diff --git a/build/build.xml b/build/build.xml index c97a2eec7a..7917b840b6 100644 --- a/build/build.xml +++ b/build/build.xml @@ -3,8 +3,8 @@ - - + + diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index e23a1bebb1..a6ad4897b3 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -20,7 +20,7 @@
- +

phpBB 3.3.x Changelog

Skip

@@ -50,6 +50,7 @@
  1. Changelog
      +
    • Changes since 3.3.0-RC1
    • Changes since 3.3.0-b2
    • Changes since 3.3.0-b1
    • Changes since 3.2.x
      • @@ -145,6 +146,50 @@
      +

      Changes since 3.3.0-RC1

      +

      Bug

      +
        +
      • [PHPBB3-15592] - "Place inline" button appears when BBcode is disabled (Post settings)
        • +
      • [PHPBB3-15902] - Out of range error with Sphinx search
        • +
      • [PHPBB3-16209] - Nginx example configuration file blocks an image in the ACP
        • +
      • [PHPBB3-16230] - Check phrasing of FILESYSTEM_CANNOT_* lang keys
        • +
      • [PHPBB3-16257] - Typo in Email Settings section
        • +
      • [PHPBB3-16260] - Missing check whether the index exists in ACP - PHP 7.4
        • +
      • [PHPBB3-16261] - Missing check whether the index exists in install - PHP 7.4
        • +
      • [PHPBB3-16262] - php 7.3 compact() calls with undefined variables causing error page
        • +
      • [PHPBB3-16263] - Apache auth provider test fails on bamboo
        • +
      • [PHPBB3-16266] - Error on clean install with PHP 7.4
        • +
      • [PHPBB3-16267] - Check whether the index exists in ACP BBcodes - PHP 7.4
        • +
      • [PHPBB3-16273] - Trying to access array offset on value of type bool in Memberlist
        • +
      • [PHPBB3-16274] - compact() calls with undefined variables in search.php
        • +
      • [PHPBB3-16276] - Undefined $mode property in bbcode_firstpass class
        • +
      • [PHPBB3-16278] - Update instructions (INSTALL.html)
        • +
      • [PHPBB3-16281] - Extensions' Tab does not show up automatically
        • +
      • [PHPBB3-16282] - Default jQuery CDN URL is outdated on new installs
        • +
      • [PHPBB3-16285] - Missing sanity checks in migrations for 3.3
        • +
      • [PHPBB3-16287] - At first ACP screen after install, error message regarding statistics submission
        • +
      • [PHPBB3-16293] - Update hashes cron produces invalid hashes while updating from 3.0
        • +
      +

      Improvement

      + +

      Security

      +
        +
      • [SECURITY-249] - Group avatar overwrite on invalid submit
        • +
      • [SECURITY-250] - Group leader can be tricked into approving user
        • +
      +

      Hardening

      +
        +
      • [SECURITY-251] - Unwanted move of PMs to folders
        • +
      • [SECURITY-252] - PMs of unsuspecting users can be marked as important
        • +
      • [SECURITY-253] - PM export without proper validation
        • +
      +

      Changes since 3.3.0-b2

      Bug

        diff --git a/phpBB/docs/FAQ.html b/phpBB/docs/FAQ.html index fb097911d8..5e0403e804 100644 --- a/phpBB/docs/FAQ.html +++ b/phpBB/docs/FAQ.html @@ -20,7 +20,7 @@
        - +

        phpBB 3.3.x FAQ

        phpBB 3.3.x frequently asked questions

        Skip

        diff --git a/phpBB/docs/INSTALL.html b/phpBB/docs/INSTALL.html index 7d759b42f0..d196403f62 100644 --- a/phpBB/docs/INSTALL.html +++ b/phpBB/docs/INSTALL.html @@ -20,7 +20,7 @@
        - +

        phpBB 3.3.x Install

        phpBB 3.3.x Installation, updating and conversion information

        Skip

        diff --git a/phpBB/docs/README.html b/phpBB/docs/README.html index 32b2d98ab4..824a604105 100644 --- a/phpBB/docs/README.html +++ b/phpBB/docs/README.html @@ -20,7 +20,7 @@
        - +

        phpBB 3.3.x Readme

        Skip

        diff --git a/phpBB/docs/assets/css/stylesheet.css b/phpBB/docs/assets/css/stylesheet.css index c090ab7e07..b240a90d58 100644 --- a/phpBB/docs/assets/css/stylesheet.css +++ b/phpBB/docs/assets/css/stylesheet.css @@ -104,14 +104,14 @@ h4 { border-top: 1px solid #ccc; } -code { - color: #006600; - font-weight: normal; - font-family: 'Courier New', monospace; - border-color: #D1D7DC; - border-width: 1px; - border-style: solid; - background-color: #FAFAFA; +code { + color: #006600; + font-weight: normal; + font-family: 'Courier New', monospace; + border-color: #D1D7DC; + border-width: 1px; + border-style: solid; + background-color: #FAFAFA; padding: 0 4px; } @@ -154,6 +154,14 @@ a#logo:hover { text-decoration: none; } +.site_logo { + background-image: url("../images/site_logo.svg"); + background-repeat: no-repeat; + display: inline-block; + width: 149px; + height: 52px; +} + #doc-description { float: left; width: 70%; diff --git a/phpBB/docs/assets/images/site_logo.gif b/phpBB/docs/assets/images/site_logo.gif deleted file mode 100644 index 2517fbedd6..0000000000 Binary files a/phpBB/docs/assets/images/site_logo.gif and /dev/null differ diff --git a/phpBB/docs/assets/images/site_logo.svg b/phpBB/docs/assets/images/site_logo.svg new file mode 100644 index 0000000000..4ce8903417 --- /dev/null +++ b/phpBB/docs/assets/images/site_logo.svg @@ -0,0 +1,6 @@ + + + + + + diff --git a/phpBB/docs/auth_api.html b/phpBB/docs/auth_api.html index 960fa76417..c011fdc27f 100644 --- a/phpBB/docs/auth_api.html +++ b/phpBB/docs/auth_api.html @@ -20,7 +20,7 @@
        - +

        Auth API

        This is an explanation of how to use the phpBB auth/acl API

        Skip

        diff --git a/phpBB/docs/coding-guidelines.html b/phpBB/docs/coding-guidelines.html index 43551252ad..bcda452a7c 100644 --- a/phpBB/docs/coding-guidelines.html +++ b/phpBB/docs/coding-guidelines.html @@ -4,7 +4,7 @@ - + phpBB3 • Coding Guidelines @@ -20,9 +20,9 @@
        - +

        Coding Guidelines

        -

        Rhea coding guidelines document

        +

        Proteus coding guidelines document

        Skip

        @@ -37,7 +37,7 @@

        - These are the phpBB Coding Guidelines for Rhea, all attempts should be made to follow them as closely as possible. + These are the phpBB Coding Guidelines for Proteus, all attempts should be made to follow them as closely as possible.

        Coding Guidelines

        diff --git a/phpBB/phpbb/cron/task/core/update_hashes.php b/phpBB/phpbb/cron/task/core/update_hashes.php index ba095abc8b..9e938f74dd 100644 --- a/phpBB/phpbb/cron/task/core/update_hashes.php +++ b/phpBB/phpbb/cron/task/core/update_hashes.php @@ -56,7 +56,7 @@ class update_hashes extends \phpbb\cron\task\base foreach ($defaults as $type) { - if ($hashing_algorithms[$type]->is_supported()) + if ($hashing_algorithms[$type]->is_supported() && !$hashing_algorithms[$type] instanceof \phpbb\passwords\driver\base_native) { $this->default_type = $type; break; diff --git a/phpBB/phpbb/db/migration/data/v330/v330.php b/phpBB/phpbb/db/migration/data/v330/v330.php new file mode 100644 index 0000000000..05baffbdbd --- /dev/null +++ b/phpBB/phpbb/db/migration/data/v330/v330.php @@ -0,0 +1,37 @@ + +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb\db\migration\data\v330; + +class v330 extends \phpbb\db\migration\migration +{ + public function effectively_installed() + { + return version_compare($this->config['version'], '3.3.0', '>='); + } + + static public function depends_on() + { + return array( + '\phpbb\db\migration\data\v32x\v329', + '\phpbb\db\migration\data\v330\v330rc1', + ); + } + + public function update_data() + { + return array( + array('config.update', array('version', '3.3.0')), + ); + } +} diff --git a/phpBB/phpbb/passwords/driver/argon2i.php b/phpBB/phpbb/passwords/driver/argon2i.php index bf4d6ec33a..03368f6361 100644 --- a/phpBB/phpbb/passwords/driver/argon2i.php +++ b/phpBB/phpbb/passwords/driver/argon2i.php @@ -37,23 +37,15 @@ class argon2i extends base_native { parent::__construct($config, $helper); - // Workaround to prevent "Use of undefined constant" warning on some unsupported PHP installations - if (!defined('PASSWORD_ARGON2I')) - { - define('PASSWORD_ARGON2_DEFAULT_MEMORY_COST', 1024); - define('PASSWORD_ARGON2_DEFAULT_TIME_COST', 2); - define('PASSWORD_ARGON2_DEFAULT_THREADS', 1); - } - /** * For Sodium implementation of argon2 algorithm (since PHP 7.4), set special value of 1 for "threads" cost factor * See https://wiki.php.net/rfc/sodium.argon.hash and PHPBB3-16266 * Don't allow cost factors to be below default settings where possible */ - $this->memory_cost = max($memory_cost, PASSWORD_ARGON2_DEFAULT_MEMORY_COST); - $this->time_cost = max($time_cost, PASSWORD_ARGON2_DEFAULT_TIME_COST); + $this->memory_cost = max($memory_cost, defined('PASSWORD_ARGON2_DEFAULT_MEMORY_COST') ? PASSWORD_ARGON2_DEFAULT_MEMORY_COST : 1024); + $this->time_cost = max($time_cost, defined('PASSWORD_ARGON2_DEFAULT_TIME_COST') ? PASSWORD_ARGON2_DEFAULT_TIME_COST : 2); $this->threads = (defined('PASSWORD_ARGON2_PROVIDER') && PASSWORD_ARGON2_PROVIDER == 'sodium') ? - PASSWORD_ARGON2_DEFAULT_THREADS : max($threads, PASSWORD_ARGON2_DEFAULT_THREADS); + PASSWORD_ARGON2_DEFAULT_THREADS : max($threads, defined('PASSWORD_ARGON2_DEFAULT_THREADS') ? PASSWORD_ARGON2_DEFAULT_THREADS : 1); } /**