Fixes in both CAPTCHA and Compress

Compress:
- The "crc bug" is not a bug, it is actually a feature (the function returns an Adler hash, not a crc hash. This is more usefull for PNG files..) and was "fixed" by using the proper function instead of munging a substring
- Zip files that are BZip2'd are now supported for extraction :-)

CAPTCHA:
- PNG generation now returns positive numbers for CRC, length, height and width!
- We generate a variable number of images


git-svn-id: file:///svn/phpbb/trunk@5496 89ea8834-ac86-4346-8a33-228a782c2dd0

phpBB/includes/functions_compress.php

@@ -246,7 +246,7 @@ class compress_zip extends compress
 							{
 								trigger_error("Could not create directory $dir");
 							}
-							@chmod("$dir", 0777);
+							@chmod("$dst$str", 0777);
 						}
 					}
 				}
@@ -270,22 +270,28 @@ class compress_zip extends compress
 				$mode = $fdetails['c_method'];
 				$content = fread($this->fp, $fdetails['c_size']);
 
+
+				$fp = fopen($target_filename, "w");
+
 				switch ($mode)
 				{
 					case 0:
 						// Not compressed
-						$fp = fopen($target_filename, "w");
 						fwrite($fp, $content);
-						fclose($fp);
 					break;
 				
 					case 8:
 						// Deflate
-						$fp = fopen($target_filename, "w");
 						fwrite($fp, gzinflate($content, $fdetails['uc_size']));
-						fclose($fp);
+					break;
+
+					case 12:
+						// Bzip2
+						fwrite($fp, bzdecompress($content));
 					break;
 				}
+				
+				fclose($fp);
 			}
 		}
 	}
@@ -306,7 +312,7 @@ class compress_zip extends compress
 		$name = str_replace('\\', '/', $name);
 
 		$dtime = dechex($this->unix_to_dos_time($stat[9]));
-		$hexdtime = pack('H*', $dtime[6] . $dtime[7] . $dtime[4] . $dtime[5] . $dtime[2] . $dtime[3] . $dtime[0] . $dtime[1]);
+		$hexdtime = pack('H8', $dtime[6] . $dtime[7] . $dtime[4] . $dtime[5] . $dtime[2] . $dtime[3] . $dtime[0] . $dtime[1]);
 
 		if ($is_dir)
 		{
@@ -317,8 +323,7 @@ class compress_zip extends compress
 		{
 			$unc_len = strlen($data);
 			$crc = crc32($data);
-			$zdata = gzcompress($data);
-			$zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2); // fix crc bug
+			$zdata = gzdeflate($data);
 			$c_len = strlen($zdata);
 
 			// Did we compress? No, then use data as is

phpBB/includes/ucp/ucp_confirm.php

@@ -24,7 +24,7 @@ class ucp_confirm
 {
 	function main($id, $mode)
 	{
-		global $config, $db, $user, $auth, $SID, $template, $phpbb_root_path, $phpEx;
+		global $db, $user;
 
 		// Do we have an id? No, then just exit
 		$confirm_id = request_var('id', '');
@@ -34,13 +34,10 @@ class ucp_confirm
 			exit;
 		}
 
-		// Define available charset
-		$chars = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J',  'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T',  'U', 'V', 'W', 'X', 'Y', 'Z', '1', '2', '3', '4', '5', '6', '7', '8', '9');
-
 		// Try and grab code for this id and session
 		$sql = 'SELECT code  
 			FROM ' . CONFIRM_TABLE . " 
-			WHERE session_id = '" . $db->sql_escape($user->data['session_id']) . "' 
+			WHERE session_id = '" . $db->sql_escape($user->session_id) . "' 
 				AND confirm_id = '" . $db->sql_escape($confirm_id) . "'";
 		$result = $db->sql_query($sql);
 
@@ -198,9 +195,9 @@ class ucp_confirm
 		$raw = $type;
 		$raw .= $data;
 		$crc = crc32($raw);
-		$raw .= pack('C4', $crc >> 24, $crc >> 16, $crc >> 8, $crc);
+		$raw .= pack('C4', ($crc >> 24) & 255, ($crc >> 16) & 255, ($crc >> 8) & 255, $crc & 255);
 
-		return pack('C4', $length >> 24, $length >> 16, $length >> 8, $length) . $raw;
+		return pack('C4', ($length >> 24) & 255, ($length >> 16) & 255, ($length >> 8) & 255, $length & 255) . $raw;
 	}
 
 	// Creates greyscale 8bit png - The PNG spec can be found at
@@ -212,8 +209,8 @@ class ucp_confirm
 		// SIG
 		$image = pack('C8', 137, 80, 78, 71, 13, 10, 26, 10);
 		// IHDR
-		$raw = pack('C4', $width >> 24, $width >> 16, $width >> 8, $width);
-		$raw .= pack('C4', $height >> 24, $height >> 16, $height >> 8, $height);
+		$raw = pack('C4', ($width >> 24) & 255, ($width >> 16) & 255, ($width >> 8) & 255, $width & 255);
+		$raw .= pack('C4', ($height >> 24) & 255, ($height >> 16) & 255, ($height >> 8) & 255, $height & 255);
 		$raw .= pack('C5', 8, 0, 0, 0, 0);
 		$image .= $this->png_chunk(13, 'IHDR', $raw);
 		// IDAT

phpBB/includes/ucp/ucp_register.php

@@ -420,7 +420,8 @@ class ucp_register
 				}
 				$db->sql_freeresult($result);
 		
-				$code = gen_rand_string(6);
+				$code = gen_rand_string(mt_rand(5, 8));
+
 				$confirm_id = md5(uniqid($user->ip));
 
 				$sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array(
@@ -431,8 +432,18 @@ class ucp_register
 				$db->sql_query($sql);
 			}
 
-			$confirm_image = (@extension_loaded('zlib')) ? "<img src=\"ucp.$phpEx$SID&amp;mode=confirm&amp;id=$confirm_id\" alt=\"\" title=\"\" />" : "<img src=\"ucp.$phpEx$SID&amp;mode=confirm&amp;id=$confirm_id&amp;c=1\" alt=\"\" title=\"\" /><img src=\"ucp.$phpEx$SID&amp;mode=confirm&amp;id=$confirm_id&amp;c=2\" alt=\"\" title=\"\" /><img src=\"ucp.$phpEx$SID&amp;mode=confirm&amp;id=$confirm_id&amp;c=3\" alt=\"\" title=\"\" /><img src=\"ucp.$phpEx$SID&amp;mode=confirm&amp;id=$confirm_id&amp;c=4\" alt=\"\" title=\"\" /><img src=\"ucp.$phpEx$SID&amp;mode=confirm&amp;id=$confirm_id&amp;c=5\" alt=\"\" title=\"\" /><img src=\"ucp.$phpEx$SID&amp;mode=confirm&amp;id=$confirm_id&amp;c=6\" alt=\"\" title=\"\" />";
-			$s_hidden_fields .= '<input type="hidden" name="confirm_id" value="' . $confirm_id . '" />';
+			if (@extension_loaded('zlib'))
+			{
+				$confirm_image = "<img src=\"ucp.$phpEx$SID&amp;mode=confirm&amp;id=$confirm_id\" alt=\"\" title=\"\" />";
+			}
+			else
+			{
+				$confirm_image = '';
+				for ($i = 1; $i < strlen($code) + 1; $i++)
+				{
+					$confirm_image .= "<img src=\"ucp.$phpEx$SID&amp;mode=confirm&amp;id=$confirm_id&amp;c=$i\" alt=\"\" title=\"\" />";
+				}
+			}
 		}
 
 		//