diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index c602cfdcd2..12801b1fc8 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -53,6 +53,7 @@
  1. Changelog
      +
    1. Changes since 3.0.0
    2. Changes since RC-8
    3. Changes since RC-7
    4. Changes since RC-6
      5. @@ -70,7 +71,7 @@ - +

      1. Changelog

      @@ -80,6 +81,12 @@
      +

      1.i. Changes since 3.0.0

      + +
        +
      • [Change] Validate birthdays (Bug #15004)
        • +
      +

      1.i. Changes since 3.0.RC8

        diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index 260acbbc52..310759d38c 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -1060,9 +1060,11 @@ class acp_users list($data['bday_day'], $data['bday_month'], $data['bday_year']) = explode('-', $user_row['user_birthday']); } - $data['bday_day'] = request_var('bday_day', $data['bday_day']); - $data['bday_month'] = request_var('bday_month', $data['bday_month']); - $data['bday_year'] = request_var('bday_year', $data['bday_year']); + $data['bday_day'] = request_var('bday_day', $data['bday_day']); + $data['bday_month'] = request_var('bday_month', $data['bday_month']); + $data['bday_year'] = request_var('bday_year', $data['bday_year']); + $data['user_birthday'] = sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']); + if ($submit) { @@ -1085,6 +1087,7 @@ class acp_users 'bday_day' => array('num', true, 1, 31), 'bday_month' => array('num', true, 1, 12), 'bday_year' => array('num', true, 1901, gmdate('Y', time())), + 'user_birthday' => array('date', true), )); // validate custom profile fields @@ -1111,7 +1114,7 @@ class acp_users 'user_from' => $data['location'], 'user_occ' => $data['occupation'], 'user_interests'=> $data['interests'], - 'user_birthday' => sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']), + 'user_birthday' => $data['user_birthday'], ); $sql = 'UPDATE ' . USERS_TABLE . ' diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index fa7025f2c2..c9921cc6f0 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -1260,6 +1260,45 @@ function validate_num($num, $optional = false, $min = 0, $max = 1E99) return false; } +/** +* Validate Date +* @param String $string a date in the dd-mm-yyyy format +* @return boolean +*/ +function validate_date($date_string, $optional = false) +{ + $date = explode('-', $date_string); + if ((empty($date) || sizeof($date) != 3) && $optional) + { + return false; + } + else if ($optional) + { + for ($field = 0; $field <= 1; $field++) + { + $date[$field] = (int) $date[$field]; + if (empty($date[$field])) + { + $date[$field] = 1; + } + } + $date[2] = (int) $date[2]; + // assume an arbitrary leap year + if (empty($date[2])) + { + $date[2] = 1980; + } + } + + if (sizeof($date) != 3 || !checkdate($date[1], $date[0], $date[2])) + { + return 'INVALID'; + } + + return false; +} + + /** * Validate Match * diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php index 3fe3d72d59..0f3cc218c3 100644 --- a/phpBB/includes/ucp/ucp_profile.php +++ b/phpBB/includes/ucp/ucp_profile.php @@ -295,6 +295,7 @@ class ucp_profile $data['bday_day'] = request_var('bday_day', $data['bday_day']); $data['bday_month'] = request_var('bday_month', $data['bday_month']); $data['bday_year'] = request_var('bday_year', $data['bday_year']); + $data['user_birthday'] = sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']); } add_form_key('ucp_profile_info'); @@ -325,6 +326,7 @@ class ucp_profile 'bday_day' => array('num', true, 1, 31), 'bday_month' => array('num', true, 1, 12), 'bday_year' => array('num', true, 1901, gmdate('Y', time()) + 50), + 'user_birthday' => array('date', true), )); } @@ -359,7 +361,7 @@ class ucp_profile if ($config['allow_birthdays']) { - $sql_ary['user_birthday'] = sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']); + $sql_ary['user_birthday'] = $data['user_birthday']; } $sql = 'UPDATE ' . USERS_TABLE . ' diff --git a/phpBB/language/en/ucp.php b/phpBB/language/en/ucp.php index 0a553b9366..d7006549ce 100644 --- a/phpBB/language/en/ucp.php +++ b/phpBB/language/en/ucp.php @@ -223,6 +223,7 @@ $lang = array_merge($lang, array( 'IF_FOLDER_FULL' => 'If folder is full', 'IMPORTANT_NEWS' => 'Important announcements', + 'INVALID_USER_BIRTHDAY' => 'The entered birthday is not a valid date.', 'INVALID_CHARS_USERNAME' => 'The username contains forbidden characters.', 'INVALID_CHARS_NEW_PASSWORD'=> 'The password does not contain the required characters.', 'ITEMS_REQUIRED' => 'The items marked with * are required profile fields and need to be filled out.',