 	* @param string needle
 	* @param integer (optional) offset (from left)
 	* @return mixed integer position or FALSE on failure
 	* @ignore
 	*/
 	if (version_compare(phpversion(), '5.2.0', '>='))
 	{
 		/**
 		* UTF-8 aware alternative to strrpos
 		* @ignore
 		*/
 		function utf8_strrpos($str,	$needle, $offset = null)
 		{
 			// Emulate behaviour of strrpos rather than raising warning
@ -134,6 +131,10 @@ if (extension_loaded('mbstring'))
 	}
 	else
 	{
 		/**
 		* UTF-8 aware alternative to strrpos
 		* @ignore
 		*/
 		function utf8_strrpos($str,	$needle, $offset = null)
 		{
 			// offset for mb_strrpos was added in 5.2.0
--- a/phpBB/install/index.php
+++ b/phpBB/install/index.php
@ -8,10 +8,12 @@
 *
 */
-/**
+/**#@+
 * @ignore
 */
 define('IN_PHPBB', true);
 define('IN_INSTALL', true);
 /**#@-*/
 $phpbb_root_path = './../';
 $phpEx = substr(strrchr(__FILE__, '.'), 1);
--- a/phpBB/language/en/acp/permissions_phpbb.php
+++ b/phpBB/language/en/acp/permissions_phpbb.php
@ -1,14 +1,11 @@
 <?php
 /** 
 *
 * acp_permissions (phpBB Permission Set) [English]
 *
 * @package language
 * @version $Id$
 * @copyright (c) 2005 phpBB Group 
 * @license http://opensource.org/licenses/gpl-license.php GNU Public License 
 *
 * @todo You are able to put your permission sets into a seperate file too by prefixing it with permissions_ and putting it into the acp language folder.
 */
 /**
@ -31,22 +28,35 @@ if (empty($lang) || !is_array($lang))
 // equally where a string contains only two placeholders which are used to wrap text
 // in a url you again do not need to specify an order e.g., 'Click %sHERE%s' is fine
-/*
+/**
-	MODDERS PLEASE NOTE
+*	MODDERS PLEASE NOTE
-	
+*	
-	Please add your permission settings this way:
+*	You are able to put your permission sets into a seperate file too by
-
+*	prefixing the new file with permissions_ and putting it into the acp 
-	// Adding new category
+*	language folder.
-	$lang['permission_cat']['bugs'] = 'Bugs';
+*
-
+*	An example of how the file could look like:
-	// Adding new permission set
+*
-	$lang['permission_type']['bug_'] = 'Bug Permissions';
+*	<code>
-
+*
-	// Adding the permissions
+*	if (empty($lang) || !is_array($lang))
-	$lang = array_merge($lang, array(
+*	{
-		'acl_bug_view'		=> array('lang' => 'Can view bug reports', 'cat' => 'bugs'),
+*		$lang = array();
-		'acl_bug_post'		=> array('lang' => 'Can post bugs', 'cat' => 'post'), // Using a phpBB category here
+*	}
-	));
+*
 *	// Adding new category
 *	$lang['permission_cat']['bugs'] = 'Bugs';
 *
 *	// Adding new permission set
 *	$lang['permission_type']['bug_'] = 'Bug Permissions';
 *
 *	// Adding the permissions
 *	$lang = array_merge($lang, array(
 *		'acl_bug_view'		=> array('lang' => 'Can view bug reports', 'cat' => 'bugs'),
 *		'acl_bug_post'		=> array('lang' => 'Can post bugs', 'cat' => 'post'), // Using a phpBB category here
 *	));
 *
 *	</code>
 */
 // Define categories and permission types
@ -214,8 +224,7 @@ $lang = array_merge($lang, array(
 	'acl_a_email'		=> array('lang' => 'Can send mass email', 'cat' => 'misc'),
 	'acl_a_bots'		=> array('lang' => 'Can manage bots', 'cat' => 'misc'),
 	'acl_a_reasons'		=> array('lang' => 'Can manage report/denial reasons', 'cat' => 'misc'),
-	'acl_a_backup'		=> array('lang' => 'Can backup database', 'cat' => 'misc'),
+	'acl_a_backup'		=> array('lang' => 'Can backup/restore database', 'cat' => 'misc'),
 #	'acl_a_restore'		=> array('lang' => 'Can restore database', 'cat' => 'misc'),
 	'acl_a_search'		=> array('lang' => 'Can manage search backends and settings', 'cat' => 'misc'),
 ));