From 421fc8d94db1b6a89518cbcc3f3141625eefff25 Mon Sep 17 00:00:00 2001 From: Callum Macrae Date: Tue, 10 Apr 2012 11:25:06 +0100 Subject: [PATCH 001/157] [ticket/10776] Fixed errors in docs/README.html. PHPBB3-10776 --- phpBB/docs/README.html | 77 +++++++++++++++++++++--------------------- 1 file changed, 38 insertions(+), 39 deletions(-) diff --git a/phpBB/docs/README.html b/phpBB/docs/README.html index aa60d7dd25..d54b9d920f 100644 --- a/phpBB/docs/README.html +++ b/phpBB/docs/README.html @@ -41,7 +41,7 @@ -

Thank you for downloading phpBB3. This README will guide through the basics of installation and operation of phpBB3. Please ensure you read this and the accompanying documentation fully before proceeding with the installation.

+

Thank you for downloading phpBB3. This README will guide you through the basics of installation and operation of phpBB3. Please ensure you read this and the accompanying documentation fully before proceeding with the installation.

Readme

@@ -62,12 +62,12 @@
  • Getting help with phpBB3
    1. Documentation
      2. -
    2. Community Forums
      3. +
    3. Community forums
    4. Internet Relay Chat
  • Status of this version
    • -
  • Reporting Bugs +
  • Reporting bugs
    1. Security related bugs
    @@ -91,11 +91,11 @@
    -

    Installation, update and conversion instructions can be found in the INSTALL document contained in this distribution. If you are intending to convert from a previous phpBB 2.0.x installation we highly recommend you backup any existing data before proceeding!

    +

    Installation, update and conversion instructions can be found in the INSTALL document in this directory. If you are intending on converting from a phpBB 2.0.x installation we highly recommend that you backup any existing data before proceeding!

    Users of phpBB3 Beta versions cannot directly update.

    -

    Please note that we won't support the following installation types:

    +

    Please note that we don't support the following installation types:

    • Updates from phpBB3 Beta versions to phpBB3 RC1 and higher
    • Conversions from phpBB 2.0.x to phpBB3 Beta versions
      • @@ -107,7 +107,7 @@
      • Updates from phpBB3 RC1 to the latest version
      • Conversions from phpBB 2.0.x to the latest version
        • -
      • New installations of phpBB3 - always only the latest released version
        • +
      • New installations of phpBB3 - only the latest released version
    @@ -134,33 +134,33 @@

    http://www.phpbb.com/downloads/

    -

    This is the official location for all supported language sets. If you download a package from a 3rd party site you do so with the understanding that we cannot offer support. So please, do not ask for help in these cases!

    +

    This is the official location for all supported language sets. If you download a package from a 3rd party site you do so with the understanding that we cannot offer support. Please do not ask for support if you download a language pack from a 3rd party site.

    -

    Installation of these packages is straightforward, simply download the required language pack and unarchive it into the languages/ folder. Please ensure you retain the directory structure when doing this! Once uploaded go to the Admin->System->Language Packs and install the now appeared new language pack. To install the style imageset you should download the imageset for your language and unarchive the file/s into the relevant imageset directory (styles/prosilver/imageset or styles/subsilver2/imageset), again you must retain the directory structure. Once installed the imageset will become immediately available.

    +

    Installation of these packages is straightforward; simply download the required language pack and unarchive it into the languages/ folder. Please ensure you retain the directory structure when doing this! Once uploaded go to the Admin->System->Language Packs and install the new language pack, which will have been automatically detected. To install the style imageset you should download the imageset for your language and unarchive the file/s into the relevant imageset directory (styles/prosilver/imageset or styles/subsilver2/imageset). Again, you must retain the directory structure. Once installed the imageset will immediately become available.

    If your language is not available please visit our forums where you will find a topic listing translations currently available or in preparation. This topic also gives you information should you wish to volunteer to translate a language not currently listed.

    2.ii. Styles

    -

    Although phpBB Group are rather proud of the included styles we realise that it may not be to everyones tastes. Therefore phpBB3 allows styles to be switched with relative ease. Firstly you need to locate and download a style you like. We maintain such a site at

    +

    Although phpBB Group are rather proud of the included styles we realise that it may not be to everyones tastes. Therefore phpBB3 allows other styles to be used with relative ease. First, you need to locate and download a style you like. We maintain such a site at

    http://www.phpbb.com/styles/

    -

    Please note that 3rd party styles downloaded for versions of phpBB2 will not work in phpBB3.

    +

    Please note that styles for phpBB2 will not work with phpBB3.

    -

    Once you have downloaded a style the usual next step is to unarchive (or upload the unarchived contents of) the package into your styles/ directory. You then need to visit Administration -> Styles, you should see the new style available, click install and it will become available for all your users.

    +

    Once you have downloaded a style, the next step is to unarchive (or upload the unarchived contents of) the package into your styles/ directory. You then need to visit Administration -> Styles. You should see the new style, click install and it will become available for all your users.

    -

    Please note that if you create your own style or modify existing ones, please remember to enable the "Recompile stale style components" setting within the Admin->General->Load Settings screen. This setting allows the cache to detect changes made to the style and automatically refresh it. If this setting is disabled, you will not see your changes taking effect.

    +

    Please note that if you create your own style or modify existing ones, you should enable the "Recompile stale style components" setting within the Admin->General->Load Settings screen. This setting allows the cache to detect changes made to the style and automatically refresh it. If this setting is disabled, you will not see your changes taking effect without manually refreshing the style components.

    2.iii. Modifications

    -

    Although not officially supported by phpBB Group, phpBB has a thriving modification scene. These third party modifications to the standard phpBB extend its capabilities still further and can be found at:

    +

    Although the modifications themselves are not officially supported by phpBB Group, phpBB has a thriving modification scene. These add features to phpBB, and can be found at:

    http://www.phpbb.com/mods/

    -

    Please remember that any bugs or other issues that occur after you have added any modification should NOT be reported to the bug tracker (see below). First remove the modification and see if the problem is resolved.

    +

    Please remember that any bugs or other issues that may occur as a result of installing a modification should NOT be reported to the bug tracker (see below). First remove the modification, and then see if that has fixed the problem.

    -

    Also remember that any modifications which modify the database in any way may render upgrading your forum to future versions more difficult unless we state otherwise. With all this said many users have and continue to utilise many of the mods already available with great success.

    +

    Also remember that any modifications which modify the database in any way may make upgrading your forum to future versions more difficult. However, many users have and continue to utilise many of the mods already available with great success.

    @@ -178,27 +178,27 @@
    -

    phpBB3 can seem a little daunting to new users in places, particularly with regard the permission system. The first thing you should do is check the FAQ which covers a few basic getting started questions. If you need additional help there are several places you should look.

    +

    phpBB3 can sometimes seem a little daunting to new users, particularly with regards to the permission system. The first thing you should do is check the FAQ, which covers a few basic getting started questions. If you need additional help there are several places you can find it.

    3.i. phpBB3 Documentation

    -

    A comprehensive documentation is now available online and can be accessed from the following location:

    +

    Comprehensive documentation is now available on the phpBB website:

    http://www.phpbb.com/support/documentation/3.0/

    -

    This covers everything from installation through setting permissions and managing users.

    +

    This covers everything from installation to setting permissions and managing users.

    3.ii. Community Forums

    -

    phpBB Group maintains a thriving community where a number of people have generously decided to donate their time to help support users. This site can be found at:

    +

    phpBB Group maintains a thriving community where a number of people generously donate their time to help support users. This site can be found at:

    -

    http://www.phpbb.com/

    +

    http://www.phpbb.com/community/

    -

    If you do seek help via our forums please be sure to do a Search before posting. This may well save both you and us time and allow the developer, moderator and support groups to spend more time responding to people with unknown issues and problems. Please also remember that phpBB is an entirely volunteer effort, no one receives any compensation for the time they give, this includes moderators as well as developers. So please be respectful and mindful when awaiting responses.

    +

    If you do seek help via our forums please be sure to do a search before posting to make sure; if someone has experienced the issue before, then you may find that your question has already been answered. Please remember that phpBB is entirely staffed by volunteers, no one receives any compensation for the time they give, including moderators as well as developers; please be respectful and mindful when awaiting responses and receiving support.

    3.iii Internet Relay Chat

    -

    Another place you may find help is our IRC channel. This operates on the Freenode IRC network, irc.freenode.net and the channel is #phpbb and can be accessed by any good IRC client such as mIRC, XChat, etc. Again, please do not abuse this service and be respectful of other users.

    +

    Another place you can find help is our IRC channel, which you can find on the Freenode IRC network, irc.freenode.net in #phpbb. It can be accessed by any IRC client such as mIRC, XChat, etc. Again, please do not abuse this service and be respectful of other users.

    @@ -216,13 +216,13 @@
    -

    This is the third stable release of phpBB. The 3.0.x line is essentially feature frozen, with only point releases seeing fixes for bugs and security issues, though feature alterations and minor feature additions may be done if deemed absolutely required. Our next major release will be phpBB 3.2 and the planning phase has begun (the unstable development version is 3.1). Please do not post questions asking when 3.2 will be available, no release date has been set.

    +

    This is the third stable release of phpBB. The 3.0.x line is essentially feature frozen, with releases only containing fixes for bugs and security issues, though feature alterations and minor feature additions may be done if deemed absolutely required. Our next major release will be phpBB 3.1, which is currently under development. Please do not post questions asking when any future releases will be released; they will be released when they are finished.

    -

    For those interested in the development of phpBB should keep an eye on the community forums to see how things are progressing:

    +

    Those interested in the development of phpBB should keep an eye on the forums on the development site, Area51, to see how things are progressing and to help out if you wish:

    http://area51.phpbb.com/phpBB/

    -

    Please note that this forum should NOT be used to obtain support for or ask questions about phpBB 2.0.x or phpBB 3.0.x, the main community forums are the place for this. Any such posts will be locked and go unanswered.

    +

    Please note that these forums should NOT be used to obtain support, as the main community forums are the place for this. Any such posts will be locked and go unanswered.

    @@ -240,20 +240,19 @@
    -

    The phpBB Group uses a bug tracking system to store, list and manage all reported bugs, it can be found at the location listed below. Please DO NOT post bug reports to our forums, they will be locked. In addition please DO NOT use the bug tracker for support requests. Posting such a request will only see you directed to the support forums (while taking time away from working on real bugs).

    +

    The phpBB Group uses a bug tracking system to manage all reported bugs, which can be found at the location listed below. Please DO NOT post bug reports to our forums, they will be locked. In addition please DO NOT use the bug tracker for support requests. Posting such a request will only see you directed to the support forums (while taking time away from working on real bugs).

    http://tracker.phpbb.com/

    While we very much appreciate receiving bug reports (the more reports the more stable phpBB will be) we ask you carry out a few steps before adding new entries:

      -
    • Firstly determine if your bug is reproduceable, how to determine this depends on the bug in question. Only if the bug is reproduceable it is likely to be a problem with phpBB3 (or in some way connected). If something cannot be reproduced it may turn out to have been your hosting provider working on something, a user doing something silly, etc. Bug reports for non-reproduceable events can slow down our attempts to fix real, reproduceable issues

      • -
    • Next please read or search through the existing bug reports to see if your bug (or one very similar to it) is already listed. If it is please add to that existing bug rather than creating a new duplicate entry (all this does is slow us down).

      • -
    • Check the forums (use search!) to see if people have discussed anything that sounds similar to what you are seeing. However, as noted above please DO NOT post your particular bug to the forum unless it's non-reproduceable or you are sure it's related to something you have done rather phpBB3

      • -
    • If no existing bug exists then please feel free to add it
      • +
    • First determine if your bug is reproducible. How to determine this depends on the bug in question. If the bug is reproduceable it is likely to be a problem with phpBB3 (or in some way connected). If it cannot, then it is most likely not a bug in phpBB.

      • +
    • Next please read or search through the existing bug reports to see whether we already know about the bug you found. If there is already a ticket, then please add to that existing bug rather than creating a new duplicate entry (all this does is slow us down).

      • +
    • If no existing bug exists then please add it
    -

    If you do post a new bug (i.e. one that isn't already listed in the bug tracker) firstly make sure you have logged in (your username and password are the same as for the community forums) then please include the following details:

    +

    If you do post a new bug, make sure you are logged in (your username and password are the same as for the community forums) then please include the following details in your bug report:

    • Your server type/version, e.g. Apache 1.3.28, IIS 4, Sambar, etc.
      • @@ -263,9 +262,9 @@

      The relevant database type/version is listed within the administration control panel

      -

      Please also be as detailed as you can in your report, if possible list the steps required to duplicate the problem. If you have a patch that fixes the issue, please attach it to the ticket or submit a pull request on GitHub.

      +

      Please be as detailed as you can in your report, and if possible, list the steps required to duplicate the problem. If you have a patch that fixes the issue, please attach it to the ticket or submit a pull request to our repository on GitHub.

      -

      Once a bug has been submitted you will be emailed any follow up comments added to it. Please if you are requested to supply additional information, do so! It is frustrating for us to receive bug reports, ask for additional information but get nothing. In these cases we have a policy of closing the bug, which may leave a very real problem in place. Obviously we would rather not have this situation arise.

      +

      Once a bug has been submitted you will be emailed any follow up comments added to it. If you are requested to supply additional information, please do so! It is frustrating for us to receive bug reports, ask for additional information but get nothing. If we cannot replicate the bug we may close the ticket, which could leave the bug in phpBB. Obviously we would rather not have this situation arise.

      5.i. Security related bugs

      @@ -289,11 +288,11 @@
      -

      This list is not complete but does represent those bugs which may effect users on a wider scale. Other bugs listed in the tracker have typically been shown to be limited to certain setups or methods of installation, updating and/or conversions.

      +

      This list is by no means complete but does represent those bugs which may effect users on a wider scale. Other bugs listed in the tracker have typically been shown to be limited to certain setups or methods of installation, updating and/or conversions.

        -
      • Conversions may fail to complete on large boards under some hosts
        • -
      • Updates may fail to complete on large update sets under some hosts
        • +
      • Conversions may fail to complete on large boards under some hosts.
        • +
      • Updates may fail to complete on large update sets under some hosts.
      • Smilies placed directly after bbcode tags will not get parsed. Smilies always need to be separated by spaces.
      @@ -313,9 +312,9 @@
      -

      phpBB is no longer supported on PHP3 due to several compatibility issues and we recommend that you upgrade to the latest stable release of PHP5 to run phpBB. The minimum version required is PHP 4.3.3.

      +

      phpBB is no longer supported on PHP3 due to several compatibility issues and we recommend that you upgrade to the latest stable release of PHP5 to run phpBB. The minimum version required is PHP 4.3.3. The minimum version that will be required for phpBB 3.1 is PHP 5.3.2.

      -

      Please remember that running any application on a developmental version of PHP can lead to strange/unexpected results which may appear to be bugs in the application (which may not be true). Therefore we recommend you upgrade to the newest stable version of PHP before running phpBB3. If you are running a developmental version of PHP please check any bugs you find on a system running a stable release before submitting.

      +

      Please remember that running any application on a development (unstable, e.g. a beta release) version of PHP can lead to strange/unexpected results which may appear to be bugs in the application. Therefore, we recommend you upgrade to the newest stable version of PHP before running phpBB3. If you are running a development version of PHP please check any bugs you find on a system running a stable release before submitting.

      This board has been developed and tested under Linux and Windows (amongst others) running Apache using MySQL 3.23, 4.x, 5.x, MSSQL Server 2000, PostgreSQL 7.x, Oracle 8, SQLite and Firebird. Versions of PHP used range from 4.3.3 to 6.0.0-dev without problem.

      @@ -339,7 +338,7 @@
      -

      This application is opensource software released under the GNU General Public License v2. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) phpBB Group, All Rights Reserved.

      +

      This application is open source software released under the GNU General Public License v2. Please see source code and the docs directory for more details. This package and its contents are Copyright © phpBB Group, All Rights Reserved.

      From 8a2063090c382445835e64fb95ad3aebd777e146 Mon Sep 17 00:00:00 2001 From: Callum Macrae Date: Thu, 12 Apr 2012 20:53:27 +0100 Subject: [PATCH 002/157] [ticket/10776] Fixed a couple language changes in docs/README.html. PHPBB3-10776 --- phpBB/docs/README.html | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/phpBB/docs/README.html b/phpBB/docs/README.html index d54b9d920f..0b5709a7c7 100644 --- a/phpBB/docs/README.html +++ b/phpBB/docs/README.html @@ -136,7 +136,7 @@

      This is the official location for all supported language sets. If you download a package from a 3rd party site you do so with the understanding that we cannot offer support. Please do not ask for support if you download a language pack from a 3rd party site.

      -

      Installation of these packages is straightforward; simply download the required language pack and unarchive it into the languages/ folder. Please ensure you retain the directory structure when doing this! Once uploaded go to the Admin->System->Language Packs and install the new language pack, which will have been automatically detected. To install the style imageset you should download the imageset for your language and unarchive the file/s into the relevant imageset directory (styles/prosilver/imageset or styles/subsilver2/imageset). Again, you must retain the directory structure. Once installed the imageset will immediately become available.

      +

      Installation of these packages is straightforward; simply download the required language pack and extract it into the languages/ folder. Please ensure you retain the directory structure when doing this! Once uploaded go to the Admin->System->Language Packs and install the new language pack, which will have been automatically detected. To install the style imageset you should download the imageset for your language and extract the file/s into the relevant imageset directory (styles/prosilver/imageset or styles/subsilver2/imageset). Again, you must retain the directory structure. Once installed the imageset will immediately become available.

      If your language is not available please visit our forums where you will find a topic listing translations currently available or in preparation. This topic also gives you information should you wish to volunteer to translate a language not currently listed.

      @@ -148,7 +148,7 @@

      Please note that styles for phpBB2 will not work with phpBB3.

      -

      Once you have downloaded a style, the next step is to unarchive (or upload the unarchived contents of) the package into your styles/ directory. You then need to visit Administration -> Styles. You should see the new style, click install and it will become available for all your users.

      +

      Once you have downloaded a style, the next step is to extract (or upload the extracted contents of) the package into your styles/ directory. You then need to visit Administration -> Styles. You should see the new style, click install and it will become available for all your users.

      Please note that if you create your own style or modify existing ones, you should enable the "Recompile stale style components" setting within the Admin->General->Load Settings screen. This setting allows the cache to detect changes made to the style and automatically refresh it. If this setting is disabled, you will not see your changes taking effect without manually refreshing the style components.

      @@ -194,7 +194,7 @@

      http://www.phpbb.com/community/

      -

      If you do seek help via our forums please be sure to do a search before posting to make sure; if someone has experienced the issue before, then you may find that your question has already been answered. Please remember that phpBB is entirely staffed by volunteers, no one receives any compensation for the time they give, including moderators as well as developers; please be respectful and mindful when awaiting responses and receiving support.

      +

      If you do seek help via our forums please be sure to do a search before posting; if someone has experienced the issue before, then you may find that your question has already been answered. Please remember that phpBB is entirely staffed by volunteers, no one receives any compensation for the time they give, including moderators as well as developers; please be respectful and mindful when awaiting responses and receiving support.

      3.iii Internet Relay Chat

      From bef96b97929414af47311afd30fc7e8972df3192 Mon Sep 17 00:00:00 2001 From: riadhchtara Date: Sat, 21 Apr 2012 17:43:13 +0200 Subject: [PATCH 003/157] [ticket/10820] Image downloader recognize new version of ie When a user download image attachement using ie8, the file is displayed. However, when he uses ie version greater than 8, the image is download. A changes are made to phpbb/download/file.php to solve the problem. We check now if the ie version is greater or equal to 8 and not only equal to 8 PHPBB3-10820 --- phpBB/download/file.php | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index bf277c69fa..d9118f70de 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -285,7 +285,7 @@ else if (($display_cat == ATTACHMENT_CATEGORY_NONE/* || $display_cat == ATTACHME $db->sql_query($sql); } -if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && ((strpos(strtolower($user->browser), 'msie') !== false) && (strpos(strtolower($user->browser), 'msie 8.0') === false))) +if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && !is_greater_ie7($user->browser)) { wrap_img_in_html(append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'id=' . $attachment['attach_id']), $attachment['real_filename']); file_gc(); @@ -343,8 +343,8 @@ function send_avatar_to_browser($file, $browser) $image_data = @getimagesize($file_path); header('Content-Type: ' . image_type_to_mime_type($image_data[2])); - - if (strpos(strtolower($browser), 'msie') !== false && strpos(strtolower($browser), 'msie 8.0') === false) + + if (strpos(strtolower($browser), 'msie') !== false && !is_greater_ie7($user->browser)) { header('Content-Disposition: attachment; ' . header_filename($file)); @@ -477,10 +477,9 @@ function send_file_to_browser($attachment, $upload_dir, $category) */ // Send out the Headers. Do not set Content-Disposition to inline please, it is a security measure for users using the Internet Explorer. - $is_ie8 = (strpos(strtolower($user->browser), 'msie 8.0') !== false); header('Content-Type: ' . $attachment['mimetype']); - - if ($is_ie8) + + if (is_greater_ie7($user->browser)) { header('X-Content-Type-Options: nosniff'); } @@ -492,7 +491,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) } else { - if (empty($user->browser) || (!$is_ie8 && (strpos(strtolower($user->browser), 'msie') !== false))) + if (empty($user->browser) || (!is_greater_ie7($user->browser) && (strpos(strtolower($user->browser), 'msie') !== false))) { header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename']))); if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie 6.0') !== false)) @@ -503,7 +502,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) else { header('Content-Disposition: ' . ((strpos($attachment['mimetype'], 'image') === 0) ? 'inline' : 'attachment') . '; ' . header_filename(htmlspecialchars_decode($attachment['real_filename']))); - if ($is_ie8 && (strpos($attachment['mimetype'], 'image') !== 0)) + if (is_greater_ie7($user->browser) && (strpos($attachment['mimetype'], 'image') !== 0)) { header('X-Download-Options: noopen'); } @@ -680,7 +679,8 @@ function set_modified_headers($stamp, $browser) { // let's see if we have to send the file at all $last_load = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? strtotime(trim($_SERVER['HTTP_IF_MODIFIED_SINCE'])) : false; - if ((strpos(strtolower($browser), 'msie 6.0') === false) && (strpos(strtolower($browser), 'msie 8.0') === false)) + + if ((strpos(strtolower($browser), 'msie 6.0') === false) && (!is_greater_ie7($user->browser))) { if ($last_load !== false && $last_load >= $stamp) { @@ -709,4 +709,9 @@ function file_gc() exit; } +function is_greater_ie7($browser) +{ + return preg_match('/msie (\d{2,3}|[89]+).[0-9.]*;/', strtolower($browser)); +} + ?> \ No newline at end of file From ac56363351f5e6951e5554d30c7977507e616f4f Mon Sep 17 00:00:00 2001 From: Dhruv Date: Thu, 7 Feb 2013 23:59:46 +0530 Subject: [PATCH 004/157] [ticket/10820] proper usage of global and local variable browser PHPBB3-10820 --- phpBB/download/file.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index d9118f70de..9983fe3ec6 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -344,7 +344,7 @@ function send_avatar_to_browser($file, $browser) $image_data = @getimagesize($file_path); header('Content-Type: ' . image_type_to_mime_type($image_data[2])); - if (strpos(strtolower($browser), 'msie') !== false && !is_greater_ie7($user->browser)) + if (strpos(strtolower($browser), 'msie') !== false && !is_greater_ie7($browser)) { header('Content-Disposition: attachment; ' . header_filename($file)); @@ -680,7 +680,7 @@ function set_modified_headers($stamp, $browser) // let's see if we have to send the file at all $last_load = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? strtotime(trim($_SERVER['HTTP_IF_MODIFIED_SINCE'])) : false; - if ((strpos(strtolower($browser), 'msie 6.0') === false) && (!is_greater_ie7($user->browser))) + if ((strpos(strtolower($browser), 'msie 6.0') === false) && (!is_greater_ie7($browser))) { if ($last_load !== false && $last_load >= $stamp) { From 095ac054e034ad696e5da540690078cacfda1e6d Mon Sep 17 00:00:00 2001 From: Dhruv Date: Fri, 8 Feb 2013 00:05:06 +0530 Subject: [PATCH 005/157] [ticket/10820] fix IE check function Add phpbb_ prefix to function name and return boolean value. PHPBB3-10820 --- phpBB/download/file.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index 9983fe3ec6..83bcb5aacc 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -285,7 +285,7 @@ else if (($display_cat == ATTACHMENT_CATEGORY_NONE/* || $display_cat == ATTACHME $db->sql_query($sql); } -if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && !is_greater_ie7($user->browser)) +if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && !phpbb_is_greater_ie7($user->browser)) { wrap_img_in_html(append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'id=' . $attachment['attach_id']), $attachment['real_filename']); file_gc(); @@ -344,7 +344,7 @@ function send_avatar_to_browser($file, $browser) $image_data = @getimagesize($file_path); header('Content-Type: ' . image_type_to_mime_type($image_data[2])); - if (strpos(strtolower($browser), 'msie') !== false && !is_greater_ie7($browser)) + if (strpos(strtolower($browser), 'msie') !== false && !phpbb_is_greater_ie7($browser)) { header('Content-Disposition: attachment; ' . header_filename($file)); @@ -479,7 +479,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) // Send out the Headers. Do not set Content-Disposition to inline please, it is a security measure for users using the Internet Explorer. header('Content-Type: ' . $attachment['mimetype']); - if (is_greater_ie7($user->browser)) + if (phpbb_is_greater_ie7($user->browser)) { header('X-Content-Type-Options: nosniff'); } @@ -491,7 +491,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) } else { - if (empty($user->browser) || (!is_greater_ie7($user->browser) && (strpos(strtolower($user->browser), 'msie') !== false))) + if (empty($user->browser) || (!phpbb_is_greater_ie7($user->browser) && (strpos(strtolower($user->browser), 'msie') !== false))) { header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename']))); if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie 6.0') !== false)) @@ -502,7 +502,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) else { header('Content-Disposition: ' . ((strpos($attachment['mimetype'], 'image') === 0) ? 'inline' : 'attachment') . '; ' . header_filename(htmlspecialchars_decode($attachment['real_filename']))); - if (is_greater_ie7($user->browser) && (strpos($attachment['mimetype'], 'image') !== 0)) + if (phpbb_is_greater_ie7($user->browser) && (strpos($attachment['mimetype'], 'image') !== 0)) { header('X-Download-Options: noopen'); } @@ -680,7 +680,7 @@ function set_modified_headers($stamp, $browser) // let's see if we have to send the file at all $last_load = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? strtotime(trim($_SERVER['HTTP_IF_MODIFIED_SINCE'])) : false; - if ((strpos(strtolower($browser), 'msie 6.0') === false) && (!is_greater_ie7($browser))) + if ((strpos(strtolower($browser), 'msie 6.0') === false) && (!phpbb_is_greater_ie7($browser))) { if ($last_load !== false && $last_load >= $stamp) { @@ -709,9 +709,9 @@ function file_gc() exit; } -function is_greater_ie7($browser) +function phpbb_is_greater_ie7($browser) { - return preg_match('/msie (\d{2,3}|[89]+).[0-9.]*;/', strtolower($browser)); + return (bool) preg_match('/msie (\d{2,3}|[89]+).[0-9.]*;/', strtolower($browser)); } ?> \ No newline at end of file From adb2441f2207b3092537e96475353a2e0475a961 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Fri, 8 Feb 2013 13:58:41 +0530 Subject: [PATCH 006/157] [ticket/10820] add function docblock PHPBB3-10820 --- phpBB/download/file.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index 83bcb5aacc..c6a89656af 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -709,6 +709,10 @@ function file_gc() exit; } +/** +* Check if the browser is internet explorer version 7+ +* @returns true if ie7+ +*/ function phpbb_is_greater_ie7($browser) { return (bool) preg_match('/msie (\d{2,3}|[89]+).[0-9.]*;/', strtolower($browser)); From 79a740bb80c92a5374e065278b786a83847b4007 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Mon, 4 Mar 2013 22:44:19 +0530 Subject: [PATCH 007/157] [ticket/10820] remove unnecessary condition checks PHPBB3-10820 --- phpBB/download/file.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index c6a89656af..52e669f2cc 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -344,7 +344,7 @@ function send_avatar_to_browser($file, $browser) $image_data = @getimagesize($file_path); header('Content-Type: ' . image_type_to_mime_type($image_data[2])); - if (strpos(strtolower($browser), 'msie') !== false && !phpbb_is_greater_ie7($browser)) + if (!phpbb_is_greater_ie7($browser)) { header('Content-Disposition: attachment; ' . header_filename($file)); @@ -491,7 +491,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) } else { - if (empty($user->browser) || (!phpbb_is_greater_ie7($user->browser) && (strpos(strtolower($user->browser), 'msie') !== false))) + if (empty($user->browser) || !phpbb_is_greater_ie7($user->browser)) { header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename']))); if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie 6.0') !== false)) From 0ad48d7ea10316d7ae3b897e6fa8cbdda3f7eebc Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sat, 13 Apr 2013 22:48:09 +0530 Subject: [PATCH 008/157] [ticket/10820] Use singular return PHPBB3-10820 --- phpBB/download/file.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index 52e669f2cc..d22885c303 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -711,7 +711,7 @@ function file_gc() /** * Check if the browser is internet explorer version 7+ -* @returns true if ie7+ +* @return true if ie7+ */ function phpbb_is_greater_ie7($browser) { From 8d1bbc1e7f3bc8366ed127bd129c239f1b62b5c1 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sat, 13 Apr 2013 22:50:37 +0530 Subject: [PATCH 009/157] [ticket/10820] simplify regex and escape dot PHPBB3-10820 --- phpBB/download/file.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index d22885c303..4b2f34f94d 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -715,7 +715,7 @@ function file_gc() */ function phpbb_is_greater_ie7($browser) { - return (bool) preg_match('/msie (\d{2,3}|[89]+).[0-9.]*;/', strtolower($browser)); + return (bool) preg_match('/msie [^67]+\\.*;/', strtolower($browser)); } ?> \ No newline at end of file From f0f28f261c243ae57e13349ebc386a83c689a568 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sat, 27 Apr 2013 20:57:51 +0530 Subject: [PATCH 010/157] [ticket/10820] add param and return to function Add param and return in function docblock. Rename function parameter to $user_agent. PHPBB3-10820 --- phpBB/download/file.php | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index 4b2f34f94d..378c6e64b1 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -711,11 +711,14 @@ function file_gc() /** * Check if the browser is internet explorer version 7+ -* @return true if ie7+ +* +* @param string $user_agent User agent HTTP header +* +* @return bool true if ie7+ */ -function phpbb_is_greater_ie7($browser) +function phpbb_is_greater_ie7($user_agent) { - return (bool) preg_match('/msie [^67]+\\.*;/', strtolower($browser)); + return (bool) preg_match('/msie [^67]+\\.*;/', strtolower($user_agent)); } ?> \ No newline at end of file From 8c9786c504216fae68b1558a4386a207ea036962 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sat, 27 Apr 2013 21:33:30 +0530 Subject: [PATCH 011/157] [ticket/10820] fix docblock PHPBB3-10820 --- phpBB/download/file.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index 378c6e64b1..bd87f609e9 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -714,7 +714,7 @@ function file_gc() * * @param string $user_agent User agent HTTP header * -* @return bool true if ie7+ +* @return bool true if internet explorer version is greater than 7 */ function phpbb_is_greater_ie7($user_agent) { From b39e6e01b291f7a20a143ae3aea1a9582b0c4cad Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sat, 27 Apr 2013 23:24:22 +0530 Subject: [PATCH 012/157] [ticket/10820] remove unnecessary parentheses PHPBB3-10820 --- phpBB/download/file.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index bd87f609e9..2568455e53 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -680,7 +680,7 @@ function set_modified_headers($stamp, $browser) // let's see if we have to send the file at all $last_load = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? strtotime(trim($_SERVER['HTTP_IF_MODIFIED_SINCE'])) : false; - if ((strpos(strtolower($browser), 'msie 6.0') === false) && (!phpbb_is_greater_ie7($browser))) + if (strpos(strtolower($browser), 'msie 6.0') === false && !phpbb_is_greater_ie7($browser)) { if ($last_load !== false && $last_load >= $stamp) { From 679183385fc070269ea2356722eff0f3b6defdfc Mon Sep 17 00:00:00 2001 From: Dhruv Date: Mon, 29 Apr 2013 02:25:22 +0530 Subject: [PATCH 013/157] [ticket/10820] add unit tests for phpbb_is_greater_ie7 PHPBB3-10820 --- tests/download/http_user_agent_test.php | 65 +++++++++++++++++++++++++ 1 file changed, 65 insertions(+) create mode 100644 tests/download/http_user_agent_test.php diff --git a/tests/download/http_user_agent_test.php b/tests/download/http_user_agent_test.php new file mode 100644 index 0000000000..601561f44e --- /dev/null +++ b/tests/download/http_user_agent_test.php @@ -0,0 +1,65 @@ +assertEquals($expected, phpbb_is_greater_ie7($user_agent)); + } +} From bcd6f79d5c3e3db5ae60098526d93b477cc9eed9 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sun, 12 May 2013 15:57:13 +0530 Subject: [PATCH 014/157] [ticket/10820] Add test cases PHPBB3-10325 --- tests/download/http_user_agent_test.php | 32 +++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/tests/download/http_user_agent_test.php b/tests/download/http_user_agent_test.php index 601561f44e..e08fb7a3f1 100644 --- a/tests/download/http_user_agent_test.php +++ b/tests/download/http_user_agent_test.php @@ -52,6 +52,38 @@ class phpbb_download_http_user_agent_test extends phpbb_test_case 'Mozilla/5.0 (Windows NT 6.2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1464.0 Safari/537.36', false, ), + array( + 'Googlebot-Image/1.0', + false, + ), + array( + 'Googlebot/2.1 ( http://www.google.com/bot.html)', + false, + ), + array( + 'Lynx/2.8.3dev.9 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/0.9.6', + false, + ), + array( + 'Links (0.9x; Linux 2.4.7-10 i686)', + false, + ), + array( + 'Opera/9.60 (Windows NT 5.1; U; de) Presto/2.1.1', + false, + ), + array( + 'Mozilla/4.0 (compatible; MSIE 5.0; Windows NT;)', + false, + ), + array( + 'Mozilla/4.0 (compatible; MSIE 5.0; Windows NT 4.0) Opera 6.01 [en]', + false, + ), + array( + 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; en) Opera 9.24', + false, + ), ); } From cae8c3603758cff7a75d8bbb3b5d15bae38e5692 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sun, 12 May 2013 16:03:48 +0530 Subject: [PATCH 015/157] [ticket/10820] fix regex Extract IE version from user agent string and then compare it with 7 PHPBB3-10820 --- phpBB/download/file.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index 2568455e53..d9ebaa4281 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -718,7 +718,15 @@ function file_gc() */ function phpbb_is_greater_ie7($user_agent) { - return (bool) preg_match('/msie [^67]+\\.*;/', strtolower($user_agent)); + if (preg_match('/msie (\d+)/', strtolower($user_agent), $matches)) + { + $ie_version = (int) $matches[1]; + return ($ie_version > 7); + } + else + { + return false; + } } ?> \ No newline at end of file From dccd605a420227a29c1b2ece7d8ab964e05900d8 Mon Sep 17 00:00:00 2001 From: Matt Friedman Date: Tue, 28 May 2013 19:07:28 -0700 Subject: [PATCH 016/157] [ticket/11577] Correct over-sized Topic Rows Fixes a change made in PR 1331 that oversized topic rows. Icons in topic rows, in Prosilver, are only 27px high, so we do not need a min-height as high as 40px. Setting it to 30px is more conservative and reclaims the original height of topic rows from before PR 1331. http://tracker.phpbb.com/browse/PHPBB3-11577 PHPBB3-11577 --- phpBB/styles/prosilver/theme/content.css | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/styles/prosilver/theme/content.css b/phpBB/styles/prosilver/theme/content.css index b6db4c7230..5f58addb54 100644 --- a/phpBB/styles/prosilver/theme/content.css +++ b/phpBB/styles/prosilver/theme/content.css @@ -159,7 +159,7 @@ dl.icon dt .list-inner { } dl.icon dt, dl.icon dd { - min-height: 40px; + min-height: 30px; } dd.posts, dd.topics, dd.views, dd.extra, dd.mark { From 3d625ab0cf9fe8d1869fbdd66a4602553bb744d4 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Wed, 29 May 2013 18:24:54 +0200 Subject: [PATCH 017/157] [ticket/11579] Add basic set of unit tests for validate_data() This currently includes tests for the string, num, date, match, and language iso validation functions. PHPBB3-11579 --- tests/functions/validate_data_test.php | 252 +++++++++++++++++++++++++ 1 file changed, 252 insertions(+) create mode 100644 tests/functions/validate_data_test.php diff --git a/tests/functions/validate_data_test.php b/tests/functions/validate_data_test.php new file mode 100644 index 0000000000..6a429a5529 --- /dev/null +++ b/tests/functions/validate_data_test.php @@ -0,0 +1,252 @@ +createXMLDataSet(dirname(__FILE__) . '/fixtures/language_select.xml'); + } + + /** + * Test provided input data with supplied checks and compare to expected + * results + * + * @param array $input Input data with specific array keys that need to + * be matched by the ones in the other 2 params + * @param array $validate_check Array containing validate_data check + * settings, i.e. array('foobar' => array('string')) + * @param array $expected Array containing the expected results. Either + * an array containing the error message or the an empty + * array if input is correct + */ + public function validate_data_check($input, $validate_check, $expected) + { + foreach ($input as $key => $data) + { + $this->assertEquals($expected[$key], validate_data(array($data), array($validate_check[$key]))); + } + } + + /* + * Types to test + * - string: + * empty + optional = true --> good + * empty + optional = false --> good (min = 0) + * 'foobar' --> good + * 'foobar' + optional = false|true + min = 2 + max = 6 --> good + * 'foobar' + " + min = 7 + max = 9 --> TOO_SHORT + * 'foobar' + " + min = 2 + max = 5 --> TOO_LONG + * '' + optional = false + min = 1 + max = 6 --> TOO_SHORT + * '' + optional = true + min = 1 + max = 6 --> good + */ + public function test_validate_string() + { + $this->validate_data_check(array( + 'empty_opt' => '', + 'empty' => '', + 'foo' => 'foobar', + 'foo_minmax_correct' => 'foobar', + 'foo_minmax_short' => 'foobar', + 'foo_minmax_long' => 'foobar', + 'empty_short' => '', + 'empty_length_opt' => '', + ), + array( + 'empty_opt' => array('string', true), + 'empty' => array('string'), + 'foo' => array('string'), + 'foo_minmax_correct' => array('string', false, 2, 6), + 'foo_minmax_short' => array('string', false, 7, 9), + 'foo_minmax_long' => array('string', false, 2, 5), + 'empty_short' => array('string', false, 1, 6), + 'empty_length_opt' => array('string', true, 1, 6), + ), + array( + 'empty_opt' => array(), + 'empty' => array(), + 'foo' => array(), + 'foo_minmax_correct' => array(), + 'foo_minmax_short' => array('TOO_SHORT'), + 'foo_minmax_long' => array('TOO_LONG'), + 'empty_short' => array('TOO_SHORT'), + 'empty_length_opt' => array(), + )); + } + + /* + * Types to test + * - num + * empty + optional = true|false --> good + * 0 --> good + * 5 + optional = false|true + min = 2 + max = 6 --> good + * 5 + optional = false|true + min = 7 + max = 10 --> TOO_SMALL + * 5 + optional = false|true + min = 2 + max = 3 --> TOO_LARGE + * 'foobar' --> should fail with WRONG_DATA_NUMERIC !!! + */ + public function test_validate_num() + { + $this->validate_data_check(array( + 'empty' => '', + 'zero' => 0, + 'five_minmax_correct' => 5, + 'five_minmax_short' => 5, + 'five_minmax_long' => 5, + 'string' => 'foobar', + ), + array( + 'empty' => array('num'), + 'zero' => array('num'), + 'five_minmax_correct' => array('num', false, 2, 6), + 'five_minmax_short' => array('num', false, 7, 10), + 'five_minmax_long' => array('num', false, 2, 3), + 'string' => array('num'), + ), + array( + 'empty' => array(), + 'zero' => array(), + 'five_minmax_correct' => array(), + 'five_minmax_short' => array('TOO_SMALL'), + 'five_minmax_long' => array('TOO_LARGE'), + 'string' => array(), + )); + } + + /* + * Types to test + * - date + * . '' --> invalid + * . '' + optional = true --> good + * . 17-06-1990 --> good + * . 05-05-1990 --> good + * . 17-12-1990 --> good + * . 01-01-0000 --> good!!! + * . 17-17-1990 --> invalid + * . 00-12-1990 --> invalid + * . 01-00-1990 --> invalid + */ + public function test_validate_date() + { + $this->validate_data_check(array( + 'empty' => '', + 'empty_opt' => '', + 'double_single' => '17-06-1990', + 'single_single' => '05-05-2009', + 'double_double' => '17-12-1990', + // Currently fails + //'zero_year' => '01-01-0000', + 'month_high' => '17-17-1990', + 'month_low' => '01-00-1990', + 'day_high' => '64-01-1990', + 'day_low' => '00-12-1990', + ), + array( + 'empty' => array('date'), + 'empty_opt' => array('date', true), + 'double_single' => array('date'), + 'single_single' => array('date'), + 'double_double' => array('date'), + // Currently fails + //'zero_year' => array('date'), + 'month_high' => array('date'), + 'month_low' => array('date'), + 'day_high' => array('date'), + 'day_low' => array('date'), + ), + array( + 'empty' => array('INVALID'), + 'empty_opt' => array(), + 'double_single' => array(), + 'single_single' => array(), + 'double_double' => array(), + // Currently fails + //'zero_year' => array(), + 'month_high' => array('INVALID'), + 'month_low' => array('INVALID'), + 'day_high' => array('INVALID'), + 'day_low' => array('INVALID'), + )); + } + + /* + * Types to test + * - match + * . empty + optional = true --> good + * . empty + empty match --> good + * . 'test' + optional = true|false + match = '/[a-z]/' --> good + * . 'test123' + optional = true|false + match = '/[a-z]/' --> WRONG_DATA_MATCH + */ + public function test_validate_match() + { + $this->validate_data_check(array( + 'empty_opt' => '', + 'empty_empty_match' => '', + 'foobar' => 'foobar', + 'foobar_fail' => 'foobar123', + ), + array( + 'empty_opt' => array('match', true, '/[a-z]$/'), + 'empty_empty_match' => array('match'), + 'foobar' => array('match', false, '/[a-z]$/'), + 'foobar_fail' => array('match', false, '/[a-z]$/'), + ), + array( + 'empty_opt' => array(), + 'empty_empty_match' => array(), + 'foobar' => array(), + 'foobar_fail' => array('WRONG_DATA'), + )); + } + + /* + * Types to test + * - language_iso_name + * . empty --> WRONG_DATA + * . 'en' --> good + * . 'cs' --> good + * . 'de' --> WRONG_DATA (won't exist) + */ + public function test_validate_lang_iso() + { + global $db; + + $db = $this->new_dbal(); + + $this->validate_data_check(array( + 'empty' => '', + 'en' => 'en', + 'cs' => 'cs', + 'de' => 'de', + ), + array( + 'empty' => array('language_iso_name'), + 'en' => array('language_iso_name'), + 'cs' => array('language_iso_name'), + 'de' => array('language_iso_name'), + ), + array( + 'empty' => array('WRONG_DATA'), + 'en' => array(), + 'cs' => array(), + 'de' => array('WRONG_DATA'), + )); + } +} From 3f657bc63e6649da43d860be1848116c42214a65 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Thu, 30 May 2013 16:05:19 +0200 Subject: [PATCH 018/157] [ticket/11579] Add remaining unit tests for validate_data functions This now includes tests for usernames, passwords, emails, and jabber addresses. A few small changes had to be applied to phpbb_mock_cache and phpbb_mock_user in order to incorporate needed methods. PHPBB3-11579 --- tests/functions/fixtures/validate_data.xml | 59 ++++ tests/functions/validate_data_test.php | 350 +++++++++++++++++---- tests/mock/cache.php | 15 + tests/mock/user.php | 13 + 4 files changed, 375 insertions(+), 62 deletions(-) create mode 100644 tests/functions/fixtures/validate_data.xml diff --git a/tests/functions/fixtures/validate_data.xml b/tests/functions/fixtures/validate_data.xml new file mode 100644 index 0000000000..38ecae6ad2 --- /dev/null +++ b/tests/functions/fixtures/validate_data.xml @@ -0,0 +1,59 @@ + + + + group_name + group_desc + + foobar_group + test123 + +
      + + lang_id + lang_iso + lang_local_name + lang_english_name + + 1 + en + English + English + + + 2 + cs + Čeština + Czech + +
      + + user_id + username + username_clean + user_permissions + user_sig + user_occ + user_interests + user_email_hash + + 1 + admin + admin + + + + + 143317126117 + + + 2 + moderator + moderator + + + + + 0 + +
      +       diff --git a/tests/functions/validate_data_test.php b/tests/functions/validate_data_test.php index 6a429a5529..ed91f782ba 100644 --- a/tests/functions/validate_data_test.php +++ b/tests/functions/validate_data_test.php @@ -7,23 +7,30 @@ * */ +require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php'; require_once dirname(__FILE__) . '/../../phpBB/includes/functions_user.php'; require_once dirname(__FILE__) . '/../../phpBB/includes/utf/utf_tools.php'; +require_once dirname(__FILE__) . '/../mock/cache.php'; +require_once dirname(__FILE__) . '/../mock/user.php'; class phpbb_functions_validate_data_test extends phpbb_database_test_case { - /* - * Types to test - * - username - * . - * - password - * - email - * - jabber - */ + protected $db; + protected $cache; + protected $user; public function getDataSet() { - return $this->createXMLDataSet(dirname(__FILE__) . '/fixtures/language_select.xml'); + return $this->createXMLDataSet(dirname(__FILE__) . '/fixtures/validate_data.xml'); + } + + protected function setUp() + { + parent::setUp(); + + $this->db = $this->new_dbal(); + $this->cache = new phpbb_mock_cache; + $this->user = new phpbb_mock_user; } /** @@ -42,22 +49,15 @@ class phpbb_functions_validate_data_test extends phpbb_database_test_case { foreach ($input as $key => $data) { - $this->assertEquals($expected[$key], validate_data(array($data), array($validate_check[$key]))); + $test = validate_data(array($data), array($validate_check[$key])); + if ($test != $expected[$key]) + { + var_dump($key, $data, $test, $expected[$key]); + } + $this->assertEquals($expected[$key], $test); } } - /* - * Types to test - * - string: - * empty + optional = true --> good - * empty + optional = false --> good (min = 0) - * 'foobar' --> good - * 'foobar' + optional = false|true + min = 2 + max = 6 --> good - * 'foobar' + " + min = 7 + max = 9 --> TOO_SHORT - * 'foobar' + " + min = 2 + max = 5 --> TOO_LONG - * '' + optional = false + min = 1 + max = 6 --> TOO_SHORT - * '' + optional = true + min = 1 + max = 6 --> good - */ public function test_validate_string() { $this->validate_data_check(array( @@ -92,16 +92,6 @@ class phpbb_functions_validate_data_test extends phpbb_database_test_case )); } - /* - * Types to test - * - num - * empty + optional = true|false --> good - * 0 --> good - * 5 + optional = false|true + min = 2 + max = 6 --> good - * 5 + optional = false|true + min = 7 + max = 10 --> TOO_SMALL - * 5 + optional = false|true + min = 2 + max = 3 --> TOO_LARGE - * 'foobar' --> should fail with WRONG_DATA_NUMERIC !!! - */ public function test_validate_num() { $this->validate_data_check(array( @@ -130,19 +120,6 @@ class phpbb_functions_validate_data_test extends phpbb_database_test_case )); } - /* - * Types to test - * - date - * . '' --> invalid - * . '' + optional = true --> good - * . 17-06-1990 --> good - * . 05-05-1990 --> good - * . 17-12-1990 --> good - * . 01-01-0000 --> good!!! - * . 17-17-1990 --> invalid - * . 00-12-1990 --> invalid - * . 01-00-1990 --> invalid - */ public function test_validate_date() { $this->validate_data_check(array( @@ -186,14 +163,6 @@ class phpbb_functions_validate_data_test extends phpbb_database_test_case )); } - /* - * Types to test - * - match - * . empty + optional = true --> good - * . empty + empty match --> good - * . 'test' + optional = true|false + match = '/[a-z]/' --> good - * . 'test123' + optional = true|false + match = '/[a-z]/' --> WRONG_DATA_MATCH - */ public function test_validate_match() { $this->validate_data_check(array( @@ -216,19 +185,11 @@ class phpbb_functions_validate_data_test extends phpbb_database_test_case )); } - /* - * Types to test - * - language_iso_name - * . empty --> WRONG_DATA - * . 'en' --> good - * . 'cs' --> good - * . 'de' --> WRONG_DATA (won't exist) - */ public function test_validate_lang_iso() { global $db; - $db = $this->new_dbal(); + $db = $this->db; $this->validate_data_check(array( 'empty' => '', @@ -249,4 +210,269 @@ class phpbb_functions_validate_data_test extends phpbb_database_test_case 'de' => array('WRONG_DATA'), )); } + + public function validate_username_data() + { + return array( + array('USERNAME_CHARS_ANY', array( + 'foobar_allow' => array(), + 'foobar_ascii' => array(), + 'foobar_any' => array(), + 'foobar_alpha' => array(), + 'foobar_alpha_spacers' => array(), + 'foobar_letter_num' => array(), + 'foobar_letter_num_sp' => array(), + 'foobar_quot' => array('INVALID_CHARS'), + 'barfoo_disallow' => array('USERNAME_DISALLOWED'), + 'admin_taken' => array('USERNAME_TAKEN'), + 'group_taken' => array('USERNAME_TAKEN') + )), + array('USERNAME_ALPHA_ONLY', array( + 'foobar_allow' => array(), + 'foobar_ascii' => array(), + 'foobar_any' => array('INVALID_CHARS'), + 'foobar_alpha' => array(), + 'foobar_alpha_spacers' => array('INVALID_CHARS'), + 'foobar_letter_num' => array(), + 'foobar_letter_num_sp' => array('INVALID_CHARS'), + 'foobar_quot' => array('INVALID_CHARS'), + 'barfoo_disallow' => array('USERNAME_DISALLOWED'), + 'admin_taken' => array('USERNAME_TAKEN'), + 'group_taken' => array('INVALID_CHARS') + )), + array('USERNAME_ALPHA_SPACERS', array( + 'foobar_allow' => array(), + 'foobar_ascii' => array(), + 'foobar_any' => array('INVALID_CHARS'), + 'foobar_alpha' => array(), + 'foobar_alpha_spacers' => array(), + 'foobar_letter_num' => array(), + 'foobar_letter_num_sp' => array('INVALID_CHARS'), + 'foobar_quot' => array('INVALID_CHARS'), + 'barfoo_disallow' => array('USERNAME_DISALLOWED'), + 'admin_taken' => array('USERNAME_TAKEN'), + 'group_taken' => array('USERNAME_TAKEN') + )), + array('USERNAME_LETTER_NUM', array( + 'foobar_allow' => array(), + 'foobar_ascii' => array(), + 'foobar_any' => array('INVALID_CHARS'), + 'foobar_alpha' => array(), + 'foobar_alpha_spacers' => array('INVALID_CHARS'), + 'foobar_letter_num' => array(), + 'foobar_letter_num_sp' => array('INVALID_CHARS'), + 'foobar_quot' => array('INVALID_CHARS'), + 'barfoo_disallow' => array('USERNAME_DISALLOWED'), + 'admin_taken' => array('USERNAME_TAKEN'), + 'group_taken' => array('INVALID_CHARS') + )), + array('USERNAME_LETTER_NUM_SPACERS', array( + 'foobar_allow' => array(), + 'foobar_ascii' => array(), + 'foobar_any' => array('INVALID_CHARS'), + 'foobar_alpha' => array(), + 'foobar_alpha_spacers' => array(), + 'foobar_letter_num' => array(), + 'foobar_letter_num_sp' => array(), + 'foobar_quot' => array('INVALID_CHARS'), + 'barfoo_disallow' => array('USERNAME_DISALLOWED'), + 'admin_taken' => array('USERNAME_TAKEN'), + 'group_taken' => array('USERNAME_TAKEN') + )), + array('USERNAME_ASCII', array( + 'foobar_allow' => array(), + 'foobar_ascii' => array(), + 'foobar_any' => array(), + 'foobar_alpha' => array(), + 'foobar_alpha_spacers' => array(), + 'foobar_letter_num' => array(), + 'foobar_letter_num_sp' => array('INVALID_CHARS'), + 'foobar_quot' => array('INVALID_CHARS'), + 'barfoo_disallow' => array('USERNAME_DISALLOWED'), + 'admin_taken' => array('USERNAME_TAKEN'), + 'group_taken' => array('USERNAME_TAKEN') + )), + ); + } + + /** + * @dataProvider validate_username_data + */ + public function test_validate_username($allow_name_chars, $expected) + { + global $cache, $config, $db; + + $db = $this->db; + $cache = $this->cache; + $cache->put('_disallowed_usernames', array('barfoo')); + + $config['allow_name_chars'] = $allow_name_chars; + + $this->validate_data_check(array( + 'foobar_allow' => 'foobar', + 'foobar_ascii' => 'foobar', + 'foobar_any' => 'f*~*^=oo_bar1', + 'foobar_alpha' => 'fo0Bar', + 'foobar_alpha_spacers' => 'Fo0-[B]_a+ R', + 'foobar_letter_num' => 'fo0Bar0', + 'foobar_letter_num_sp' => 'Fö0-[B]_a+ R', + 'foobar_quot' => '"foobar"', + 'barfoo_disallow' => 'barfoo', + 'admin_taken' => 'admin', + 'group_taken' => 'foobar_group', + ), + array( + 'foobar_allow' => array('username', 'foobar'), + 'foobar_ascii' => array('username'), + 'foobar_any' => array('username'), + 'foobar_alpha' => array('username'), + 'foobar_alpha_spacers' => array('username'), + 'foobar_letter_num' => array('username'), + 'foobar_letter_num_sp' => array('username'), + 'foobar_quot' => array('username'), + 'barfoo_disallow' => array('username'), + 'admin_taken' => array('username'), + 'group_taken' => array('username'), + ), + $expected); + } + + public function validate_password_data() + { + return array( + array('PASS_TYPE_ANY', array( + 'empty' => array(), + 'foobar_any' => array(), + 'foobar_mixed' => array(), + 'foobar_alpha' => array(), + 'foobar_symbol' => array(), + )), + array('PASS_TYPE_CASE', array( + 'empty' => array(), + 'foobar_any' => array('INVALID_CHARS'), + 'foobar_mixed' => array(), + 'foobar_alpha' => array(), + 'foobar_symbol' => array(), + )), + array('PASS_TYPE_ALPHA', array( + 'empty' => array(), + 'foobar_any' => array('INVALID_CHARS'), + 'foobar_mixed' => array('INVALID_CHARS'), + 'foobar_alpha' => array(), + 'foobar_symbol' => array(), + )), + array('PASS_TYPE_SYMBOL', array( + 'empty' => array(), + 'foobar_any' => array('INVALID_CHARS'), + 'foobar_mixed' => array('INVALID_CHARS'), + 'foobar_alpha' => array('INVALID_CHARS'), + 'foobar_symbol' => array(), + )), + ); + } + + /** + * @dataProvider validate_password_data + */ + public function test_validate_password($pass_complexity, $expected) + { + global $config; + + // Set complexity to mixed case letters, numbers and symbols + $config['pass_complex'] = $pass_complexity; + + $this->validate_data_check(array( + 'empty' => '', + 'foobar_any' => 'foobar', + 'foobar_mixed' => 'FooBar', + 'foobar_alpha' => 'F00bar', + 'foobar_symbol' => 'fooBar123*', + ), + array( + 'empty' => array('password'), + 'foobar_any' => array('password'), + 'foobar_mixed' => array('password'), + 'foobar_alpha' => array('password'), + 'foobar_symbol' => array('password'), + ), + $expected); + } + + public function test_validate_email() + { + global $config, $db, $user; + + $config['email_check_mx'] = true; + $db = $this->db; + $user = $this->user; + $user->optionset('banned_users', array('banned@example.com')); + + $this->validate_data_check(array( + 'empty' => '', + 'allowed' => 'foobar@example.com', + 'invalid' => 'fööbar@example.com', + 'valid_complex' => "'%$~test@example.com", + 'taken' => 'admin@example.com', + 'banned' => 'banned@example.com', + 'no_mx' => 'test@wwrrrhhghgghgh.ttv', + ), + array( + 'empty' => array('email'), + 'allowed' => array('email', 'foobar@example.com'), + 'invalid' => array('email'), + 'valid_complex' => array('email'), + 'taken' => array('email'), + 'banned' => array('email'), + 'no_mx' => array('email'), + ), + array( + 'empty' => array(), + 'allowed' => array(), + 'invalid' => array('EMAIL_INVALID'), + 'valid_complex' => array(), + 'taken' => array('EMAIL_TAKEN'), + 'banned' => array('EMAIL_BANNED'), + 'no_mx' => array('DOMAIN_NO_MX_RECORD'), + )); + } + + public function test_validate_jabber() + { + $this->validate_data_check(array( + 'empty' => '', + 'no_seperator' => 'testjabber.ccc', + 'no_user' => '@jabber.ccc', + 'no_realm' => 'user@', + 'dot_realm' => 'user@.....', + '-realm' => 'user@-jabber.ccc', + 'realm-' => 'user@jabber.ccc-', + 'correct' => 'user@jabber.09A-z.org', + 'prohibited' => 'u@ser@jabber.ccc.org', + 'prohibited_char' => 'uer@jabber.ccc.org', + ), + array( + 'empty' => array('jabber'), + 'no_seperator' => array('jabber'), + 'no_user' => array('jabber'), + 'no_realm' => array('jabber'), + 'dot_realm' => array('jabber'), + '-realm' => array('jabber'), + 'realm-' => array('jabber'), + 'correct' => array('jabber'), + 'prohibited' => array('jabber'), + 'prohibited_char' => array('jabber'), + ), + array( + 'empty' => array(), + 'no_seperator' => array('WRONG_DATA'), + 'no_user' => array('WRONG_DATA'), + 'no_realm' => array('WRONG_DATA'), + 'dot_realm' => array('WRONG_DATA'), + '-realm' => array('WRONG_DATA'), + 'realm-' => array('WRONG_DATA'), + 'correct' => array(), + 'prohibited' => array('WRONG_DATA'), + 'prohibited_char' => array('WRONG_DATA'), + )); + } } diff --git a/tests/mock/cache.php b/tests/mock/cache.php index aa0db5ab20..acf4288319 100644 --- a/tests/mock/cache.php +++ b/tests/mock/cache.php @@ -74,6 +74,21 @@ class phpbb_mock_cache ); } + /** + * Obtain disallowed usernames. Input data via standard put method. + */ + public function obtain_disallowed_usernames() + { + if (($usernames = $this->get('_disallowed_usernames')) !== false) + { + return $usernames; + } + else + { + return array(); + } + } + public function set_bots($bots) { $this->data['_bots'] = $bots; diff --git a/tests/mock/user.php b/tests/mock/user.php index ec14ce430e..bd547b3973 100644 --- a/tests/mock/user.php +++ b/tests/mock/user.php @@ -33,4 +33,17 @@ class phpbb_mock_user { $this->options[$item] = $value; } + + public function check_ban($user_id = false, $user_ips = false, $user_email = false, $return = false) + { + $banned_users = $this->optionget('banned_users'); + foreach ($banned_users as $banned) + { + if ($banned == $user_id || $banned == $user_ips || $banned == $user_email) + { + return true; + } + } + return false; + } } From 6d5da402ecfe686a918608875eda8d0d817d4c07 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Thu, 30 May 2013 16:09:06 +0200 Subject: [PATCH 019/157] [ticket/11579] Remove unnecessary globals from validate_password() The globals $db and $user are not used in that function. PHPBB3-11579 --- phpBB/includes/functions_user.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 2b26c6787c..ea8b0a4640 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -1554,7 +1554,7 @@ function validate_username($username, $allowed_username = false) */ function validate_password($password) { - global $config, $db, $user; + global $config; if ($password === '' || $config['pass_complex'] === 'PASS_TYPE_ANY') { From 33a0859f4ac3454c12dda651f708e16fc6c45adb Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Thu, 30 May 2013 20:34:21 +0200 Subject: [PATCH 020/157] [ticket/11579] Move tests into seperate files depending on needed fixture PHPBB3-11579 --- tests/functions/common_validate_data.php | 31 ++ tests/functions/fixtures/validate_email.xml | 23 + ...alidate_data.xml => validate_username.xml} | 21 - tests/functions/validate_data_simple_test.php | 252 +++++++++ tests/functions/validate_data_test.php | 478 ------------------ tests/functions/validate_email_test.php | 72 +++ tests/functions/validate_lang_iso_test.php | 56 ++ tests/functions/validate_username_test.php | 160 ++++++ 8 files changed, 594 insertions(+), 499 deletions(-) create mode 100644 tests/functions/common_validate_data.php create mode 100644 tests/functions/fixtures/validate_email.xml rename tests/functions/fixtures/{validate_data.xml => validate_username.xml} (63%) create mode 100644 tests/functions/validate_data_simple_test.php delete mode 100644 tests/functions/validate_data_test.php create mode 100644 tests/functions/validate_email_test.php create mode 100644 tests/functions/validate_lang_iso_test.php create mode 100644 tests/functions/validate_username_test.php diff --git a/tests/functions/common_validate_data.php b/tests/functions/common_validate_data.php new file mode 100644 index 0000000000..64c9499ac3 --- /dev/null +++ b/tests/functions/common_validate_data.php @@ -0,0 +1,31 @@ + array('string')) + * @param array $expected Array containing the expected results. Either + * an array containing the error message or the an empty + * array if input is correct + */ + public function validate_data_check($input, $validate_check, $expected) + { + foreach ($input as $key => $data) + { + $this->assertEquals($expected[$key], validate_data(array($data), array($validate_check[$key]))); + } + } +} diff --git a/tests/functions/fixtures/validate_email.xml b/tests/functions/fixtures/validate_email.xml new file mode 100644 index 0000000000..de7fce8a08 --- /dev/null +++ b/tests/functions/fixtures/validate_email.xml @@ -0,0 +1,23 @@ + + + + user_id + username + username_clean + user_permissions + user_sig + user_occ + user_interests + user_email_hash + + 1 + admin + admin + + + + + 143317126117 + +
      +       diff --git a/tests/functions/fixtures/validate_data.xml b/tests/functions/fixtures/validate_username.xml similarity index 63% rename from tests/functions/fixtures/validate_data.xml rename to tests/functions/fixtures/validate_username.xml index 38ecae6ad2..fbe398469c 100644 --- a/tests/functions/fixtures/validate_data.xml +++ b/tests/functions/fixtures/validate_username.xml @@ -8,24 +8,6 @@ test123 - - lang_id - lang_iso - lang_local_name - lang_english_name - - 1 - en - English - English - - - 2 - cs - Čeština - Czech - -
      user_idusername @@ -34,7 +16,6 @@ user_siguser_occuser_interests - user_email_hash 1 admin @@ -43,7 +24,6 @@ - 143317126117 2 @@ -53,7 +33,6 @@ - 0
      diff --git a/tests/functions/validate_data_simple_test.php b/tests/functions/validate_data_simple_test.php new file mode 100644 index 0000000000..002b1f2298 --- /dev/null +++ b/tests/functions/validate_data_simple_test.php @@ -0,0 +1,252 @@ +common = new phpbb_functions_common_validate_data; + } + + public function test_validate_string() + { + $this->common->validate_data_check(array( + 'empty_opt' => '', + 'empty' => '', + 'foo' => 'foobar', + 'foo_minmax_correct' => 'foobar', + 'foo_minmax_short' => 'foobar', + 'foo_minmax_long' => 'foobar', + 'empty_short' => '', + 'empty_length_opt' => '', + ), + array( + 'empty_opt' => array('string', true), + 'empty' => array('string'), + 'foo' => array('string'), + 'foo_minmax_correct' => array('string', false, 2, 6), + 'foo_minmax_short' => array('string', false, 7, 9), + 'foo_minmax_long' => array('string', false, 2, 5), + 'empty_short' => array('string', false, 1, 6), + 'empty_length_opt' => array('string', true, 1, 6), + ), + array( + 'empty_opt' => array(), + 'empty' => array(), + 'foo' => array(), + 'foo_minmax_correct' => array(), + 'foo_minmax_short' => array('TOO_SHORT'), + 'foo_minmax_long' => array('TOO_LONG'), + 'empty_short' => array('TOO_SHORT'), + 'empty_length_opt' => array(), + )); + } + + public function test_validate_num() + { + $this->common->validate_data_check(array( + 'empty' => '', + 'zero' => 0, + 'five_minmax_correct' => 5, + 'five_minmax_short' => 5, + 'five_minmax_long' => 5, + 'string' => 'foobar', + ), + array( + 'empty' => array('num'), + 'zero' => array('num'), + 'five_minmax_correct' => array('num', false, 2, 6), + 'five_minmax_short' => array('num', false, 7, 10), + 'five_minmax_long' => array('num', false, 2, 3), + 'string' => array('num'), + ), + array( + 'empty' => array(), + 'zero' => array(), + 'five_minmax_correct' => array(), + 'five_minmax_short' => array('TOO_SMALL'), + 'five_minmax_long' => array('TOO_LARGE'), + 'string' => array(), + )); + } + + public function test_validate_date() + { + $this->common->validate_data_check(array( + 'empty' => '', + 'empty_opt' => '', + 'double_single' => '17-06-1990', + 'single_single' => '05-05-2009', + 'double_double' => '17-12-1990', + // Currently fails + //'zero_year' => '01-01-0000', + 'month_high' => '17-17-1990', + 'month_low' => '01-00-1990', + 'day_high' => '64-01-1990', + 'day_low' => '00-12-1990', + ), + array( + 'empty' => array('date'), + 'empty_opt' => array('date', true), + 'double_single' => array('date'), + 'single_single' => array('date'), + 'double_double' => array('date'), + // Currently fails + //'zero_year' => array('date'), + 'month_high' => array('date'), + 'month_low' => array('date'), + 'day_high' => array('date'), + 'day_low' => array('date'), + ), + array( + 'empty' => array('INVALID'), + 'empty_opt' => array(), + 'double_single' => array(), + 'single_single' => array(), + 'double_double' => array(), + // Currently fails + //'zero_year' => array(), + 'month_high' => array('INVALID'), + 'month_low' => array('INVALID'), + 'day_high' => array('INVALID'), + 'day_low' => array('INVALID'), + )); + } + + public function test_validate_match() + { + $this->common->validate_data_check(array( + 'empty_opt' => '', + 'empty_empty_match' => '', + 'foobar' => 'foobar', + 'foobar_fail' => 'foobar123', + ), + array( + 'empty_opt' => array('match', true, '/[a-z]$/'), + 'empty_empty_match' => array('match'), + 'foobar' => array('match', false, '/[a-z]$/'), + 'foobar_fail' => array('match', false, '/[a-z]$/'), + ), + array( + 'empty_opt' => array(), + 'empty_empty_match' => array(), + 'foobar' => array(), + 'foobar_fail' => array('WRONG_DATA'), + )); + } + + public function validate_password_data() + { + return array( + array('PASS_TYPE_ANY', array( + 'empty' => array(), + 'foobar_any' => array(), + 'foobar_mixed' => array(), + 'foobar_alpha' => array(), + 'foobar_symbol' => array(), + )), + array('PASS_TYPE_CASE', array( + 'empty' => array(), + 'foobar_any' => array('INVALID_CHARS'), + 'foobar_mixed' => array(), + 'foobar_alpha' => array(), + 'foobar_symbol' => array(), + )), + array('PASS_TYPE_ALPHA', array( + 'empty' => array(), + 'foobar_any' => array('INVALID_CHARS'), + 'foobar_mixed' => array('INVALID_CHARS'), + 'foobar_alpha' => array(), + 'foobar_symbol' => array(), + )), + array('PASS_TYPE_SYMBOL', array( + 'empty' => array(), + 'foobar_any' => array('INVALID_CHARS'), + 'foobar_mixed' => array('INVALID_CHARS'), + 'foobar_alpha' => array('INVALID_CHARS'), + 'foobar_symbol' => array(), + )), + ); + } + + /** + * @dataProvider validate_password_data + */ + public function test_validate_password($pass_complexity, $expected) + { + global $config; + + // Set complexity to mixed case letters, numbers and symbols + $config['pass_complex'] = $pass_complexity; + + $this->common->validate_data_check(array( + 'empty' => '', + 'foobar_any' => 'foobar', + 'foobar_mixed' => 'FooBar', + 'foobar_alpha' => 'F00bar', + 'foobar_symbol' => 'fooBar123*', + ), + array( + 'empty' => array('password'), + 'foobar_any' => array('password'), + 'foobar_mixed' => array('password'), + 'foobar_alpha' => array('password'), + 'foobar_symbol' => array('password'), + ), + $expected); + } + + public function test_validate_jabber() + { + $this->common->validate_data_check(array( + 'empty' => '', + 'no_seperator' => 'testjabber.ccc', + 'no_user' => '@jabber.ccc', + 'no_realm' => 'user@', + 'dot_realm' => 'user@.....', + '-realm' => 'user@-jabber.ccc', + 'realm-' => 'user@jabber.ccc-', + 'correct' => 'user@jabber.09A-z.org', + 'prohibited' => 'u@ser@jabber.ccc.org', + 'prohibited_char' => 'uer@jabber.ccc.org', + ), + array( + 'empty' => array('jabber'), + 'no_seperator' => array('jabber'), + 'no_user' => array('jabber'), + 'no_realm' => array('jabber'), + 'dot_realm' => array('jabber'), + '-realm' => array('jabber'), + 'realm-' => array('jabber'), + 'correct' => array('jabber'), + 'prohibited' => array('jabber'), + 'prohibited_char' => array('jabber'), + ), + array( + 'empty' => array(), + 'no_seperator' => array('WRONG_DATA'), + 'no_user' => array('WRONG_DATA'), + 'no_realm' => array('WRONG_DATA'), + 'dot_realm' => array('WRONG_DATA'), + '-realm' => array('WRONG_DATA'), + 'realm-' => array('WRONG_DATA'), + 'correct' => array(), + 'prohibited' => array('WRONG_DATA'), + 'prohibited_char' => array('WRONG_DATA'), + )); + } +} diff --git a/tests/functions/validate_data_test.php b/tests/functions/validate_data_test.php deleted file mode 100644 index ed91f782ba..0000000000 --- a/tests/functions/validate_data_test.php +++ /dev/null @@ -1,478 +0,0 @@ -createXMLDataSet(dirname(__FILE__) . '/fixtures/validate_data.xml'); - } - - protected function setUp() - { - parent::setUp(); - - $this->db = $this->new_dbal(); - $this->cache = new phpbb_mock_cache; - $this->user = new phpbb_mock_user; - } - - /** - * Test provided input data with supplied checks and compare to expected - * results - * - * @param array $input Input data with specific array keys that need to - * be matched by the ones in the other 2 params - * @param array $validate_check Array containing validate_data check - * settings, i.e. array('foobar' => array('string')) - * @param array $expected Array containing the expected results. Either - * an array containing the error message or the an empty - * array if input is correct - */ - public function validate_data_check($input, $validate_check, $expected) - { - foreach ($input as $key => $data) - { - $test = validate_data(array($data), array($validate_check[$key])); - if ($test != $expected[$key]) - { - var_dump($key, $data, $test, $expected[$key]); - } - $this->assertEquals($expected[$key], $test); - } - } - - public function test_validate_string() - { - $this->validate_data_check(array( - 'empty_opt' => '', - 'empty' => '', - 'foo' => 'foobar', - 'foo_minmax_correct' => 'foobar', - 'foo_minmax_short' => 'foobar', - 'foo_minmax_long' => 'foobar', - 'empty_short' => '', - 'empty_length_opt' => '', - ), - array( - 'empty_opt' => array('string', true), - 'empty' => array('string'), - 'foo' => array('string'), - 'foo_minmax_correct' => array('string', false, 2, 6), - 'foo_minmax_short' => array('string', false, 7, 9), - 'foo_minmax_long' => array('string', false, 2, 5), - 'empty_short' => array('string', false, 1, 6), - 'empty_length_opt' => array('string', true, 1, 6), - ), - array( - 'empty_opt' => array(), - 'empty' => array(), - 'foo' => array(), - 'foo_minmax_correct' => array(), - 'foo_minmax_short' => array('TOO_SHORT'), - 'foo_minmax_long' => array('TOO_LONG'), - 'empty_short' => array('TOO_SHORT'), - 'empty_length_opt' => array(), - )); - } - - public function test_validate_num() - { - $this->validate_data_check(array( - 'empty' => '', - 'zero' => 0, - 'five_minmax_correct' => 5, - 'five_minmax_short' => 5, - 'five_minmax_long' => 5, - 'string' => 'foobar', - ), - array( - 'empty' => array('num'), - 'zero' => array('num'), - 'five_minmax_correct' => array('num', false, 2, 6), - 'five_minmax_short' => array('num', false, 7, 10), - 'five_minmax_long' => array('num', false, 2, 3), - 'string' => array('num'), - ), - array( - 'empty' => array(), - 'zero' => array(), - 'five_minmax_correct' => array(), - 'five_minmax_short' => array('TOO_SMALL'), - 'five_minmax_long' => array('TOO_LARGE'), - 'string' => array(), - )); - } - - public function test_validate_date() - { - $this->validate_data_check(array( - 'empty' => '', - 'empty_opt' => '', - 'double_single' => '17-06-1990', - 'single_single' => '05-05-2009', - 'double_double' => '17-12-1990', - // Currently fails - //'zero_year' => '01-01-0000', - 'month_high' => '17-17-1990', - 'month_low' => '01-00-1990', - 'day_high' => '64-01-1990', - 'day_low' => '00-12-1990', - ), - array( - 'empty' => array('date'), - 'empty_opt' => array('date', true), - 'double_single' => array('date'), - 'single_single' => array('date'), - 'double_double' => array('date'), - // Currently fails - //'zero_year' => array('date'), - 'month_high' => array('date'), - 'month_low' => array('date'), - 'day_high' => array('date'), - 'day_low' => array('date'), - ), - array( - 'empty' => array('INVALID'), - 'empty_opt' => array(), - 'double_single' => array(), - 'single_single' => array(), - 'double_double' => array(), - // Currently fails - //'zero_year' => array(), - 'month_high' => array('INVALID'), - 'month_low' => array('INVALID'), - 'day_high' => array('INVALID'), - 'day_low' => array('INVALID'), - )); - } - - public function test_validate_match() - { - $this->validate_data_check(array( - 'empty_opt' => '', - 'empty_empty_match' => '', - 'foobar' => 'foobar', - 'foobar_fail' => 'foobar123', - ), - array( - 'empty_opt' => array('match', true, '/[a-z]$/'), - 'empty_empty_match' => array('match'), - 'foobar' => array('match', false, '/[a-z]$/'), - 'foobar_fail' => array('match', false, '/[a-z]$/'), - ), - array( - 'empty_opt' => array(), - 'empty_empty_match' => array(), - 'foobar' => array(), - 'foobar_fail' => array('WRONG_DATA'), - )); - } - - public function test_validate_lang_iso() - { - global $db; - - $db = $this->db; - - $this->validate_data_check(array( - 'empty' => '', - 'en' => 'en', - 'cs' => 'cs', - 'de' => 'de', - ), - array( - 'empty' => array('language_iso_name'), - 'en' => array('language_iso_name'), - 'cs' => array('language_iso_name'), - 'de' => array('language_iso_name'), - ), - array( - 'empty' => array('WRONG_DATA'), - 'en' => array(), - 'cs' => array(), - 'de' => array('WRONG_DATA'), - )); - } - - public function validate_username_data() - { - return array( - array('USERNAME_CHARS_ANY', array( - 'foobar_allow' => array(), - 'foobar_ascii' => array(), - 'foobar_any' => array(), - 'foobar_alpha' => array(), - 'foobar_alpha_spacers' => array(), - 'foobar_letter_num' => array(), - 'foobar_letter_num_sp' => array(), - 'foobar_quot' => array('INVALID_CHARS'), - 'barfoo_disallow' => array('USERNAME_DISALLOWED'), - 'admin_taken' => array('USERNAME_TAKEN'), - 'group_taken' => array('USERNAME_TAKEN') - )), - array('USERNAME_ALPHA_ONLY', array( - 'foobar_allow' => array(), - 'foobar_ascii' => array(), - 'foobar_any' => array('INVALID_CHARS'), - 'foobar_alpha' => array(), - 'foobar_alpha_spacers' => array('INVALID_CHARS'), - 'foobar_letter_num' => array(), - 'foobar_letter_num_sp' => array('INVALID_CHARS'), - 'foobar_quot' => array('INVALID_CHARS'), - 'barfoo_disallow' => array('USERNAME_DISALLOWED'), - 'admin_taken' => array('USERNAME_TAKEN'), - 'group_taken' => array('INVALID_CHARS') - )), - array('USERNAME_ALPHA_SPACERS', array( - 'foobar_allow' => array(), - 'foobar_ascii' => array(), - 'foobar_any' => array('INVALID_CHARS'), - 'foobar_alpha' => array(), - 'foobar_alpha_spacers' => array(), - 'foobar_letter_num' => array(), - 'foobar_letter_num_sp' => array('INVALID_CHARS'), - 'foobar_quot' => array('INVALID_CHARS'), - 'barfoo_disallow' => array('USERNAME_DISALLOWED'), - 'admin_taken' => array('USERNAME_TAKEN'), - 'group_taken' => array('USERNAME_TAKEN') - )), - array('USERNAME_LETTER_NUM', array( - 'foobar_allow' => array(), - 'foobar_ascii' => array(), - 'foobar_any' => array('INVALID_CHARS'), - 'foobar_alpha' => array(), - 'foobar_alpha_spacers' => array('INVALID_CHARS'), - 'foobar_letter_num' => array(), - 'foobar_letter_num_sp' => array('INVALID_CHARS'), - 'foobar_quot' => array('INVALID_CHARS'), - 'barfoo_disallow' => array('USERNAME_DISALLOWED'), - 'admin_taken' => array('USERNAME_TAKEN'), - 'group_taken' => array('INVALID_CHARS') - )), - array('USERNAME_LETTER_NUM_SPACERS', array( - 'foobar_allow' => array(), - 'foobar_ascii' => array(), - 'foobar_any' => array('INVALID_CHARS'), - 'foobar_alpha' => array(), - 'foobar_alpha_spacers' => array(), - 'foobar_letter_num' => array(), - 'foobar_letter_num_sp' => array(), - 'foobar_quot' => array('INVALID_CHARS'), - 'barfoo_disallow' => array('USERNAME_DISALLOWED'), - 'admin_taken' => array('USERNAME_TAKEN'), - 'group_taken' => array('USERNAME_TAKEN') - )), - array('USERNAME_ASCII', array( - 'foobar_allow' => array(), - 'foobar_ascii' => array(), - 'foobar_any' => array(), - 'foobar_alpha' => array(), - 'foobar_alpha_spacers' => array(), - 'foobar_letter_num' => array(), - 'foobar_letter_num_sp' => array('INVALID_CHARS'), - 'foobar_quot' => array('INVALID_CHARS'), - 'barfoo_disallow' => array('USERNAME_DISALLOWED'), - 'admin_taken' => array('USERNAME_TAKEN'), - 'group_taken' => array('USERNAME_TAKEN') - )), - ); - } - - /** - * @dataProvider validate_username_data - */ - public function test_validate_username($allow_name_chars, $expected) - { - global $cache, $config, $db; - - $db = $this->db; - $cache = $this->cache; - $cache->put('_disallowed_usernames', array('barfoo')); - - $config['allow_name_chars'] = $allow_name_chars; - - $this->validate_data_check(array( - 'foobar_allow' => 'foobar', - 'foobar_ascii' => 'foobar', - 'foobar_any' => 'f*~*^=oo_bar1', - 'foobar_alpha' => 'fo0Bar', - 'foobar_alpha_spacers' => 'Fo0-[B]_a+ R', - 'foobar_letter_num' => 'fo0Bar0', - 'foobar_letter_num_sp' => 'Fö0-[B]_a+ R', - 'foobar_quot' => '"foobar"', - 'barfoo_disallow' => 'barfoo', - 'admin_taken' => 'admin', - 'group_taken' => 'foobar_group', - ), - array( - 'foobar_allow' => array('username', 'foobar'), - 'foobar_ascii' => array('username'), - 'foobar_any' => array('username'), - 'foobar_alpha' => array('username'), - 'foobar_alpha_spacers' => array('username'), - 'foobar_letter_num' => array('username'), - 'foobar_letter_num_sp' => array('username'), - 'foobar_quot' => array('username'), - 'barfoo_disallow' => array('username'), - 'admin_taken' => array('username'), - 'group_taken' => array('username'), - ), - $expected); - } - - public function validate_password_data() - { - return array( - array('PASS_TYPE_ANY', array( - 'empty' => array(), - 'foobar_any' => array(), - 'foobar_mixed' => array(), - 'foobar_alpha' => array(), - 'foobar_symbol' => array(), - )), - array('PASS_TYPE_CASE', array( - 'empty' => array(), - 'foobar_any' => array('INVALID_CHARS'), - 'foobar_mixed' => array(), - 'foobar_alpha' => array(), - 'foobar_symbol' => array(), - )), - array('PASS_TYPE_ALPHA', array( - 'empty' => array(), - 'foobar_any' => array('INVALID_CHARS'), - 'foobar_mixed' => array('INVALID_CHARS'), - 'foobar_alpha' => array(), - 'foobar_symbol' => array(), - )), - array('PASS_TYPE_SYMBOL', array( - 'empty' => array(), - 'foobar_any' => array('INVALID_CHARS'), - 'foobar_mixed' => array('INVALID_CHARS'), - 'foobar_alpha' => array('INVALID_CHARS'), - 'foobar_symbol' => array(), - )), - ); - } - - /** - * @dataProvider validate_password_data - */ - public function test_validate_password($pass_complexity, $expected) - { - global $config; - - // Set complexity to mixed case letters, numbers and symbols - $config['pass_complex'] = $pass_complexity; - - $this->validate_data_check(array( - 'empty' => '', - 'foobar_any' => 'foobar', - 'foobar_mixed' => 'FooBar', - 'foobar_alpha' => 'F00bar', - 'foobar_symbol' => 'fooBar123*', - ), - array( - 'empty' => array('password'), - 'foobar_any' => array('password'), - 'foobar_mixed' => array('password'), - 'foobar_alpha' => array('password'), - 'foobar_symbol' => array('password'), - ), - $expected); - } - - public function test_validate_email() - { - global $config, $db, $user; - - $config['email_check_mx'] = true; - $db = $this->db; - $user = $this->user; - $user->optionset('banned_users', array('banned@example.com')); - - $this->validate_data_check(array( - 'empty' => '', - 'allowed' => 'foobar@example.com', - 'invalid' => 'fööbar@example.com', - 'valid_complex' => "'%$~test@example.com", - 'taken' => 'admin@example.com', - 'banned' => 'banned@example.com', - 'no_mx' => 'test@wwrrrhhghgghgh.ttv', - ), - array( - 'empty' => array('email'), - 'allowed' => array('email', 'foobar@example.com'), - 'invalid' => array('email'), - 'valid_complex' => array('email'), - 'taken' => array('email'), - 'banned' => array('email'), - 'no_mx' => array('email'), - ), - array( - 'empty' => array(), - 'allowed' => array(), - 'invalid' => array('EMAIL_INVALID'), - 'valid_complex' => array(), - 'taken' => array('EMAIL_TAKEN'), - 'banned' => array('EMAIL_BANNED'), - 'no_mx' => array('DOMAIN_NO_MX_RECORD'), - )); - } - - public function test_validate_jabber() - { - $this->validate_data_check(array( - 'empty' => '', - 'no_seperator' => 'testjabber.ccc', - 'no_user' => '@jabber.ccc', - 'no_realm' => 'user@', - 'dot_realm' => 'user@.....', - '-realm' => 'user@-jabber.ccc', - 'realm-' => 'user@jabber.ccc-', - 'correct' => 'user@jabber.09A-z.org', - 'prohibited' => 'u@ser@jabber.ccc.org', - 'prohibited_char' => 'uer@jabber.ccc.org', - ), - array( - 'empty' => array('jabber'), - 'no_seperator' => array('jabber'), - 'no_user' => array('jabber'), - 'no_realm' => array('jabber'), - 'dot_realm' => array('jabber'), - '-realm' => array('jabber'), - 'realm-' => array('jabber'), - 'correct' => array('jabber'), - 'prohibited' => array('jabber'), - 'prohibited_char' => array('jabber'), - ), - array( - 'empty' => array(), - 'no_seperator' => array('WRONG_DATA'), - 'no_user' => array('WRONG_DATA'), - 'no_realm' => array('WRONG_DATA'), - 'dot_realm' => array('WRONG_DATA'), - '-realm' => array('WRONG_DATA'), - 'realm-' => array('WRONG_DATA'), - 'correct' => array(), - 'prohibited' => array('WRONG_DATA'), - 'prohibited_char' => array('WRONG_DATA'), - )); - } -} diff --git a/tests/functions/validate_email_test.php b/tests/functions/validate_email_test.php new file mode 100644 index 0000000000..47aa37e11f --- /dev/null +++ b/tests/functions/validate_email_test.php @@ -0,0 +1,72 @@ +createXMLDataSet(dirname(__FILE__) . '/fixtures/validate_email.xml'); + } + + protected function setUp() + { + parent::setUp(); + + $this->db = $this->new_dbal(); + $this->user = new phpbb_mock_user; + $this->common = new phpbb_functions_common_validate_data; + } + + public function test_validate_email() + { + global $config, $db, $user; + + $config['email_check_mx'] = true; + $db = $this->db; + $user = $this->user; + $user->optionset('banned_users', array('banned@example.com')); + + $this->common->validate_data_check(array( + 'empty' => '', + 'allowed' => 'foobar@example.com', + 'invalid' => 'fööbar@example.com', + 'valid_complex' => "'%$~test@example.com", + 'taken' => 'admin@example.com', + 'banned' => 'banned@example.com', + 'no_mx' => 'test@wwrrrhhghgghgh.ttv', + ), + array( + 'empty' => array('email'), + 'allowed' => array('email', 'foobar@example.com'), + 'invalid' => array('email'), + 'valid_complex' => array('email'), + 'taken' => array('email'), + 'banned' => array('email'), + 'no_mx' => array('email'), + ), + array( + 'empty' => array(), + 'allowed' => array(), + 'invalid' => array('EMAIL_INVALID'), + 'valid_complex' => array(), + 'taken' => array('EMAIL_TAKEN'), + 'banned' => array('EMAIL_BANNED'), + 'no_mx' => array('DOMAIN_NO_MX_RECORD'), + )); + } +} diff --git a/tests/functions/validate_lang_iso_test.php b/tests/functions/validate_lang_iso_test.php new file mode 100644 index 0000000000..b8a1827432 --- /dev/null +++ b/tests/functions/validate_lang_iso_test.php @@ -0,0 +1,56 @@ +createXMLDataSet(dirname(__FILE__) . '/fixtures/language_select.xml'); + } + + protected function setUp() + { + parent::setUp(); + + $this->db = $this->new_dbal(); + $this->common = new phpbb_functions_common_validate_data; + } + + public function test_validate_lang_iso() + { + global $db; + + $db = $this->db; + + $this->common->validate_data_check(array( + 'empty' => '', + 'en' => 'en', + 'cs' => 'cs', + 'de' => 'de', + ), + array( + 'empty' => array('language_iso_name'), + 'en' => array('language_iso_name'), + 'cs' => array('language_iso_name'), + 'de' => array('language_iso_name'), + ), + array( + 'empty' => array('WRONG_DATA'), + 'en' => array(), + 'cs' => array(), + 'de' => array('WRONG_DATA'), + )); + } +} diff --git a/tests/functions/validate_username_test.php b/tests/functions/validate_username_test.php new file mode 100644 index 0000000000..656248cec3 --- /dev/null +++ b/tests/functions/validate_username_test.php @@ -0,0 +1,160 @@ +createXMLDataSet(dirname(__FILE__) . '/fixtures/validate_username.xml'); + } + + protected function setUp() + { + parent::setUp(); + + $this->db = $this->new_dbal(); + $this->cache = new phpbb_mock_cache; + $this->common = new phpbb_functions_common_validate_data; + } + + public function validate_username_data() + { + return array( + array('USERNAME_CHARS_ANY', array( + 'foobar_allow' => array(), + 'foobar_ascii' => array(), + 'foobar_any' => array(), + 'foobar_alpha' => array(), + 'foobar_alpha_spacers' => array(), + 'foobar_letter_num' => array(), + 'foobar_letter_num_sp' => array(), + 'foobar_quot' => array('INVALID_CHARS'), + 'barfoo_disallow' => array('USERNAME_DISALLOWED'), + 'admin_taken' => array('USERNAME_TAKEN'), + 'group_taken' => array('USERNAME_TAKEN') + )), + array('USERNAME_ALPHA_ONLY', array( + 'foobar_allow' => array(), + 'foobar_ascii' => array(), + 'foobar_any' => array('INVALID_CHARS'), + 'foobar_alpha' => array(), + 'foobar_alpha_spacers' => array('INVALID_CHARS'), + 'foobar_letter_num' => array(), + 'foobar_letter_num_sp' => array('INVALID_CHARS'), + 'foobar_quot' => array('INVALID_CHARS'), + 'barfoo_disallow' => array('USERNAME_DISALLOWED'), + 'admin_taken' => array('USERNAME_TAKEN'), + 'group_taken' => array('INVALID_CHARS') + )), + array('USERNAME_ALPHA_SPACERS', array( + 'foobar_allow' => array(), + 'foobar_ascii' => array(), + 'foobar_any' => array('INVALID_CHARS'), + 'foobar_alpha' => array(), + 'foobar_alpha_spacers' => array(), + 'foobar_letter_num' => array(), + 'foobar_letter_num_sp' => array('INVALID_CHARS'), + 'foobar_quot' => array('INVALID_CHARS'), + 'barfoo_disallow' => array('USERNAME_DISALLOWED'), + 'admin_taken' => array('USERNAME_TAKEN'), + 'group_taken' => array('USERNAME_TAKEN') + )), + array('USERNAME_LETTER_NUM', array( + 'foobar_allow' => array(), + 'foobar_ascii' => array(), + 'foobar_any' => array('INVALID_CHARS'), + 'foobar_alpha' => array(), + 'foobar_alpha_spacers' => array('INVALID_CHARS'), + 'foobar_letter_num' => array(), + 'foobar_letter_num_sp' => array('INVALID_CHARS'), + 'foobar_quot' => array('INVALID_CHARS'), + 'barfoo_disallow' => array('USERNAME_DISALLOWED'), + 'admin_taken' => array('USERNAME_TAKEN'), + 'group_taken' => array('INVALID_CHARS') + )), + array('USERNAME_LETTER_NUM_SPACERS', array( + 'foobar_allow' => array(), + 'foobar_ascii' => array(), + 'foobar_any' => array('INVALID_CHARS'), + 'foobar_alpha' => array(), + 'foobar_alpha_spacers' => array(), + 'foobar_letter_num' => array(), + 'foobar_letter_num_sp' => array(), + 'foobar_quot' => array('INVALID_CHARS'), + 'barfoo_disallow' => array('USERNAME_DISALLOWED'), + 'admin_taken' => array('USERNAME_TAKEN'), + 'group_taken' => array('USERNAME_TAKEN') + )), + array('USERNAME_ASCII', array( + 'foobar_allow' => array(), + 'foobar_ascii' => array(), + 'foobar_any' => array(), + 'foobar_alpha' => array(), + 'foobar_alpha_spacers' => array(), + 'foobar_letter_num' => array(), + 'foobar_letter_num_sp' => array('INVALID_CHARS'), + 'foobar_quot' => array('INVALID_CHARS'), + 'barfoo_disallow' => array('USERNAME_DISALLOWED'), + 'admin_taken' => array('USERNAME_TAKEN'), + 'group_taken' => array('USERNAME_TAKEN') + )), + ); + } + + /** + * @dataProvider validate_username_data + */ + public function test_validate_username($allow_name_chars, $expected) + { + global $cache, $config, $db; + + $db = $this->db; + $cache = $this->cache; + $cache->put('_disallowed_usernames', array('barfoo')); + + $config['allow_name_chars'] = $allow_name_chars; + + $this->common->validate_data_check(array( + 'foobar_allow' => 'foobar', + 'foobar_ascii' => 'foobar', + 'foobar_any' => 'f*~*^=oo_bar1', + 'foobar_alpha' => 'fo0Bar', + 'foobar_alpha_spacers' => 'Fo0-[B]_a+ R', + 'foobar_letter_num' => 'fo0Bar0', + 'foobar_letter_num_sp' => 'Fö0-[B]_a+ R', + 'foobar_quot' => '"foobar"', + 'barfoo_disallow' => 'barfoo', + 'admin_taken' => 'admin', + 'group_taken' => 'foobar_group', + ), + array( + 'foobar_allow' => array('username', 'foobar'), + 'foobar_ascii' => array('username'), + 'foobar_any' => array('username'), + 'foobar_alpha' => array('username'), + 'foobar_alpha_spacers' => array('username'), + 'foobar_letter_num' => array('username'), + 'foobar_letter_num_sp' => array('username'), + 'foobar_quot' => array('username'), + 'barfoo_disallow' => array('username'), + 'admin_taken' => array('username'), + 'group_taken' => array('username'), + ), + $expected); + } +} From 3487b70cc066f090c55990a9082ed9684d438147 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Mon, 3 Jun 2013 16:06:11 +0200 Subject: [PATCH 021/157] [ticket/11579] Use test case helper class and use assert prefix for method PHPBB3-11579 --- ...date_data.php => validate_data_helper.php} | 19 ++- tests/functions/validate_data_simple_test.php | 119 +++++++++--------- tests/functions/validate_email_test.php | 26 ++-- tests/functions/validate_lang_iso_test.php | 20 +-- tests/functions/validate_username_test.php | 11 +- 5 files changed, 100 insertions(+), 95 deletions(-) rename tests/functions/{common_validate_data.php => validate_data_helper.php} (65%) diff --git a/tests/functions/common_validate_data.php b/tests/functions/validate_data_helper.php similarity index 65% rename from tests/functions/common_validate_data.php rename to tests/functions/validate_data_helper.php index 64c9499ac3..b8e8bfded3 100644 --- a/tests/functions/common_validate_data.php +++ b/tests/functions/validate_data_helper.php @@ -7,25 +7,32 @@ * */ -class phpbb_functions_common_validate_data extends phpbb_test_case +class phpbb_functions_validate_data_helper extends PHPUnit_Framework_TestCase { + protected $test_case; + + public function __construct($test_case) + { + $this->test_case = $test_case; + } + /** * Test provided input data with supplied checks and compare to expected * results * + * @param array $expected Array containing the expected results. Either + * an array containing the error message or the an empty + * array if input is correct * @param array $input Input data with specific array keys that need to * be matched by the ones in the other 2 params * @param array $validate_check Array containing validate_data check * settings, i.e. array('foobar' => array('string')) - * @param array $expected Array containing the expected results. Either - * an array containing the error message or the an empty - * array if input is correct */ - public function validate_data_check($input, $validate_check, $expected) + public function assert_validate_data($expected, $input, $validate_check) { foreach ($input as $key => $data) { - $this->assertEquals($expected[$key], validate_data(array($data), array($validate_check[$key]))); + $this->test_case->assertEquals($expected[$key], validate_data(array($data), array($validate_check[$key]))); } } } diff --git a/tests/functions/validate_data_simple_test.php b/tests/functions/validate_data_simple_test.php index 002b1f2298..db4f218eed 100644 --- a/tests/functions/validate_data_simple_test.php +++ b/tests/functions/validate_data_simple_test.php @@ -9,22 +9,32 @@ require_once dirname(__FILE__) . '/../../phpBB/includes/functions_user.php'; require_once dirname(__FILE__) . '/../../phpBB/includes/utf/utf_tools.php'; -require_once dirname(__FILE__) . '/common_validate_data.php'; +require_once dirname(__FILE__) . '/validate_data_helper.php'; class phpbb_functions_validate_data_simple_test extends phpbb_test_case { - protected $common; + protected $helper; protected function setUp() { parent::setUp(); - $this->common = new phpbb_functions_common_validate_data; + $this->helper = new phpbb_functions_validate_data_helper($this); } public function test_validate_string() { - $this->common->validate_data_check(array( + $this->helper->assert_validate_data(array( + 'empty_opt' => array(), + 'empty' => array(), + 'foo' => array(), + 'foo_minmax_correct' => array(), + 'foo_minmax_short' => array('TOO_SHORT'), + 'foo_minmax_long' => array('TOO_LONG'), + 'empty_short' => array('TOO_SHORT'), + 'empty_length_opt' => array(), + ), + array( 'empty_opt' => '', 'empty' => '', 'foo' => 'foobar', @@ -43,22 +53,20 @@ class phpbb_functions_validate_data_simple_test extends phpbb_test_case 'foo_minmax_long' => array('string', false, 2, 5), 'empty_short' => array('string', false, 1, 6), 'empty_length_opt' => array('string', true, 1, 6), - ), - array( - 'empty_opt' => array(), - 'empty' => array(), - 'foo' => array(), - 'foo_minmax_correct' => array(), - 'foo_minmax_short' => array('TOO_SHORT'), - 'foo_minmax_long' => array('TOO_LONG'), - 'empty_short' => array('TOO_SHORT'), - 'empty_length_opt' => array(), )); } public function test_validate_num() { - $this->common->validate_data_check(array( + $this->helper->assert_validate_data(array( + 'empty' => array(), + 'zero' => array(), + 'five_minmax_correct' => array(), + 'five_minmax_short' => array('TOO_SMALL'), + 'five_minmax_long' => array('TOO_LARGE'), + 'string' => array(), + ), + array( 'empty' => '', 'zero' => 0, 'five_minmax_correct' => 5, @@ -73,20 +81,25 @@ class phpbb_functions_validate_data_simple_test extends phpbb_test_case 'five_minmax_short' => array('num', false, 7, 10), 'five_minmax_long' => array('num', false, 2, 3), 'string' => array('num'), - ), - array( - 'empty' => array(), - 'zero' => array(), - 'five_minmax_correct' => array(), - 'five_minmax_short' => array('TOO_SMALL'), - 'five_minmax_long' => array('TOO_LARGE'), - 'string' => array(), )); } public function test_validate_date() { - $this->common->validate_data_check(array( + $this->helper->assert_validate_data(array( + 'empty' => array('INVALID'), + 'empty_opt' => array(), + 'double_single' => array(), + 'single_single' => array(), + 'double_double' => array(), + // Currently fails + //'zero_year' => array(), + 'month_high' => array('INVALID'), + 'month_low' => array('INVALID'), + 'day_high' => array('INVALID'), + 'day_low' => array('INVALID'), + ), + array( 'empty' => '', 'empty_opt' => '', 'double_single' => '17-06-1990', @@ -111,25 +124,18 @@ class phpbb_functions_validate_data_simple_test extends phpbb_test_case 'month_low' => array('date'), 'day_high' => array('date'), 'day_low' => array('date'), - ), - array( - 'empty' => array('INVALID'), - 'empty_opt' => array(), - 'double_single' => array(), - 'single_single' => array(), - 'double_double' => array(), - // Currently fails - //'zero_year' => array(), - 'month_high' => array('INVALID'), - 'month_low' => array('INVALID'), - 'day_high' => array('INVALID'), - 'day_low' => array('INVALID'), )); } public function test_validate_match() { - $this->common->validate_data_check(array( + $this->helper->assert_validate_data(array( + 'empty_opt' => array(), + 'empty_empty_match' => array(), + 'foobar' => array(), + 'foobar_fail' => array('WRONG_DATA'), + ), + array( 'empty_opt' => '', 'empty_empty_match' => '', 'foobar' => 'foobar', @@ -140,12 +146,6 @@ class phpbb_functions_validate_data_simple_test extends phpbb_test_case 'empty_empty_match' => array('match'), 'foobar' => array('match', false, '/[a-z]$/'), 'foobar_fail' => array('match', false, '/[a-z]$/'), - ), - array( - 'empty_opt' => array(), - 'empty_empty_match' => array(), - 'foobar' => array(), - 'foobar_fail' => array('WRONG_DATA'), )); } @@ -193,7 +193,7 @@ class phpbb_functions_validate_data_simple_test extends phpbb_test_case // Set complexity to mixed case letters, numbers and symbols $config['pass_complex'] = $pass_complexity; - $this->common->validate_data_check(array( + $this->helper->assert_validate_data($expected, array( 'empty' => '', 'foobar_any' => 'foobar', 'foobar_mixed' => 'FooBar', @@ -206,13 +206,24 @@ class phpbb_functions_validate_data_simple_test extends phpbb_test_case 'foobar_mixed' => array('password'), 'foobar_alpha' => array('password'), 'foobar_symbol' => array('password'), - ), - $expected); + )); } public function test_validate_jabber() { - $this->common->validate_data_check(array( + $this->helper->assert_validate_data(array( + 'empty' => array(), + 'no_seperator' => array('WRONG_DATA'), + 'no_user' => array('WRONG_DATA'), + 'no_realm' => array('WRONG_DATA'), + 'dot_realm' => array('WRONG_DATA'), + '-realm' => array('WRONG_DATA'), + 'realm-' => array('WRONG_DATA'), + 'correct' => array(), + 'prohibited' => array('WRONG_DATA'), + 'prohibited_char' => array('WRONG_DATA'), + ), + array( 'empty' => '', 'no_seperator' => 'testjabber.ccc', 'no_user' => '@jabber.ccc', @@ -235,18 +246,6 @@ class phpbb_functions_validate_data_simple_test extends phpbb_test_case 'correct' => array('jabber'), 'prohibited' => array('jabber'), 'prohibited_char' => array('jabber'), - ), - array( - 'empty' => array(), - 'no_seperator' => array('WRONG_DATA'), - 'no_user' => array('WRONG_DATA'), - 'no_realm' => array('WRONG_DATA'), - 'dot_realm' => array('WRONG_DATA'), - '-realm' => array('WRONG_DATA'), - 'realm-' => array('WRONG_DATA'), - 'correct' => array(), - 'prohibited' => array('WRONG_DATA'), - 'prohibited_char' => array('WRONG_DATA'), )); } } diff --git a/tests/functions/validate_email_test.php b/tests/functions/validate_email_test.php index 47aa37e11f..2e81d3277e 100644 --- a/tests/functions/validate_email_test.php +++ b/tests/functions/validate_email_test.php @@ -10,13 +10,13 @@ require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php'; require_once dirname(__FILE__) . '/../../phpBB/includes/functions_user.php'; require_once dirname(__FILE__) . '/../mock/user.php'; -require_once dirname(__FILE__) . '/common_validate_data.php'; +require_once dirname(__FILE__) . '/validate_data_helper.php'; class phpbb_functions_validate_email_test extends phpbb_database_test_case { protected $db; protected $user; - protected $common; + protected $helper; public function getDataSet() { @@ -29,7 +29,7 @@ class phpbb_functions_validate_email_test extends phpbb_database_test_case $this->db = $this->new_dbal(); $this->user = new phpbb_mock_user; - $this->common = new phpbb_functions_common_validate_data; + $this->helper = new phpbb_functions_validate_data_helper($this); } public function test_validate_email() @@ -41,7 +41,16 @@ class phpbb_functions_validate_email_test extends phpbb_database_test_case $user = $this->user; $user->optionset('banned_users', array('banned@example.com')); - $this->common->validate_data_check(array( + $this->helper->assert_validate_data(array( + 'empty' => array(), + 'allowed' => array(), + 'invalid' => array('EMAIL_INVALID'), + 'valid_complex' => array(), + 'taken' => array('EMAIL_TAKEN'), + 'banned' => array('EMAIL_BANNED'), + 'no_mx' => array('DOMAIN_NO_MX_RECORD'), + ), + array( 'empty' => '', 'allowed' => 'foobar@example.com', 'invalid' => 'fööbar@example.com', @@ -58,15 +67,6 @@ class phpbb_functions_validate_email_test extends phpbb_database_test_case 'taken' => array('email'), 'banned' => array('email'), 'no_mx' => array('email'), - ), - array( - 'empty' => array(), - 'allowed' => array(), - 'invalid' => array('EMAIL_INVALID'), - 'valid_complex' => array(), - 'taken' => array('EMAIL_TAKEN'), - 'banned' => array('EMAIL_BANNED'), - 'no_mx' => array('DOMAIN_NO_MX_RECORD'), )); } } diff --git a/tests/functions/validate_lang_iso_test.php b/tests/functions/validate_lang_iso_test.php index b8a1827432..baf75108b7 100644 --- a/tests/functions/validate_lang_iso_test.php +++ b/tests/functions/validate_lang_iso_test.php @@ -8,12 +8,12 @@ */ require_once dirname(__FILE__) . '/../../phpBB/includes/functions_user.php'; -require_once dirname(__FILE__) . '/common_validate_data.php'; +require_once dirname(__FILE__) . '/validate_data_helper.php'; class phpbb_functions_validate_lang_iso_test extends phpbb_database_test_case { protected $db; - protected $common; + protected $helper; public function getDataSet() { @@ -25,7 +25,7 @@ class phpbb_functions_validate_lang_iso_test extends phpbb_database_test_case parent::setUp(); $this->db = $this->new_dbal(); - $this->common = new phpbb_functions_common_validate_data; + $this->helper = new phpbb_functions_validate_data_helper($this); } public function test_validate_lang_iso() @@ -34,7 +34,13 @@ class phpbb_functions_validate_lang_iso_test extends phpbb_database_test_case $db = $this->db; - $this->common->validate_data_check(array( + $this->helper->assert_validate_data(array( + 'empty' => array('WRONG_DATA'), + 'en' => array(), + 'cs' => array(), + 'de' => array('WRONG_DATA'), + ), + array( 'empty' => '', 'en' => 'en', 'cs' => 'cs', @@ -45,12 +51,6 @@ class phpbb_functions_validate_lang_iso_test extends phpbb_database_test_case 'en' => array('language_iso_name'), 'cs' => array('language_iso_name'), 'de' => array('language_iso_name'), - ), - array( - 'empty' => array('WRONG_DATA'), - 'en' => array(), - 'cs' => array(), - 'de' => array('WRONG_DATA'), )); } } diff --git a/tests/functions/validate_username_test.php b/tests/functions/validate_username_test.php index 656248cec3..92c5ba6ee1 100644 --- a/tests/functions/validate_username_test.php +++ b/tests/functions/validate_username_test.php @@ -10,13 +10,13 @@ require_once dirname(__FILE__) . '/../../phpBB/includes/functions_user.php'; require_once dirname(__FILE__) . '/../../phpBB/includes/utf/utf_tools.php'; require_once dirname(__FILE__) . '/../mock/cache.php'; -require_once dirname(__FILE__) . '/common_validate_data.php'; +require_once dirname(__FILE__) . '/validate_data_helper.php'; class phpbb_functions_validate_data_test extends phpbb_database_test_case { protected $db; protected $cache; - protected $common; + protected $helper; public function getDataSet() { @@ -29,7 +29,7 @@ class phpbb_functions_validate_data_test extends phpbb_database_test_case $this->db = $this->new_dbal(); $this->cache = new phpbb_mock_cache; - $this->common = new phpbb_functions_common_validate_data; + $this->helper = new phpbb_functions_validate_data_helper($this); } public function validate_username_data() @@ -129,7 +129,7 @@ class phpbb_functions_validate_data_test extends phpbb_database_test_case $config['allow_name_chars'] = $allow_name_chars; - $this->common->validate_data_check(array( + $this->helper->assert_validate_data($expected, array( 'foobar_allow' => 'foobar', 'foobar_ascii' => 'foobar', 'foobar_any' => 'f*~*^=oo_bar1', @@ -154,7 +154,6 @@ class phpbb_functions_validate_data_test extends phpbb_database_test_case 'barfoo_disallow' => array('username'), 'admin_taken' => array('username'), 'group_taken' => array('username'), - ), - $expected); + )); } } From c2bc82ebfd54cebba03bd04dccaf5a8e317844ae Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Mon, 3 Jun 2013 16:15:08 +0200 Subject: [PATCH 022/157] [ticket/11579] Move simple tests into seperate files PHPBB3-11579 --- tests/functions/validate_data_simple_test.php | 251 ------------------ tests/functions/validate_date_test.php | 66 +++++ tests/functions/validate_jabber_test.php | 63 +++++ tests/functions/validate_match_test.php | 45 ++++ tests/functions/validate_num_test.php | 51 ++++ tests/functions/validate_password_test.php | 83 ++++++ tests/functions/validate_string_test.php | 58 ++++ 7 files changed, 366 insertions(+), 251 deletions(-) delete mode 100644 tests/functions/validate_data_simple_test.php create mode 100644 tests/functions/validate_date_test.php create mode 100644 tests/functions/validate_jabber_test.php create mode 100644 tests/functions/validate_match_test.php create mode 100644 tests/functions/validate_num_test.php create mode 100644 tests/functions/validate_password_test.php create mode 100644 tests/functions/validate_string_test.php diff --git a/tests/functions/validate_data_simple_test.php b/tests/functions/validate_data_simple_test.php deleted file mode 100644 index db4f218eed..0000000000 --- a/tests/functions/validate_data_simple_test.php +++ /dev/null @@ -1,251 +0,0 @@ -helper = new phpbb_functions_validate_data_helper($this); - } - - public function test_validate_string() - { - $this->helper->assert_validate_data(array( - 'empty_opt' => array(), - 'empty' => array(), - 'foo' => array(), - 'foo_minmax_correct' => array(), - 'foo_minmax_short' => array('TOO_SHORT'), - 'foo_minmax_long' => array('TOO_LONG'), - 'empty_short' => array('TOO_SHORT'), - 'empty_length_opt' => array(), - ), - array( - 'empty_opt' => '', - 'empty' => '', - 'foo' => 'foobar', - 'foo_minmax_correct' => 'foobar', - 'foo_minmax_short' => 'foobar', - 'foo_minmax_long' => 'foobar', - 'empty_short' => '', - 'empty_length_opt' => '', - ), - array( - 'empty_opt' => array('string', true), - 'empty' => array('string'), - 'foo' => array('string'), - 'foo_minmax_correct' => array('string', false, 2, 6), - 'foo_minmax_short' => array('string', false, 7, 9), - 'foo_minmax_long' => array('string', false, 2, 5), - 'empty_short' => array('string', false, 1, 6), - 'empty_length_opt' => array('string', true, 1, 6), - )); - } - - public function test_validate_num() - { - $this->helper->assert_validate_data(array( - 'empty' => array(), - 'zero' => array(), - 'five_minmax_correct' => array(), - 'five_minmax_short' => array('TOO_SMALL'), - 'five_minmax_long' => array('TOO_LARGE'), - 'string' => array(), - ), - array( - 'empty' => '', - 'zero' => 0, - 'five_minmax_correct' => 5, - 'five_minmax_short' => 5, - 'five_minmax_long' => 5, - 'string' => 'foobar', - ), - array( - 'empty' => array('num'), - 'zero' => array('num'), - 'five_minmax_correct' => array('num', false, 2, 6), - 'five_minmax_short' => array('num', false, 7, 10), - 'five_minmax_long' => array('num', false, 2, 3), - 'string' => array('num'), - )); - } - - public function test_validate_date() - { - $this->helper->assert_validate_data(array( - 'empty' => array('INVALID'), - 'empty_opt' => array(), - 'double_single' => array(), - 'single_single' => array(), - 'double_double' => array(), - // Currently fails - //'zero_year' => array(), - 'month_high' => array('INVALID'), - 'month_low' => array('INVALID'), - 'day_high' => array('INVALID'), - 'day_low' => array('INVALID'), - ), - array( - 'empty' => '', - 'empty_opt' => '', - 'double_single' => '17-06-1990', - 'single_single' => '05-05-2009', - 'double_double' => '17-12-1990', - // Currently fails - //'zero_year' => '01-01-0000', - 'month_high' => '17-17-1990', - 'month_low' => '01-00-1990', - 'day_high' => '64-01-1990', - 'day_low' => '00-12-1990', - ), - array( - 'empty' => array('date'), - 'empty_opt' => array('date', true), - 'double_single' => array('date'), - 'single_single' => array('date'), - 'double_double' => array('date'), - // Currently fails - //'zero_year' => array('date'), - 'month_high' => array('date'), - 'month_low' => array('date'), - 'day_high' => array('date'), - 'day_low' => array('date'), - )); - } - - public function test_validate_match() - { - $this->helper->assert_validate_data(array( - 'empty_opt' => array(), - 'empty_empty_match' => array(), - 'foobar' => array(), - 'foobar_fail' => array('WRONG_DATA'), - ), - array( - 'empty_opt' => '', - 'empty_empty_match' => '', - 'foobar' => 'foobar', - 'foobar_fail' => 'foobar123', - ), - array( - 'empty_opt' => array('match', true, '/[a-z]$/'), - 'empty_empty_match' => array('match'), - 'foobar' => array('match', false, '/[a-z]$/'), - 'foobar_fail' => array('match', false, '/[a-z]$/'), - )); - } - - public function validate_password_data() - { - return array( - array('PASS_TYPE_ANY', array( - 'empty' => array(), - 'foobar_any' => array(), - 'foobar_mixed' => array(), - 'foobar_alpha' => array(), - 'foobar_symbol' => array(), - )), - array('PASS_TYPE_CASE', array( - 'empty' => array(), - 'foobar_any' => array('INVALID_CHARS'), - 'foobar_mixed' => array(), - 'foobar_alpha' => array(), - 'foobar_symbol' => array(), - )), - array('PASS_TYPE_ALPHA', array( - 'empty' => array(), - 'foobar_any' => array('INVALID_CHARS'), - 'foobar_mixed' => array('INVALID_CHARS'), - 'foobar_alpha' => array(), - 'foobar_symbol' => array(), - )), - array('PASS_TYPE_SYMBOL', array( - 'empty' => array(), - 'foobar_any' => array('INVALID_CHARS'), - 'foobar_mixed' => array('INVALID_CHARS'), - 'foobar_alpha' => array('INVALID_CHARS'), - 'foobar_symbol' => array(), - )), - ); - } - - /** - * @dataProvider validate_password_data - */ - public function test_validate_password($pass_complexity, $expected) - { - global $config; - - // Set complexity to mixed case letters, numbers and symbols - $config['pass_complex'] = $pass_complexity; - - $this->helper->assert_validate_data($expected, array( - 'empty' => '', - 'foobar_any' => 'foobar', - 'foobar_mixed' => 'FooBar', - 'foobar_alpha' => 'F00bar', - 'foobar_symbol' => 'fooBar123*', - ), - array( - 'empty' => array('password'), - 'foobar_any' => array('password'), - 'foobar_mixed' => array('password'), - 'foobar_alpha' => array('password'), - 'foobar_symbol' => array('password'), - )); - } - - public function test_validate_jabber() - { - $this->helper->assert_validate_data(array( - 'empty' => array(), - 'no_seperator' => array('WRONG_DATA'), - 'no_user' => array('WRONG_DATA'), - 'no_realm' => array('WRONG_DATA'), - 'dot_realm' => array('WRONG_DATA'), - '-realm' => array('WRONG_DATA'), - 'realm-' => array('WRONG_DATA'), - 'correct' => array(), - 'prohibited' => array('WRONG_DATA'), - 'prohibited_char' => array('WRONG_DATA'), - ), - array( - 'empty' => '', - 'no_seperator' => 'testjabber.ccc', - 'no_user' => '@jabber.ccc', - 'no_realm' => 'user@', - 'dot_realm' => 'user@.....', - '-realm' => 'user@-jabber.ccc', - 'realm-' => 'user@jabber.ccc-', - 'correct' => 'user@jabber.09A-z.org', - 'prohibited' => 'u@ser@jabber.ccc.org', - 'prohibited_char' => 'uer@jabber.ccc.org', - ), - array( - 'empty' => array('jabber'), - 'no_seperator' => array('jabber'), - 'no_user' => array('jabber'), - 'no_realm' => array('jabber'), - 'dot_realm' => array('jabber'), - '-realm' => array('jabber'), - 'realm-' => array('jabber'), - 'correct' => array('jabber'), - 'prohibited' => array('jabber'), - 'prohibited_char' => array('jabber'), - )); - } -} diff --git a/tests/functions/validate_date_test.php b/tests/functions/validate_date_test.php new file mode 100644 index 0000000000..e7a279879c --- /dev/null +++ b/tests/functions/validate_date_test.php @@ -0,0 +1,66 @@ +helper = new phpbb_functions_validate_data_helper($this); + } + + public function test_validate_date() + { + $this->helper->assert_validate_data(array( + 'empty' => array('INVALID'), + 'empty_opt' => array(), + 'double_single' => array(), + 'single_single' => array(), + 'double_double' => array(), + // Currently fails + //'zero_year' => array(), + 'month_high' => array('INVALID'), + 'month_low' => array('INVALID'), + 'day_high' => array('INVALID'), + 'day_low' => array('INVALID'), + ), + array( + 'empty' => '', + 'empty_opt' => '', + 'double_single' => '17-06-1990', + 'single_single' => '05-05-2009', + 'double_double' => '17-12-1990', + // Currently fails + //'zero_year' => '01-01-0000', + 'month_high' => '17-17-1990', + 'month_low' => '01-00-1990', + 'day_high' => '64-01-1990', + 'day_low' => '00-12-1990', + ), + array( + 'empty' => array('date'), + 'empty_opt' => array('date', true), + 'double_single' => array('date'), + 'single_single' => array('date'), + 'double_double' => array('date'), + // Currently fails + //'zero_year' => array('date'), + 'month_high' => array('date'), + 'month_low' => array('date'), + 'day_high' => array('date'), + 'day_low' => array('date'), + )); + } +} diff --git a/tests/functions/validate_jabber_test.php b/tests/functions/validate_jabber_test.php new file mode 100644 index 0000000000..551b243f81 --- /dev/null +++ b/tests/functions/validate_jabber_test.php @@ -0,0 +1,63 @@ +helper = new phpbb_functions_validate_data_helper($this); + } + + public function test_validate_jabber() + { + $this->helper->assert_validate_data(array( + 'empty' => array(), + 'no_seperator' => array('WRONG_DATA'), + 'no_user' => array('WRONG_DATA'), + 'no_realm' => array('WRONG_DATA'), + 'dot_realm' => array('WRONG_DATA'), + '-realm' => array('WRONG_DATA'), + 'realm-' => array('WRONG_DATA'), + 'correct' => array(), + 'prohibited' => array('WRONG_DATA'), + 'prohibited_char' => array('WRONG_DATA'), + ), + array( + 'empty' => '', + 'no_seperator' => 'testjabber.ccc', + 'no_user' => '@jabber.ccc', + 'no_realm' => 'user@', + 'dot_realm' => 'user@.....', + '-realm' => 'user@-jabber.ccc', + 'realm-' => 'user@jabber.ccc-', + 'correct' => 'user@jabber.09A-z.org', + 'prohibited' => 'u@ser@jabber.ccc.org', + 'prohibited_char' => 'uer@jabber.ccc.org', + ), + array( + 'empty' => array('jabber'), + 'no_seperator' => array('jabber'), + 'no_user' => array('jabber'), + 'no_realm' => array('jabber'), + 'dot_realm' => array('jabber'), + '-realm' => array('jabber'), + 'realm-' => array('jabber'), + 'correct' => array('jabber'), + 'prohibited' => array('jabber'), + 'prohibited_char' => array('jabber'), + )); + } +} diff --git a/tests/functions/validate_match_test.php b/tests/functions/validate_match_test.php new file mode 100644 index 0000000000..5d44f1e00b --- /dev/null +++ b/tests/functions/validate_match_test.php @@ -0,0 +1,45 @@ +helper = new phpbb_functions_validate_data_helper($this); + } + + public function test_validate_match() + { + $this->helper->assert_validate_data(array( + 'empty_opt' => array(), + 'empty_empty_match' => array(), + 'foobar' => array(), + 'foobar_fail' => array('WRONG_DATA'), + ), + array( + 'empty_opt' => '', + 'empty_empty_match' => '', + 'foobar' => 'foobar', + 'foobar_fail' => 'foobar123', + ), + array( + 'empty_opt' => array('match', true, '/[a-z]$/'), + 'empty_empty_match' => array('match'), + 'foobar' => array('match', false, '/[a-z]$/'), + 'foobar_fail' => array('match', false, '/[a-z]$/'), + )); + } +} diff --git a/tests/functions/validate_num_test.php b/tests/functions/validate_num_test.php new file mode 100644 index 0000000000..4e210ba29a --- /dev/null +++ b/tests/functions/validate_num_test.php @@ -0,0 +1,51 @@ +helper = new phpbb_functions_validate_data_helper($this); + } + + public function test_validate_num() + { + $this->helper->assert_validate_data(array( + 'empty' => array(), + 'zero' => array(), + 'five_minmax_correct' => array(), + 'five_minmax_short' => array('TOO_SMALL'), + 'five_minmax_long' => array('TOO_LARGE'), + 'string' => array(), + ), + array( + 'empty' => '', + 'zero' => 0, + 'five_minmax_correct' => 5, + 'five_minmax_short' => 5, + 'five_minmax_long' => 5, + 'string' => 'foobar', + ), + array( + 'empty' => array('num'), + 'zero' => array('num'), + 'five_minmax_correct' => array('num', false, 2, 6), + 'five_minmax_short' => array('num', false, 7, 10), + 'five_minmax_long' => array('num', false, 2, 3), + 'string' => array('num'), + )); + } +} diff --git a/tests/functions/validate_password_test.php b/tests/functions/validate_password_test.php new file mode 100644 index 0000000000..e8dc7e0dea --- /dev/null +++ b/tests/functions/validate_password_test.php @@ -0,0 +1,83 @@ +helper = new phpbb_functions_validate_data_helper($this); + } + + public function validate_password_data() + { + return array( + array('PASS_TYPE_ANY', array( + 'empty' => array(), + 'foobar_any' => array(), + 'foobar_mixed' => array(), + 'foobar_alpha' => array(), + 'foobar_symbol' => array(), + )), + array('PASS_TYPE_CASE', array( + 'empty' => array(), + 'foobar_any' => array('INVALID_CHARS'), + 'foobar_mixed' => array(), + 'foobar_alpha' => array(), + 'foobar_symbol' => array(), + )), + array('PASS_TYPE_ALPHA', array( + 'empty' => array(), + 'foobar_any' => array('INVALID_CHARS'), + 'foobar_mixed' => array('INVALID_CHARS'), + 'foobar_alpha' => array(), + 'foobar_symbol' => array(), + )), + array('PASS_TYPE_SYMBOL', array( + 'empty' => array(), + 'foobar_any' => array('INVALID_CHARS'), + 'foobar_mixed' => array('INVALID_CHARS'), + 'foobar_alpha' => array('INVALID_CHARS'), + 'foobar_symbol' => array(), + )), + ); + } + + /** + * @dataProvider validate_password_data + */ + public function test_validate_password($pass_complexity, $expected) + { + global $config; + + // Set complexity to mixed case letters, numbers and symbols + $config['pass_complex'] = $pass_complexity; + + $this->helper->assert_validate_data($expected, array( + 'empty' => '', + 'foobar_any' => 'foobar', + 'foobar_mixed' => 'FooBar', + 'foobar_alpha' => 'F00bar', + 'foobar_symbol' => 'fooBar123*', + ), + array( + 'empty' => array('password'), + 'foobar_any' => array('password'), + 'foobar_mixed' => array('password'), + 'foobar_alpha' => array('password'), + 'foobar_symbol' => array('password'), + )); + } +} diff --git a/tests/functions/validate_string_test.php b/tests/functions/validate_string_test.php new file mode 100644 index 0000000000..2b4f7321a6 --- /dev/null +++ b/tests/functions/validate_string_test.php @@ -0,0 +1,58 @@ +helper = new phpbb_functions_validate_data_helper($this); + } + + public function test_validate_string() + { + $this->helper->assert_validate_data(array( + 'empty_opt' => array(), + 'empty' => array(), + 'foo' => array(), + 'foo_minmax_correct' => array(), + 'foo_minmax_short' => array('TOO_SHORT'), + 'foo_minmax_long' => array('TOO_LONG'), + 'empty_short' => array('TOO_SHORT'), + 'empty_length_opt' => array(), + ), + array( + 'empty_opt' => '', + 'empty' => '', + 'foo' => 'foobar', + 'foo_minmax_correct' => 'foobar', + 'foo_minmax_short' => 'foobar', + 'foo_minmax_long' => 'foobar', + 'empty_short' => '', + 'empty_length_opt' => '', + ), + array( + 'empty_opt' => array('string', true), + 'empty' => array('string'), + 'foo' => array('string'), + 'foo_minmax_correct' => array('string', false, 2, 6), + 'foo_minmax_short' => array('string', false, 7, 9), + 'foo_minmax_long' => array('string', false, 2, 5), + 'empty_short' => array('string', false, 1, 6), + 'empty_length_opt' => array('string', true, 1, 6), + )); + } +} From 11678678b810c26376728166cf334550cbc30124 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Mon, 3 Jun 2013 21:30:13 +0200 Subject: [PATCH 023/157] [ticket/11579] Rework calls to validate_data_helper PHPBB3-11579 --- tests/functions/validate_data_helper.php | 18 ++--- tests/functions/validate_date_test.php | 90 +++++++++++++--------- tests/functions/validate_email_test.php | 62 ++++++++------- tests/functions/validate_jabber_test.php | 86 ++++++++++++--------- tests/functions/validate_lang_iso_test.php | 38 +++++---- tests/functions/validate_match_test.php | 38 +++++---- tests/functions/validate_num_test.php | 54 +++++++------ tests/functions/validate_password_test.php | 39 ++++++---- tests/functions/validate_string_test.php | 70 ++++++++++------- tests/functions/validate_username_test.php | 81 +++++++++++++------ 10 files changed, 344 insertions(+), 232 deletions(-) diff --git a/tests/functions/validate_data_helper.php b/tests/functions/validate_data_helper.php index b8e8bfded3..94ddf60429 100644 --- a/tests/functions/validate_data_helper.php +++ b/tests/functions/validate_data_helper.php @@ -20,19 +20,17 @@ class phpbb_functions_validate_data_helper extends PHPUnit_Framework_TestCase * Test provided input data with supplied checks and compare to expected * results * - * @param array $expected Array containing the expected results. Either - * an array containing the error message or the an empty - * array if input is correct - * @param array $input Input data with specific array keys that need to - * be matched by the ones in the other 2 params - * @param array $validate_check Array containing validate_data check - * settings, i.e. array('foobar' => array('string')) + * @param array $data Array containing one or more subarrays with the + * test data. The first element of a subarray is the + * expected result, the second one is the input, and the + * third is the data that should be passed to the function + * validate_data(). */ - public function assert_validate_data($expected, $input, $validate_check) + public function assert_valid_data($data) { - foreach ($input as $key => $data) + foreach ($data as $key => $test) { - $this->test_case->assertEquals($expected[$key], validate_data(array($data), array($validate_check[$key]))); + $this->test_case->assertEquals($test[0], validate_data(array($test[1]), array($test[2]))); } } } diff --git a/tests/functions/validate_date_test.php b/tests/functions/validate_date_test.php index e7a279879c..1dcd1361a2 100644 --- a/tests/functions/validate_date_test.php +++ b/tests/functions/validate_date_test.php @@ -23,44 +23,60 @@ class phpbb_functions_validate_date_test extends phpbb_test_case public function test_validate_date() { - $this->helper->assert_validate_data(array( - 'empty' => array('INVALID'), - 'empty_opt' => array(), - 'double_single' => array(), - 'single_single' => array(), - 'double_double' => array(), + $this->helper->assert_valid_data(array( + 'empty' => array( + array('INVALID'), + '', + array('date'), + ), + 'empty_opt' => array( + array(), + '', + array('date', true), + ), + 'double_single' => array( + array(), + '17-06-1990', + array('date'), + ), + 'single_single' => array( + array(), + '05-05-2009', + array('date'), + ), + 'double_double' => array( + array(), + '17-12-1990', + array('date'), + ), + 'month_high' => array( + array('INVALID'), + '17-17-1990', + array('date'), + ), + 'month_low' => array( + array('INVALID'), + '01-00-1990', + array('date'), + ), + 'day_high' => array( + array('INVALID'), + '64-01-1990', + array('date'), + ), + 'day_low' => array( + array('INVALID'), + '00-12-1990', + array('date'), + ), // Currently fails - //'zero_year' => array(), - 'month_high' => array('INVALID'), - 'month_low' => array('INVALID'), - 'day_high' => array('INVALID'), - 'day_low' => array('INVALID'), - ), - array( - 'empty' => '', - 'empty_opt' => '', - 'double_single' => '17-06-1990', - 'single_single' => '05-05-2009', - 'double_double' => '17-12-1990', - // Currently fails - //'zero_year' => '01-01-0000', - 'month_high' => '17-17-1990', - 'month_low' => '01-00-1990', - 'day_high' => '64-01-1990', - 'day_low' => '00-12-1990', - ), - array( - 'empty' => array('date'), - 'empty_opt' => array('date', true), - 'double_single' => array('date'), - 'single_single' => array('date'), - 'double_double' => array('date'), - // Currently fails - //'zero_year' => array('date'), - 'month_high' => array('date'), - 'month_low' => array('date'), - 'day_high' => array('date'), - 'day_low' => array('date'), + /* + 'zero_year' => array( + array(), + '01-01-0000', + array('date'), + ), + */ )); } } diff --git a/tests/functions/validate_email_test.php b/tests/functions/validate_email_test.php index 2e81d3277e..93b5ba0896 100644 --- a/tests/functions/validate_email_test.php +++ b/tests/functions/validate_email_test.php @@ -41,32 +41,42 @@ class phpbb_functions_validate_email_test extends phpbb_database_test_case $user = $this->user; $user->optionset('banned_users', array('banned@example.com')); - $this->helper->assert_validate_data(array( - 'empty' => array(), - 'allowed' => array(), - 'invalid' => array('EMAIL_INVALID'), - 'valid_complex' => array(), - 'taken' => array('EMAIL_TAKEN'), - 'banned' => array('EMAIL_BANNED'), - 'no_mx' => array('DOMAIN_NO_MX_RECORD'), - ), - array( - 'empty' => '', - 'allowed' => 'foobar@example.com', - 'invalid' => 'fööbar@example.com', - 'valid_complex' => "'%$~test@example.com", - 'taken' => 'admin@example.com', - 'banned' => 'banned@example.com', - 'no_mx' => 'test@wwrrrhhghgghgh.ttv', - ), - array( - 'empty' => array('email'), - 'allowed' => array('email', 'foobar@example.com'), - 'invalid' => array('email'), - 'valid_complex' => array('email'), - 'taken' => array('email'), - 'banned' => array('email'), - 'no_mx' => array('email'), + $this->helper->assert_valid_data(array( + 'empty' => array( + array(), + '', + array('email'), + ), + 'allowed' => array( + array(), + 'foobar@example.com', + array('email', 'foobar@example.com'), + ), + 'invalid' => array( + array('EMAIL_INVALID'), + 'fööbar@example.com', + array('email'), + ), + 'valid_complex' => array( + array(), + "'%$~test@example.com", + array('email'), + ), + 'taken' => array( + array('EMAIL_TAKEN'), + 'admin@example.com', + array('email'), + ), + 'banned' => array( + array('EMAIL_BANNED'), + 'banned@example.com', + array('email'), + ), + 'no_mx' => array( + array('DOMAIN_NO_MX_RECORD'), + 'test@wwrrrhhghgghgh.ttv', + array('email'), + ), )); } } diff --git a/tests/functions/validate_jabber_test.php b/tests/functions/validate_jabber_test.php index 551b243f81..5a53c963bd 100644 --- a/tests/functions/validate_jabber_test.php +++ b/tests/functions/validate_jabber_test.php @@ -23,41 +23,57 @@ class phpbb_functions_validate_jabber_test extends phpbb_test_case public function test_validate_jabber() { - $this->helper->assert_validate_data(array( - 'empty' => array(), - 'no_seperator' => array('WRONG_DATA'), - 'no_user' => array('WRONG_DATA'), - 'no_realm' => array('WRONG_DATA'), - 'dot_realm' => array('WRONG_DATA'), - '-realm' => array('WRONG_DATA'), - 'realm-' => array('WRONG_DATA'), - 'correct' => array(), - 'prohibited' => array('WRONG_DATA'), - 'prohibited_char' => array('WRONG_DATA'), - ), - array( - 'empty' => '', - 'no_seperator' => 'testjabber.ccc', - 'no_user' => '@jabber.ccc', - 'no_realm' => 'user@', - 'dot_realm' => 'user@.....', - '-realm' => 'user@-jabber.ccc', - 'realm-' => 'user@jabber.ccc-', - 'correct' => 'user@jabber.09A-z.org', - 'prohibited' => 'u@ser@jabber.ccc.org', - 'prohibited_char' => 'uer@jabber.ccc.org', - ), - array( - 'empty' => array('jabber'), - 'no_seperator' => array('jabber'), - 'no_user' => array('jabber'), - 'no_realm' => array('jabber'), - 'dot_realm' => array('jabber'), - '-realm' => array('jabber'), - 'realm-' => array('jabber'), - 'correct' => array('jabber'), - 'prohibited' => array('jabber'), - 'prohibited_char' => array('jabber'), + $this->helper->assert_valid_data(array( + 'empty' => array( + array(), + '', + array('jabber'), + ), + 'no_seperator' => array( + array('WRONG_DATA'), + 'testjabber.ccc', + array('jabber'), + ), + 'no_user' => array( + array('WRONG_DATA'), + '@jabber.ccc', + array('jabber'), + ), + 'no_realm' => array( + array('WRONG_DATA'), + 'user@', + array('jabber'), + ), + 'dot_realm' => array( + array('WRONG_DATA'), + 'user@.....', + array('jabber'), + ), + '-realm' => array( + array('WRONG_DATA'), + 'user@-jabber.ccc', + array('jabber'), + ), + 'realm-' => array( + array('WRONG_DATA'), + 'user@jabber.ccc-', + array('jabber'), + ), + 'correct' => array( + array(), + 'user@jabber.09A-z.org', + array('jabber'), + ), + 'prohibited' => array( + array('WRONG_DATA'), + 'u@ser@jabber.ccc.org', + array('jabber'), + ), + 'prohibited_char' => array( + array('WRONG_DATA'), + 'uer@jabber.ccc.org', + array('jabber'), + ), )); } } diff --git a/tests/functions/validate_lang_iso_test.php b/tests/functions/validate_lang_iso_test.php index baf75108b7..c8a5b71021 100644 --- a/tests/functions/validate_lang_iso_test.php +++ b/tests/functions/validate_lang_iso_test.php @@ -34,23 +34,27 @@ class phpbb_functions_validate_lang_iso_test extends phpbb_database_test_case $db = $this->db; - $this->helper->assert_validate_data(array( - 'empty' => array('WRONG_DATA'), - 'en' => array(), - 'cs' => array(), - 'de' => array('WRONG_DATA'), - ), - array( - 'empty' => '', - 'en' => 'en', - 'cs' => 'cs', - 'de' => 'de', - ), - array( - 'empty' => array('language_iso_name'), - 'en' => array('language_iso_name'), - 'cs' => array('language_iso_name'), - 'de' => array('language_iso_name'), + $this->helper->assert_valid_data(array( + 'empty' => array( + array('WRONG_DATA'), + '', + array('language_iso_name'), + ), + 'en' => array( + array(), + 'en', + array('language_iso_name'), + ), + 'cs' => array( + array(), + 'cs', + array('language_iso_name'), + ), + 'de' => array( + array('WRONG_DATA'), + 'de', + array('language_iso_name'), + ), )); } } diff --git a/tests/functions/validate_match_test.php b/tests/functions/validate_match_test.php index 5d44f1e00b..73a363e003 100644 --- a/tests/functions/validate_match_test.php +++ b/tests/functions/validate_match_test.php @@ -23,23 +23,27 @@ class phpbb_functions_validate_match_test extends phpbb_test_case public function test_validate_match() { - $this->helper->assert_validate_data(array( - 'empty_opt' => array(), - 'empty_empty_match' => array(), - 'foobar' => array(), - 'foobar_fail' => array('WRONG_DATA'), - ), - array( - 'empty_opt' => '', - 'empty_empty_match' => '', - 'foobar' => 'foobar', - 'foobar_fail' => 'foobar123', - ), - array( - 'empty_opt' => array('match', true, '/[a-z]$/'), - 'empty_empty_match' => array('match'), - 'foobar' => array('match', false, '/[a-z]$/'), - 'foobar_fail' => array('match', false, '/[a-z]$/'), + $this->helper->assert_valid_data(array( + 'empty_opt' => array( + array(), + '', + array('match', true, '/[a-z]$/'), + ), + 'empty_empty_match' => array( + array(), + '', + array('match'), + ), + 'foobar' => array( + array(), + 'foobar', + array('match', false, '/[a-z]$/'), + ), + 'foobar_fail' => array( + array('WRONG_DATA'), + 'foobar123', + array('match', false, '/[a-z]$/'), + ), )); } } diff --git a/tests/functions/validate_num_test.php b/tests/functions/validate_num_test.php index 4e210ba29a..4deac02ebc 100644 --- a/tests/functions/validate_num_test.php +++ b/tests/functions/validate_num_test.php @@ -23,29 +23,37 @@ class phpbb_functions_validate_num_test extends phpbb_test_case public function test_validate_num() { - $this->helper->assert_validate_data(array( - 'empty' => array(), - 'zero' => array(), - 'five_minmax_correct' => array(), - 'five_minmax_short' => array('TOO_SMALL'), - 'five_minmax_long' => array('TOO_LARGE'), - 'string' => array(), - ), - array( - 'empty' => '', - 'zero' => 0, - 'five_minmax_correct' => 5, - 'five_minmax_short' => 5, - 'five_minmax_long' => 5, - 'string' => 'foobar', - ), - array( - 'empty' => array('num'), - 'zero' => array('num'), - 'five_minmax_correct' => array('num', false, 2, 6), - 'five_minmax_short' => array('num', false, 7, 10), - 'five_minmax_long' => array('num', false, 2, 3), - 'string' => array('num'), + $this->helper->assert_valid_data(array( + 'empty' => array( + array(), + '', + array('num'), + ), + 'zero' => array( + array(), + '0', + array('num'), + ), + 'five_minmax_correct' => array( + array(), + '5', + array('num', false, 2, 6), + ), + 'five_minmax_short' => array( + array('TOO_SMALL'), + '5', + array('num', false, 7, 10), + ), + 'five_minmax_long' => array( + array('TOO_LARGE'), + '5', + array('num', false, 2, 3), + ), + 'string' => array( + array(), + 'foobar', + array('num'), + ), )); } } diff --git a/tests/functions/validate_password_test.php b/tests/functions/validate_password_test.php index e8dc7e0dea..4639f6cc89 100644 --- a/tests/functions/validate_password_test.php +++ b/tests/functions/validate_password_test.php @@ -65,19 +65,32 @@ class phpbb_functions_validate_password_test extends phpbb_test_case // Set complexity to mixed case letters, numbers and symbols $config['pass_complex'] = $pass_complexity; - $this->helper->assert_validate_data($expected, array( - 'empty' => '', - 'foobar_any' => 'foobar', - 'foobar_mixed' => 'FooBar', - 'foobar_alpha' => 'F00bar', - 'foobar_symbol' => 'fooBar123*', - ), - array( - 'empty' => array('password'), - 'foobar_any' => array('password'), - 'foobar_mixed' => array('password'), - 'foobar_alpha' => array('password'), - 'foobar_symbol' => array('password'), + $this->helper->assert_valid_data(array( + 'empty' => array( + $expected['empty'], + '', + array('password'), + ), + 'foobar_any' => array( + $expected['foobar_any'], + 'foobar', + array('password'), + ), + 'foobar_mixed' => array( + $expected['foobar_mixed'], + 'FooBar', + array('password'), + ), + 'foobar_alpha' => array( + $expected['foobar_alpha'], + 'F00bar', + array('password'), + ), + 'foobar_symbol' => array( + $expected['foobar_symbol'], + 'fooBar123*', + array('password'), + ), )); } } diff --git a/tests/functions/validate_string_test.php b/tests/functions/validate_string_test.php index 2b4f7321a6..ab44c28541 100644 --- a/tests/functions/validate_string_test.php +++ b/tests/functions/validate_string_test.php @@ -24,35 +24,47 @@ class phpbb_functions_validate_string_test extends phpbb_test_case public function test_validate_string() { - $this->helper->assert_validate_data(array( - 'empty_opt' => array(), - 'empty' => array(), - 'foo' => array(), - 'foo_minmax_correct' => array(), - 'foo_minmax_short' => array('TOO_SHORT'), - 'foo_minmax_long' => array('TOO_LONG'), - 'empty_short' => array('TOO_SHORT'), - 'empty_length_opt' => array(), - ), - array( - 'empty_opt' => '', - 'empty' => '', - 'foo' => 'foobar', - 'foo_minmax_correct' => 'foobar', - 'foo_minmax_short' => 'foobar', - 'foo_minmax_long' => 'foobar', - 'empty_short' => '', - 'empty_length_opt' => '', - ), - array( - 'empty_opt' => array('string', true), - 'empty' => array('string'), - 'foo' => array('string'), - 'foo_minmax_correct' => array('string', false, 2, 6), - 'foo_minmax_short' => array('string', false, 7, 9), - 'foo_minmax_long' => array('string', false, 2, 5), - 'empty_short' => array('string', false, 1, 6), - 'empty_length_opt' => array('string', true, 1, 6), + $this->helper->assert_valid_data(array( + 'empty_opt' => array( + array(), + '', + array('string', true), + ), + 'empty' => array( + array(), + '', + array('string'), + ), + 'foo' => array( + array(), + 'foobar', + array('string'), + ), + 'foo_minmax_correct' => array( + array(), + 'foobar', + array('string', false, 2, 6), + ), + 'foo_minmax_short' => array( + array('TOO_SHORT'), + 'foobar', + array('string', false, 7, 9), + ), + 'foo_minmax_long' => array( + array('TOO_LONG'), + 'foobar', + array('string', false, 2, 5), + ), + 'empty_short' => array( + array('TOO_SHORT'), + '', + array('string', false, 1, 6), + ), + 'empty_length_opt' => array( + array(), + '', + array('string', true, 1, 6), + ), )); } } diff --git a/tests/functions/validate_username_test.php b/tests/functions/validate_username_test.php index 92c5ba6ee1..9adfb63812 100644 --- a/tests/functions/validate_username_test.php +++ b/tests/functions/validate_username_test.php @@ -129,31 +129,62 @@ class phpbb_functions_validate_data_test extends phpbb_database_test_case $config['allow_name_chars'] = $allow_name_chars; - $this->helper->assert_validate_data($expected, array( - 'foobar_allow' => 'foobar', - 'foobar_ascii' => 'foobar', - 'foobar_any' => 'f*~*^=oo_bar1', - 'foobar_alpha' => 'fo0Bar', - 'foobar_alpha_spacers' => 'Fo0-[B]_a+ R', - 'foobar_letter_num' => 'fo0Bar0', - 'foobar_letter_num_sp' => 'Fö0-[B]_a+ R', - 'foobar_quot' => '"foobar"', - 'barfoo_disallow' => 'barfoo', - 'admin_taken' => 'admin', - 'group_taken' => 'foobar_group', - ), - array( - 'foobar_allow' => array('username', 'foobar'), - 'foobar_ascii' => array('username'), - 'foobar_any' => array('username'), - 'foobar_alpha' => array('username'), - 'foobar_alpha_spacers' => array('username'), - 'foobar_letter_num' => array('username'), - 'foobar_letter_num_sp' => array('username'), - 'foobar_quot' => array('username'), - 'barfoo_disallow' => array('username'), - 'admin_taken' => array('username'), - 'group_taken' => array('username'), + $this->helper->assert_valid_data(array( + 'foobar_allow' => array( + $expected['foobar_allow'], + 'foobar', + array('username', 'foobar'), + ), + 'foobar_ascii' => array( + $expected['foobar_ascii'], + 'foobar', + array('username'), + ), + 'foobar_any' => array( + $expected['foobar_any'], + 'f*~*^=oo_bar1', + array('username'), + ), + 'foobar_alpha' => array( + $expected['foobar_alpha'], + 'fo0Bar', + array('username'), + ), + 'foobar_alpha_spacers' => array( + $expected['foobar_alpha_spacers'], + 'Fo0-[B]_a+ R', + array('username'), + ), + 'foobar_letter_num' => array( + $expected['foobar_letter_num'], + 'fo0Bar0', + array('username'), + ), + 'foobar_letter_num_sp' => array( + $expected['foobar_letter_num_sp'], + 'Fö0-[B]_a+ R', + array('username'), + ), + 'foobar_quot' => array( + $expected['foobar_quot'], + '"foobar"', + array('username'), + ), + 'barfoo_disallow' => array( + $expected['barfoo_disallow'], + 'barfoo', + array('username'), + ), + 'admin_taken' => array( + $expected['admin_taken'], + 'admin', + array('username'), + ), + 'group_taken' => array( + $expected['group_taken'], + 'foobar_group', + array('username'), + ), )); } } From b288bd441436c8dd3417f67013729732ca87939f Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Mon, 3 Jun 2013 21:33:02 +0200 Subject: [PATCH 024/157] [ticket/11579] Add missing commas to validate_username_test PHPBB3-11579 --- tests/functions/validate_username_test.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/functions/validate_username_test.php b/tests/functions/validate_username_test.php index 9adfb63812..0819974e54 100644 --- a/tests/functions/validate_username_test.php +++ b/tests/functions/validate_username_test.php @@ -46,7 +46,7 @@ class phpbb_functions_validate_data_test extends phpbb_database_test_case 'foobar_quot' => array('INVALID_CHARS'), 'barfoo_disallow' => array('USERNAME_DISALLOWED'), 'admin_taken' => array('USERNAME_TAKEN'), - 'group_taken' => array('USERNAME_TAKEN') + 'group_taken' => array('USERNAME_TAKEN'), )), array('USERNAME_ALPHA_ONLY', array( 'foobar_allow' => array(), @@ -59,7 +59,7 @@ class phpbb_functions_validate_data_test extends phpbb_database_test_case 'foobar_quot' => array('INVALID_CHARS'), 'barfoo_disallow' => array('USERNAME_DISALLOWED'), 'admin_taken' => array('USERNAME_TAKEN'), - 'group_taken' => array('INVALID_CHARS') + 'group_taken' => array('INVALID_CHARS'), )), array('USERNAME_ALPHA_SPACERS', array( 'foobar_allow' => array(), @@ -72,7 +72,7 @@ class phpbb_functions_validate_data_test extends phpbb_database_test_case 'foobar_quot' => array('INVALID_CHARS'), 'barfoo_disallow' => array('USERNAME_DISALLOWED'), 'admin_taken' => array('USERNAME_TAKEN'), - 'group_taken' => array('USERNAME_TAKEN') + 'group_taken' => array('USERNAME_TAKEN'), )), array('USERNAME_LETTER_NUM', array( 'foobar_allow' => array(), @@ -85,7 +85,7 @@ class phpbb_functions_validate_data_test extends phpbb_database_test_case 'foobar_quot' => array('INVALID_CHARS'), 'barfoo_disallow' => array('USERNAME_DISALLOWED'), 'admin_taken' => array('USERNAME_TAKEN'), - 'group_taken' => array('INVALID_CHARS') + 'group_taken' => array('INVALID_CHARS'), )), array('USERNAME_LETTER_NUM_SPACERS', array( 'foobar_allow' => array(), @@ -98,7 +98,7 @@ class phpbb_functions_validate_data_test extends phpbb_database_test_case 'foobar_quot' => array('INVALID_CHARS'), 'barfoo_disallow' => array('USERNAME_DISALLOWED'), 'admin_taken' => array('USERNAME_TAKEN'), - 'group_taken' => array('USERNAME_TAKEN') + 'group_taken' => array('USERNAME_TAKEN'), )), array('USERNAME_ASCII', array( 'foobar_allow' => array(), @@ -111,7 +111,7 @@ class phpbb_functions_validate_data_test extends phpbb_database_test_case 'foobar_quot' => array('INVALID_CHARS'), 'barfoo_disallow' => array('USERNAME_DISALLOWED'), 'admin_taken' => array('USERNAME_TAKEN'), - 'group_taken' => array('USERNAME_TAKEN') + 'group_taken' => array('USERNAME_TAKEN'), )), ); } From 56e27a9908b759b9ec1aadb6f58a2f0f1b4f3ab3 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Wed, 5 Jun 2013 00:14:46 +0530 Subject: [PATCH 025/157] [ticket/10820] Inject IE version in function PHPBB3-10820 --- phpBB/download/file.php | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index d9ebaa4281..c296ddce7e 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -285,7 +285,7 @@ else if (($display_cat == ATTACHMENT_CATEGORY_NONE/* || $display_cat == ATTACHME $db->sql_query($sql); } -if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && !phpbb_is_greater_ie7($user->browser)) +if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && !phpbb_is_greater_ie_version($user->browser, 7)) { wrap_img_in_html(append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'id=' . $attachment['attach_id']), $attachment['real_filename']); file_gc(); @@ -344,7 +344,7 @@ function send_avatar_to_browser($file, $browser) $image_data = @getimagesize($file_path); header('Content-Type: ' . image_type_to_mime_type($image_data[2])); - if (!phpbb_is_greater_ie7($browser)) + if (!phpbb_is_greater_ie_version($browser, 7)) { header('Content-Disposition: attachment; ' . header_filename($file)); @@ -479,7 +479,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) // Send out the Headers. Do not set Content-Disposition to inline please, it is a security measure for users using the Internet Explorer. header('Content-Type: ' . $attachment['mimetype']); - if (phpbb_is_greater_ie7($user->browser)) + if (phpbb_is_greater_ie_version($user->browser, 7)) { header('X-Content-Type-Options: nosniff'); } @@ -491,7 +491,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) } else { - if (empty($user->browser) || !phpbb_is_greater_ie7($user->browser)) + if (empty($user->browser) || !phpbb_is_greater_ie_version($user->browser, 7)) { header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename']))); if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie 6.0') !== false)) @@ -502,7 +502,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) else { header('Content-Disposition: ' . ((strpos($attachment['mimetype'], 'image') === 0) ? 'inline' : 'attachment') . '; ' . header_filename(htmlspecialchars_decode($attachment['real_filename']))); - if (phpbb_is_greater_ie7($user->browser) && (strpos($attachment['mimetype'], 'image') !== 0)) + if (phpbb_is_greater_ie_version($user->browser, 7) && (strpos($attachment['mimetype'], 'image') !== 0)) { header('X-Download-Options: noopen'); } @@ -680,7 +680,7 @@ function set_modified_headers($stamp, $browser) // let's see if we have to send the file at all $last_load = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? strtotime(trim($_SERVER['HTTP_IF_MODIFIED_SINCE'])) : false; - if (strpos(strtolower($browser), 'msie 6.0') === false && !phpbb_is_greater_ie7($browser)) + if (strpos(strtolower($browser), 'msie 6.0') === false && !phpbb_is_greater_ie_version($browser, 7)) { if ($last_load !== false && $last_load >= $stamp) { @@ -713,15 +713,16 @@ function file_gc() * Check if the browser is internet explorer version 7+ * * @param string $user_agent User agent HTTP header +* @param int $version IE version to check against * * @return bool true if internet explorer version is greater than 7 */ -function phpbb_is_greater_ie7($user_agent) +function phpbb_is_greater_ie_version($user_agent, $version) { if (preg_match('/msie (\d+)/', strtolower($user_agent), $matches)) { $ie_version = (int) $matches[1]; - return ($ie_version > 7); + return ($ie_version > $version); } else { From 7abc85cedac4fdde514f740dfaad24b2414ebce8 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Wed, 5 Jun 2013 00:29:07 +0530 Subject: [PATCH 026/157] [ticket/10820] Change function call in tests PHPBB3-10820 --- tests/download/http_user_agent_test.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/download/http_user_agent_test.php b/tests/download/http_user_agent_test.php index e08fb7a3f1..d85e7b0d08 100644 --- a/tests/download/http_user_agent_test.php +++ b/tests/download/http_user_agent_test.php @@ -92,6 +92,6 @@ class phpbb_download_http_user_agent_test extends phpbb_test_case */ public function test_is_greater_ie7($user_agent, $expected) { - $this->assertEquals($expected, phpbb_is_greater_ie7($user_agent)); + $this->assertEquals($expected, phpbb_is_greater_ie_version($user_agent, 7)); } } From a8a1c75a70c0c167ea3f6831a9800a27525c7d89 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Wed, 5 Jun 2013 00:29:34 +0530 Subject: [PATCH 027/157] [ticket/10820] Fix copyright PHPBB3-10820 --- tests/download/http_user_agent_test.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/download/http_user_agent_test.php b/tests/download/http_user_agent_test.php index d85e7b0d08..4e759e990d 100644 --- a/tests/download/http_user_agent_test.php +++ b/tests/download/http_user_agent_test.php @@ -2,7 +2,7 @@ /** * * @package testing -* @copyright (c) 2010 phpBB Group +* @copyright (c) 2013 phpBB Group * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 * */ From a8bb0330959e67e2e7a81bffdedc46d626912f3e Mon Sep 17 00:00:00 2001 From: Dhruv Date: Wed, 5 Jun 2013 00:57:25 +0530 Subject: [PATCH 028/157] [ticket/10820] Rename function PHPBB3-10820 --- tests/download/http_user_agent_test.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/download/http_user_agent_test.php b/tests/download/http_user_agent_test.php index 4e759e990d..179477f36a 100644 --- a/tests/download/http_user_agent_test.php +++ b/tests/download/http_user_agent_test.php @@ -11,7 +11,7 @@ require_once dirname(__FILE__) . '/../../phpBB/includes/functions_download.php'; class phpbb_download_http_user_agent_test extends phpbb_test_case { - public function user_agents() + public function user_agents_check_greater_ie7() { return array( // user agent @@ -88,7 +88,7 @@ class phpbb_download_http_user_agent_test extends phpbb_test_case } /** - * @dataProvider user_agents + * @dataProvider user_agents_check_greater_ie7 */ public function test_is_greater_ie7($user_agent, $expected) { From db5bff87157818e424e1717e3047606f53ca3807 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Wed, 5 Jun 2013 02:22:51 +0530 Subject: [PATCH 029/157] [ticket/10820] Add test cases More test cases to check against different versions PHPBB3-10820 --- tests/download/http_user_agent_test.php | 41 ++++++++++++++++++++++--- 1 file changed, 37 insertions(+), 4 deletions(-) diff --git a/tests/download/http_user_agent_test.php b/tests/download/http_user_agent_test.php index 179477f36a..166a186913 100644 --- a/tests/download/http_user_agent_test.php +++ b/tests/download/http_user_agent_test.php @@ -11,87 +11,120 @@ require_once dirname(__FILE__) . '/../../phpBB/includes/functions_download.php'; class phpbb_download_http_user_agent_test extends phpbb_test_case { - public function user_agents_check_greater_ie7() + public function user_agents_check_greater_ie_version() { return array( // user agent + // IE version // expected array( 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)', + 7, true, ), array( 'Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)', + 7, true, ), array( 'Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)', + 7, true, ), array( 'Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 6.0; en-US)', + 7, false, ), array( 'Mozilla/4.0 (compatible; MSIE 6.1; Windows XP; .NET CLR 1.1.4322; .NET CLR 2.0.50727)', + 7, false, ), array( 'Mozilla/4.0 (compatible; MSIE 6.01; Windows NT 6.0)', + 7, false, ), array( 'Mozilla/5.0 (Windows; U; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)', + 7, false, ), array( 'Mozilla/5.0 (Windows NT 6.2; Win64; x64;) Gecko/20100101 Firefox/20.0', + 7, false, ), array( 'Mozilla/5.0 (Windows NT 6.2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1464.0 Safari/537.36', + 7, false, ), array( 'Googlebot-Image/1.0', + 7, false, ), array( 'Googlebot/2.1 ( http://www.google.com/bot.html)', + 7, false, ), array( 'Lynx/2.8.3dev.9 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/0.9.6', + 7, false, ), array( 'Links (0.9x; Linux 2.4.7-10 i686)', + 7, false, ), array( 'Opera/9.60 (Windows NT 5.1; U; de) Presto/2.1.1', + 7, false, ), array( 'Mozilla/4.0 (compatible; MSIE 5.0; Windows NT;)', + 7, false, ), array( 'Mozilla/4.0 (compatible; MSIE 5.0; Windows NT 4.0) Opera 6.01 [en]', + 7, false, ), array( 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; en) Opera 9.24', + 7, + false, + ), + array( + 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)', + 8, + true, + ), + array( + 'Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)', + 9, + true, + ), + array( + 'Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)', + 10, false, ), ); } /** - * @dataProvider user_agents_check_greater_ie7 + * @dataProvider user_agents_check_greater_ie_version */ - public function test_is_greater_ie7($user_agent, $expected) + public function test_is_greater_ie_version($user_agent, $version, $expected) { - $this->assertEquals($expected, phpbb_is_greater_ie_version($user_agent, 7)); + $this->assertEquals($expected, phpbb_is_greater_ie_version($user_agent, $version)); } } From 6a77ee1f30961f6363818691f91162fa67618872 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Wed, 5 Jun 2013 17:05:10 +0200 Subject: [PATCH 030/157] [ticket/11579] Do not extend validate_data_helper PHPBB3-11579 --- tests/functions/validate_data_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/functions/validate_data_helper.php b/tests/functions/validate_data_helper.php index 94ddf60429..b92a3aa5eb 100644 --- a/tests/functions/validate_data_helper.php +++ b/tests/functions/validate_data_helper.php @@ -7,7 +7,7 @@ * */ -class phpbb_functions_validate_data_helper extends PHPUnit_Framework_TestCase +class phpbb_functions_validate_data_helper { protected $test_case; From c6ba894acdfdf5b0800dc3903d01605ddd83e8e9 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Wed, 5 Jun 2013 17:36:20 +0200 Subject: [PATCH 031/157] [ticket/11579] Add method for validating emails for valid MX and mark as slow A method for setting up the prerequisities also has been added in order to reduce the amount of necessary code. PHPBB3-11579 --- tests/functions/validate_email_test.php | 32 ++++++++++++++++++++++--- 1 file changed, 29 insertions(+), 3 deletions(-) diff --git a/tests/functions/validate_email_test.php b/tests/functions/validate_email_test.php index 93b5ba0896..9a6ce39251 100644 --- a/tests/functions/validate_email_test.php +++ b/tests/functions/validate_email_test.php @@ -32,14 +32,24 @@ class phpbb_functions_validate_email_test extends phpbb_database_test_case $this->helper = new phpbb_functions_validate_data_helper($this); } - public function test_validate_email() + /** + * Get validation prerequesites + * + * @param bool $check_mx Whether mx records should be checked + */ + protected function set_validation_prerequisites($check_mx) { global $config, $db, $user; - $config['email_check_mx'] = true; + $config['email_check_mx'] = $check_mx; $db = $this->db; $user = $this->user; $user->optionset('banned_users', array('banned@example.com')); + } + + public function test_validate_email() + { + $this->set_validation_prerequisites(false); $this->helper->assert_valid_data(array( 'empty' => array( @@ -72,9 +82,25 @@ class phpbb_functions_validate_email_test extends phpbb_database_test_case 'banned@example.com', array('email'), ), + )); + } + + /** + * @group slow + */ + public function test_validate_email_mx() + { + $this->set_validation_prerequisites(true); + + $this->helper->assert_valid_data(array( + 'valid' => array( + array(), + 'foobar@phpbb.com', + array('email'), + ), 'no_mx' => array( array('DOMAIN_NO_MX_RECORD'), - 'test@wwrrrhhghgghgh.ttv', + 'test@does-not-exist.phpbb.com', array('email'), ), )); From 35064086377c3f3334e02ca153b008b0502fbdee Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Sat, 8 Jun 2013 15:26:35 +0200 Subject: [PATCH 032/157] [ticket/11550] Fix copying the fixtures in extension_permission_lang_test.php PHPBB3-11550 --- tests/functional/extension_permission_lang_test.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/tests/functional/extension_permission_lang_test.php b/tests/functional/extension_permission_lang_test.php index 9a251e8645..04c3a9d497 100644 --- a/tests/functional/extension_permission_lang_test.php +++ b/tests/functional/extension_permission_lang_test.php @@ -45,7 +45,10 @@ class phpbb_functional_extension_permission_lang_test extends phpbb_functional_t } // Copy our ext/ files from the test case to the board - self::$copied_files = array_merge(self::$copied_files, self::$helper->copy_dir(dirname(__FILE__) . '/fixtures/ext/' . $fixture, $phpbb_root_path . 'ext/' . $fixture)); + foreach (self::$fixtures as $fixture) + { + self::$copied_files = array_merge(self::$copied_files, self::$helper->copy_dir(dirname(__FILE__) . '/fixtures/ext/' . $fixture, $phpbb_root_path . 'ext/' . $fixture)); + } } /** From c8ee6cb0c200b7e64ebbae11806f4daddfd8d93d Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Sat, 8 Jun 2013 17:00:27 +0200 Subject: [PATCH 033/157] [ticket/11550] Move functionality for copying/restoring to test case helpers PHPBB3-11550 --- .../phpbb_test_case_helpers.php | 44 +++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/tests/test_framework/phpbb_test_case_helpers.php b/tests/test_framework/phpbb_test_case_helpers.php index 20ae384f21..0e0b5c2a8f 100644 --- a/tests/test_framework/phpbb_test_case_helpers.php +++ b/tests/test_framework/phpbb_test_case_helpers.php @@ -18,6 +18,50 @@ class phpbb_test_case_helpers $this->test_case = $test_case; } + private $copied_files = array(); + + public function copy_ext_fixtures($fixtures_dir, $fixtures) + { + global $phpbb_root_path; + + $this->copied_files = array(); + + if (file_exists($phpbb_root_path . 'ext/')) + { + // First, move any extensions setup on the board to a temp directory + $this->copied_files = $this->copy_dir($phpbb_root_path . 'ext/', $phpbb_root_path . 'store/temp_ext/'); + + // Then empty the ext/ directory on the board (for accurate test cases) + $this->empty_dir($phpbb_root_path . 'ext/'); + } + + // Copy our ext/ files from the test case to the board + foreach ($fixtures as $fixture) + { + $this->copied_files = array_merge($this->copied_files, $this->copy_dir($fixtures_dir . 'ext/' . $fixture, $phpbb_root_path . 'ext/' . $fixture)); + } + } + + public function restore_original_ext_dir() + { + global $phpbb_root_path; + + // Copy back the board installed extensions from the temp directory + if (file_exists($phpbb_root_path . 'store/temp_ext/')) + { + $this->copy_dir($phpbb_root_path . 'store/temp_ext/', $phpbb_root_path . 'ext/'); + } + + // Remove all of the files we copied around (from board ext -> temp_ext, from test ext -> board ext) + $this->remove_files($this->copied_files); + $this->copied_files = array(); + + if (file_exists($phpbb_root_path . 'store/temp_ext/')) + { + $this->empty_dir($phpbb_root_path . 'store/temp_ext/'); + } + } + public function setExpectedTriggerError($errno, $message = '') { $exceptionName = ''; From a61ab1e5e4bbe786d3f500438bb0dd6ca395989e Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Sat, 8 Jun 2013 17:02:31 +0200 Subject: [PATCH 034/157] [ticket/11550] Use new functionality from the test case helpers Instead of duplicating the extension copy code, it is now in the helpers. So we remove the code from existing tests. PHPBB3-11550 --- tests/functional/extension_acp_test.php | 54 ++++++------------- .../functional/extension_controller_test.php | 41 +++----------- tests/functional/extension_module_test.php | 38 +++---------- .../extension_permission_lang_test.php | 37 ++----------- tests/functional/metadata_manager_test.php | 24 ++------- .../phpbb_test_case_helpers.php | 2 +- 6 files changed, 38 insertions(+), 158 deletions(-) diff --git a/tests/functional/extension_acp_test.php b/tests/functional/extension_acp_test.php index 9badab8ced..ada17397d7 100644 --- a/tests/functional/extension_acp_test.php +++ b/tests/functional/extension_acp_test.php @@ -12,34 +12,33 @@ */ class phpbb_functional_extension_acp_test extends phpbb_functional_test_case { - static private $copied_files = array(); static private $helper; + static protected $fixtures = array( + '', + ); + /** * This should only be called once before the tests are run. - * This is used to copy the extensions to the phpBB install + * This is used to copy the fixtures to the phpBB install */ static public function setUpBeforeClass() { - global $phpbb_root_path; - parent::setUpBeforeClass(); self::$helper = new phpbb_test_case_helpers(self); + self::$helper->copy_ext_fixtures(dirname(__FILE__) . '/fixtures/ext/', self::$fixtures); + } - self::$copied_files = array(); + /** + * This should only be called once after the tests are run. + * This is used to remove the fixtures from the phpBB install + */ + static public function tearDownAfterClass() + { + parent::tearDownAfterClass(); - if (file_exists($phpbb_root_path . 'ext/')) - { - // First, move any extensions setup on the board to a temp directory - self::$copied_files = self::$helper->copy_dir($phpbb_root_path . 'ext/', $phpbb_root_path . 'store/temp_ext/'); - - // Then empty the ext/ directory on the board (for accurate test cases) - self::$helper->empty_dir($phpbb_root_path . 'ext/'); - } - - // Copy our ext/ files from the test case to the board - self::$copied_files = array_merge(self::$copied_files, self::$helper->copy_dir(dirname(__FILE__) . '/../extension/ext/', $phpbb_root_path . 'ext/')); + self::$helper->restore_original_ext_dir(); } public function setUp() @@ -84,29 +83,6 @@ class phpbb_functional_extension_acp_test extends phpbb_functional_test_case $this->add_lang('acp/extensions'); } - /** - * This should only be called once after the tests are run. - * This is used to remove the files copied to the phpBB install - */ - static public function tearDownAfterClass() - { - global $phpbb_root_path; - - if (file_exists($phpbb_root_path . 'store/temp_ext/')) - { - // Copy back the board installed extensions from the temp directory - self::$helper->copy_dir($phpbb_root_path . 'store/temp_ext/', $phpbb_root_path . 'ext/'); - } - - // Remove all of the files we copied around (from board ext -> temp_ext, from test ext -> board ext) - self::$helper->remove_files(self::$copied_files); - - if (file_exists($phpbb_root_path . 'store/temp_ext/')) - { - self::$helper->empty_dir($phpbb_root_path . 'store/temp_ext/'); - } - } - public function test_list() { $crawler = self::request('GET', 'adm/index.php?i=acp_extensions&mode=main&sid=' . $this->sid); diff --git a/tests/functional/extension_controller_test.php b/tests/functional/extension_controller_test.php index a09035cb2b..c789ea160d 100644 --- a/tests/functional/extension_controller_test.php +++ b/tests/functional/extension_controller_test.php @@ -15,6 +15,8 @@ class phpbb_functional_extension_controller_test extends phpbb_functional_test_c { protected $phpbb_extension_manager; + static private $helper; + static protected $fixtures = array( 'foo/bar/config/routing.yml', 'foo/bar/config/services.yml', @@ -28,30 +30,10 @@ class phpbb_functional_extension_controller_test extends phpbb_functional_test_c */ static public function setUpBeforeClass() { - global $phpbb_root_path; parent::setUpBeforeClass(); - $directories = array( - $phpbb_root_path . 'ext/foo/bar/', - $phpbb_root_path . 'ext/foo/bar/config/', - $phpbb_root_path . 'ext/foo/bar/controller/', - $phpbb_root_path . 'ext/foo/bar/styles/prosilver/template', - ); - - foreach ($directories as $dir) - { - if (!is_dir($dir)) - { - mkdir($dir, 0777, true); - } - } - - foreach (self::$fixtures as $fixture) - { - copy( - "tests/functional/fixtures/ext/$fixture", - "{$phpbb_root_path}ext/$fixture"); - } + self::$helper = new phpbb_test_case_helpers(self); + self::$helper->copy_ext_fixtures(dirname(__FILE__) . '/fixtures/ext/', self::$fixtures); } /** @@ -60,20 +42,9 @@ class phpbb_functional_extension_controller_test extends phpbb_functional_test_c */ static public function tearDownAfterClass() { - global $phpbb_root_path; + parent::tearDownAfterClass(); - foreach (self::$fixtures as $fixture) - { - unlink("{$phpbb_root_path}ext/$fixture"); - } - - rmdir("{$phpbb_root_path}ext/foo/bar/config"); - rmdir("{$phpbb_root_path}ext/foo/bar/controller"); - rmdir("{$phpbb_root_path}ext/foo/bar/styles/prosilver/template"); - rmdir("{$phpbb_root_path}ext/foo/bar/styles/prosilver"); - rmdir("{$phpbb_root_path}ext/foo/bar/styles"); - rmdir("{$phpbb_root_path}ext/foo/bar"); - rmdir("{$phpbb_root_path}ext/foo"); + self::$helper->restore_original_ext_dir(); } public function setUp() diff --git a/tests/functional/extension_module_test.php b/tests/functional/extension_module_test.php index c8686e0ac6..e95f0b7e3f 100644 --- a/tests/functional/extension_module_test.php +++ b/tests/functional/extension_module_test.php @@ -16,33 +16,23 @@ require_once dirname(__FILE__) . '/../../phpBB/includes/acp/acp_modules.php'; class phpbb_functional_extension_module_test extends phpbb_functional_test_case { protected $phpbb_extension_manager; - static private $copied_files = array(); + static private $helper; + static protected $fixtures = array( + '', + ); + /** * This should only be called once before the tests are run. * This is used to copy the fixtures to the phpBB install */ static public function setUpBeforeClass() { - global $phpbb_root_path; parent::setUpBeforeClass(); self::$helper = new phpbb_test_case_helpers(self); - - self::$copied_files = array(); - - if (file_exists($phpbb_root_path . 'ext/')) - { - // First, move any extensions setup on the board to a temp directory - self::$copied_files = self::$helper->copy_dir($phpbb_root_path . 'ext/', $phpbb_root_path . 'store/temp_ext/'); - - // Then empty the ext/ directory on the board (for accurate test cases) - self::$helper->empty_dir($phpbb_root_path . 'ext/'); - } - - // Copy our ext/ files from the test case to the board - self::$copied_files = array_merge(self::$copied_files, self::$helper->copy_dir(dirname(__FILE__) . '/fixtures/ext/', $phpbb_root_path . 'ext/')); + self::$helper->copy_ext_fixtures(dirname(__FILE__) . '/fixtures/ext/', self::$fixtures); } /** @@ -51,21 +41,9 @@ class phpbb_functional_extension_module_test extends phpbb_functional_test_case */ static public function tearDownAfterClass() { - global $phpbb_root_path; + parent::tearDownAfterClass(); - if (file_exists($phpbb_root_path . 'store/temp_ext/')) - { - // Copy back the board installed extensions from the temp directory - self::$helper->copy_dir($phpbb_root_path . 'store/temp_ext/', $phpbb_root_path . 'ext/'); - } - - // Remove all of the files we copied around (from board ext -> temp_ext, from test ext -> board ext) - self::$helper->remove_files(self::$copied_files); - - if (file_exists($phpbb_root_path . 'store/temp_ext/')) - { - self::$helper->empty_dir($phpbb_root_path . 'store/temp_ext/'); - } + self::$helper->restore_original_ext_dir(); } public function setUp() diff --git a/tests/functional/extension_permission_lang_test.php b/tests/functional/extension_permission_lang_test.php index 04c3a9d497..fe8ea95cf0 100644 --- a/tests/functional/extension_permission_lang_test.php +++ b/tests/functional/extension_permission_lang_test.php @@ -16,8 +16,6 @@ class phpbb_functional_extension_permission_lang_test extends phpbb_functional_t static private $helper; - static private $copied_files = array(); - static protected $fixtures = array( 'foo/bar/language/en/', ); @@ -28,27 +26,10 @@ class phpbb_functional_extension_permission_lang_test extends phpbb_functional_t */ static public function setUpBeforeClass() { - global $phpbb_root_path; parent::setUpBeforeClass(); self::$helper = new phpbb_test_case_helpers(self); - - self::$copied_files = array(); - - if (file_exists($phpbb_root_path . 'ext/')) - { - // First, move any extensions setup on the board to a temp directory - self::$copied_files = self::$helper->copy_dir($phpbb_root_path . 'ext/', $phpbb_root_path . 'store/temp_ext/'); - - // Then empty the ext/ directory on the board (for accurate test cases) - self::$helper->empty_dir($phpbb_root_path . 'ext/'); - } - - // Copy our ext/ files from the test case to the board - foreach (self::$fixtures as $fixture) - { - self::$copied_files = array_merge(self::$copied_files, self::$helper->copy_dir(dirname(__FILE__) . '/fixtures/ext/' . $fixture, $phpbb_root_path . 'ext/' . $fixture)); - } + self::$helper->copy_ext_fixtures(dirname(__FILE__) . '/fixtures/ext/', self::$fixtures); } /** @@ -57,21 +38,9 @@ class phpbb_functional_extension_permission_lang_test extends phpbb_functional_t */ static public function tearDownAfterClass() { - global $phpbb_root_path; - - if (file_exists($phpbb_root_path . 'store/temp_ext/')) - { - // Copy back the board installed extensions from the temp directory - self::$helper->copy_dir($phpbb_root_path . 'store/temp_ext/', $phpbb_root_path . 'ext/'); - } + parent::tearDownAfterClass(); - // Remove all of the files we copied around (from board ext -> temp_ext, from test ext -> board ext) - self::$helper->remove_files(self::$copied_files); - - if (file_exists($phpbb_root_path . 'store/temp_ext/')) - { - self::$helper->empty_dir($phpbb_root_path . 'store/temp_ext/'); - } + self::$helper->restore_original_ext_dir(); } public function setUp() diff --git a/tests/functional/metadata_manager_test.php b/tests/functional/metadata_manager_test.php index 7e98b0d025..9d36a41354 100644 --- a/tests/functional/metadata_manager_test.php +++ b/tests/functional/metadata_manager_test.php @@ -16,7 +16,7 @@ class phpbb_functional_metadata_manager_test extends phpbb_functional_test_case { protected $phpbb_extension_manager; - static private $helpers; + static private $helper; static protected $fixtures = array( 'foo/bar/', @@ -28,20 +28,10 @@ class phpbb_functional_metadata_manager_test extends phpbb_functional_test_case */ static public function setUpBeforeClass() { - global $phpbb_root_path; parent::setUpBeforeClass(); - self::$helpers = new phpbb_test_case_helpers(self); - - if (!file_exists($phpbb_root_path . 'ext/foo/bar/')) - { - self::$helpers->makedirs($phpbb_root_path . 'ext/foo/bar/'); - } - - foreach (self::$fixtures as $fixture) - { - self::$helpers->copy_dir(dirname(__FILE__) . '/fixtures/ext/' . $fixture, $phpbb_root_path . 'ext/' . $fixture); - } + self::$helper = new phpbb_test_case_helpers(self); + self::$helper->copy_ext_fixtures(dirname(__FILE__) . '/fixtures/ext/', self::$fixtures); } /** @@ -50,13 +40,9 @@ class phpbb_functional_metadata_manager_test extends phpbb_functional_test_case */ static public function tearDownAfterClass() { - global $phpbb_root_path; + parent::tearDownAfterClass(); - foreach (self::$fixtures as $fixture) - { - self::$helpers->empty_dir($phpbb_root_path . 'ext/' . $fixture); - } - self::$helpers->empty_dir($phpbb_root_path . 'ext/foo/'); + self::$helper->restore_original_ext_dir(); } public function setUp() diff --git a/tests/test_framework/phpbb_test_case_helpers.php b/tests/test_framework/phpbb_test_case_helpers.php index 0e0b5c2a8f..367bd3b142 100644 --- a/tests/test_framework/phpbb_test_case_helpers.php +++ b/tests/test_framework/phpbb_test_case_helpers.php @@ -38,7 +38,7 @@ class phpbb_test_case_helpers // Copy our ext/ files from the test case to the board foreach ($fixtures as $fixture) { - $this->copied_files = array_merge($this->copied_files, $this->copy_dir($fixtures_dir . 'ext/' . $fixture, $phpbb_root_path . 'ext/' . $fixture)); + $this->copied_files = array_merge($this->copied_files, $this->copy_dir($fixtures_dir . $fixture, $phpbb_root_path . 'ext/' . $fixture)); } } From 7546c3a7a76a7293b3c1524097098f3f19c39666 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Sat, 8 Jun 2013 17:14:20 +0200 Subject: [PATCH 035/157] [ticket/11550] Fixtures should only be directories not files PHPBB3-11550 --- tests/functional/extension_controller_test.php | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/tests/functional/extension_controller_test.php b/tests/functional/extension_controller_test.php index c789ea160d..ea5a51291d 100644 --- a/tests/functional/extension_controller_test.php +++ b/tests/functional/extension_controller_test.php @@ -18,10 +18,9 @@ class phpbb_functional_extension_controller_test extends phpbb_functional_test_c static private $helper; static protected $fixtures = array( - 'foo/bar/config/routing.yml', - 'foo/bar/config/services.yml', - 'foo/bar/controller/controller.php', - 'foo/bar/styles/prosilver/template/foo_bar_body.html', + 'foo/bar/config/', + 'foo/bar/controller/', + 'foo/bar/styles/prosilver/template/', ); /** From 96cf03f2001dc71b9cea934a37b8d38e77545735 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sat, 8 Jun 2013 23:13:45 +0530 Subject: [PATCH 036/157] [ticket/10820] Fix function docblock PHPBB3-10820 --- phpBB/download/file.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index c296ddce7e..b22347e0cf 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -715,7 +715,7 @@ function file_gc() * @param string $user_agent User agent HTTP header * @param int $version IE version to check against * -* @return bool true if internet explorer version is greater than 7 +* @return bool true if internet explorer version is greater than $version */ function phpbb_is_greater_ie_version($user_agent, $version) { From 0b3f18208354aabc5b9c8901c2950e9626c3e5f3 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Sun, 9 Jun 2013 17:40:33 +0200 Subject: [PATCH 037/157] [ticket/11550] We use a different fixture set for extension_acp_test.php PHPBB3-11550 --- tests/functional/extension_acp_test.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/functional/extension_acp_test.php b/tests/functional/extension_acp_test.php index ada17397d7..5f8e3762a6 100644 --- a/tests/functional/extension_acp_test.php +++ b/tests/functional/extension_acp_test.php @@ -27,7 +27,7 @@ class phpbb_functional_extension_acp_test extends phpbb_functional_test_case parent::setUpBeforeClass(); self::$helper = new phpbb_test_case_helpers(self); - self::$helper->copy_ext_fixtures(dirname(__FILE__) . '/fixtures/ext/', self::$fixtures); + self::$helper->copy_ext_fixtures(dirname(__FILE__) . '/../extension/ext/', self::$fixtures); } /** From 68d15f0f14dfdc827e1169a73c194a9e30795605 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Tue, 11 Jun 2013 11:14:24 +0200 Subject: [PATCH 038/157] [ticket/11550] Move comments to correct function PHPBB3-11550 --- tests/functional/extension_acp_test.php | 8 -------- tests/functional/extension_controller_test.php | 8 -------- tests/functional/extension_module_test.php | 8 -------- tests/functional/extension_permission_lang_test.php | 8 -------- tests/functional/metadata_manager_test.php | 8 -------- tests/test_framework/phpbb_test_case_helpers.php | 8 ++++++++ 6 files changed, 8 insertions(+), 40 deletions(-) diff --git a/tests/functional/extension_acp_test.php b/tests/functional/extension_acp_test.php index 5f8e3762a6..b36f2c6aac 100644 --- a/tests/functional/extension_acp_test.php +++ b/tests/functional/extension_acp_test.php @@ -18,10 +18,6 @@ class phpbb_functional_extension_acp_test extends phpbb_functional_test_case '', ); - /** - * This should only be called once before the tests are run. - * This is used to copy the fixtures to the phpBB install - */ static public function setUpBeforeClass() { parent::setUpBeforeClass(); @@ -30,10 +26,6 @@ class phpbb_functional_extension_acp_test extends phpbb_functional_test_case self::$helper->copy_ext_fixtures(dirname(__FILE__) . '/../extension/ext/', self::$fixtures); } - /** - * This should only be called once after the tests are run. - * This is used to remove the fixtures from the phpBB install - */ static public function tearDownAfterClass() { parent::tearDownAfterClass(); diff --git a/tests/functional/extension_controller_test.php b/tests/functional/extension_controller_test.php index ea5a51291d..9ddf1e3e5c 100644 --- a/tests/functional/extension_controller_test.php +++ b/tests/functional/extension_controller_test.php @@ -23,10 +23,6 @@ class phpbb_functional_extension_controller_test extends phpbb_functional_test_c 'foo/bar/styles/prosilver/template/', ); - /** - * This should only be called once before the tests are run. - * This is used to copy the fixtures to the phpBB install - */ static public function setUpBeforeClass() { parent::setUpBeforeClass(); @@ -35,10 +31,6 @@ class phpbb_functional_extension_controller_test extends phpbb_functional_test_c self::$helper->copy_ext_fixtures(dirname(__FILE__) . '/fixtures/ext/', self::$fixtures); } - /** - * This should only be called once after the tests are run. - * This is used to remove the fixtures from the phpBB install - */ static public function tearDownAfterClass() { parent::tearDownAfterClass(); diff --git a/tests/functional/extension_module_test.php b/tests/functional/extension_module_test.php index e95f0b7e3f..12113bedac 100644 --- a/tests/functional/extension_module_test.php +++ b/tests/functional/extension_module_test.php @@ -23,10 +23,6 @@ class phpbb_functional_extension_module_test extends phpbb_functional_test_case '', ); - /** - * This should only be called once before the tests are run. - * This is used to copy the fixtures to the phpBB install - */ static public function setUpBeforeClass() { parent::setUpBeforeClass(); @@ -35,10 +31,6 @@ class phpbb_functional_extension_module_test extends phpbb_functional_test_case self::$helper->copy_ext_fixtures(dirname(__FILE__) . '/fixtures/ext/', self::$fixtures); } - /** - * This should only be called once after the tests are run. - * This is used to remove the fixtures from the phpBB install - */ static public function tearDownAfterClass() { parent::tearDownAfterClass(); diff --git a/tests/functional/extension_permission_lang_test.php b/tests/functional/extension_permission_lang_test.php index fe8ea95cf0..6c1720735c 100644 --- a/tests/functional/extension_permission_lang_test.php +++ b/tests/functional/extension_permission_lang_test.php @@ -20,10 +20,6 @@ class phpbb_functional_extension_permission_lang_test extends phpbb_functional_t 'foo/bar/language/en/', ); - /** - * This should only be called once before the tests are run. - * This is used to copy the fixtures to the phpBB install - */ static public function setUpBeforeClass() { parent::setUpBeforeClass(); @@ -32,10 +28,6 @@ class phpbb_functional_extension_permission_lang_test extends phpbb_functional_t self::$helper->copy_ext_fixtures(dirname(__FILE__) . '/fixtures/ext/', self::$fixtures); } - /** - * This should only be called once after the tests are run. - * This is used to remove the fixtures from the phpBB install - */ static public function tearDownAfterClass() { parent::tearDownAfterClass(); diff --git a/tests/functional/metadata_manager_test.php b/tests/functional/metadata_manager_test.php index 9d36a41354..c55e7373ea 100644 --- a/tests/functional/metadata_manager_test.php +++ b/tests/functional/metadata_manager_test.php @@ -22,10 +22,6 @@ class phpbb_functional_metadata_manager_test extends phpbb_functional_test_case 'foo/bar/', ); - /** - * This should only be called once before the tests are run. - * This is used to copy the fixtures to the phpBB install - */ static public function setUpBeforeClass() { parent::setUpBeforeClass(); @@ -34,10 +30,6 @@ class phpbb_functional_metadata_manager_test extends phpbb_functional_test_case self::$helper->copy_ext_fixtures(dirname(__FILE__) . '/fixtures/ext/', self::$fixtures); } - /** - * This should only be called once after the tests are run. - * This is used to remove the fixtures from the phpBB install - */ static public function tearDownAfterClass() { parent::tearDownAfterClass(); diff --git a/tests/test_framework/phpbb_test_case_helpers.php b/tests/test_framework/phpbb_test_case_helpers.php index 367bd3b142..1b08f2368f 100644 --- a/tests/test_framework/phpbb_test_case_helpers.php +++ b/tests/test_framework/phpbb_test_case_helpers.php @@ -20,6 +20,10 @@ class phpbb_test_case_helpers private $copied_files = array(); + /** + * This should only be called once before the tests are run. + * This is used to copy the fixtures to the phpBB install + */ public function copy_ext_fixtures($fixtures_dir, $fixtures) { global $phpbb_root_path; @@ -42,6 +46,10 @@ class phpbb_test_case_helpers } } + /** + * This should only be called once after the tests are run. + * This is used to remove the fixtures from the phpBB install + */ public function restore_original_ext_dir() { global $phpbb_root_path; From 007cd6177630c3f70521be130a18f0139b58c184 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Tue, 11 Jun 2013 11:37:28 +0200 Subject: [PATCH 039/157] [ticket/11550] Specify a valid path so it's clearer that it must be a path PHPBB3-11550 --- tests/functional/extension_acp_test.php | 2 +- tests/functional/extension_module_test.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/functional/extension_acp_test.php b/tests/functional/extension_acp_test.php index b36f2c6aac..8614c0c963 100644 --- a/tests/functional/extension_acp_test.php +++ b/tests/functional/extension_acp_test.php @@ -15,7 +15,7 @@ class phpbb_functional_extension_acp_test extends phpbb_functional_test_case static private $helper; static protected $fixtures = array( - '', + './', ); static public function setUpBeforeClass() diff --git a/tests/functional/extension_module_test.php b/tests/functional/extension_module_test.php index 12113bedac..c573ea5410 100644 --- a/tests/functional/extension_module_test.php +++ b/tests/functional/extension_module_test.php @@ -20,7 +20,7 @@ class phpbb_functional_extension_module_test extends phpbb_functional_test_case static private $helper; static protected $fixtures = array( - '', + './', ); static public function setUpBeforeClass() From 5e8054f04598c449799a594fcb96cfeb8abf925a Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Tue, 11 Jun 2013 13:24:55 +0200 Subject: [PATCH 040/157] [ticket/11601] Split post_setup_synchronisation logic from xml parsing PHPBB3-11601 --- ...phpbb_database_test_connection_manager.php | 27 ++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) diff --git a/tests/test_framework/phpbb_database_test_connection_manager.php b/tests/test_framework/phpbb_database_test_connection_manager.php index bcd52b1794..30f1fa6589 100644 --- a/tests/test_framework/phpbb_database_test_connection_manager.php +++ b/tests/test_framework/phpbb_database_test_connection_manager.php @@ -480,12 +480,33 @@ class phpbb_database_test_connection_manager * @return null */ public function post_setup_synchronisation($xml_data_set) + { + $table_names = $xml_data_set->getTableNames(); + + $tables = array(); + foreach ($table_names as $table) + { + $tables[$table] = $xml_data_set->getTableMetaData($table)->getColumns(); + } + + $this->database_synchronisation($tables); + } + + /** + * Performs synchronisations on the database after a fixture has been loaded + * + * @param array $table_column_map Array of tables/columns to synchronise + * array(table1 => array(column1, column2)) + * + * @return null + */ + public function database_synchronisation($table_column_map) { $this->ensure_connected(__METHOD__); $queries = array(); - // Get escaped versions of the table names used in the fixture - $table_names = array_map(array($this->pdo, 'PDO::quote'), $xml_data_set->getTableNames()); + // Get escaped versions of the table names to synchronise + $table_names = array_map(array($this->pdo, 'PDO::quote'), array_keys($table_column_map)); switch ($this->config['dbms']) { @@ -542,7 +563,7 @@ class phpbb_database_test_connection_manager while ($row = $result->fetch(PDO::FETCH_ASSOC)) { // Get the columns used in the fixture for this table - $column_names = $xml_data_set->getTableMetaData($row['table_name'])->getColumns(); + $column_names = $table_column_map[$row['table_name']]; // Skip sequences that weren't specified in the fixture if (!in_array($row['column_name'], $column_names)) From 33bce3fac6c29787e121e5d000251353637dd422 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Tue, 11 Jun 2013 13:26:17 +0200 Subject: [PATCH 041/157] [ticket/11601] Add protected method for database sync and call it PHPBB3-11601 --- tests/test_framework/phpbb_database_test_case.php | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/tests/test_framework/phpbb_database_test_case.php b/tests/test_framework/phpbb_database_test_case.php index beddece470..28d3a716f0 100644 --- a/tests/test_framework/phpbb_database_test_case.php +++ b/tests/test_framework/phpbb_database_test_case.php @@ -62,6 +62,21 @@ abstract class phpbb_database_test_case extends PHPUnit_Extensions_Database_Test } } + /** + * Performs synchronisations for a given table/column set on the database + * + * @param array $table_column_map Information about the tables/columns to synchronise + * + * @return null + */ + protected function database_synchronisation($table_column_map) + { + $config = $this->get_database_config(); + $manager = $this->create_connection_manager($config); + $manager->connect(); + $manager->database_synchronisation($table_column_map); + } + public function createXMLDataSet($path) { $db_config = $this->get_database_config(); From 2d934704e23c7ea41f1e94191858eac8fe30833a Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Tue, 11 Jun 2013 14:10:49 +0200 Subject: [PATCH 042/157] [ticket/11602] Do not call localize_errors() if avatars are disabled The avatar manager's method localize_errors() shouldn't be called if avatars are disabled in the config. PHPBB3-11602 --- phpBB/includes/acp/acp_groups.php | 2 +- phpBB/includes/ucp/ucp_groups.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/phpBB/includes/acp/acp_groups.php b/phpBB/includes/acp/acp_groups.php index 847ccfb3cc..c79699d465 100644 --- a/phpBB/includes/acp/acp_groups.php +++ b/phpBB/includes/acp/acp_groups.php @@ -591,7 +591,7 @@ class acp_groups $avatar = phpbb_get_group_avatar($group_row, 'GROUP_AVATAR', true); - if (!$update) + if (isset($phpbb_avatar_manager) && !$update) { // Merge any avatar errors into the primary error array $error = array_merge($error, $phpbb_avatar_manager->localize_errors($user, $avatar_error)); diff --git a/phpBB/includes/ucp/ucp_groups.php b/phpBB/includes/ucp/ucp_groups.php index af08533a7d..aada0525a8 100644 --- a/phpBB/includes/ucp/ucp_groups.php +++ b/phpBB/includes/ucp/ucp_groups.php @@ -691,7 +691,7 @@ class ucp_groups } } - if (!$update) + if (isset($phpbb_avatar_manager) && !$update) { // Merge any avatars errors into the primary error array $error = array_merge($error, $phpbb_avatar_manager->localize_errors($user, $avatar_error)); From d02f98c63530454700661fc80354d66207ed8b02 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Tue, 11 Jun 2013 16:03:34 +0200 Subject: [PATCH 043/157] [ticket/11605] Use empty_dir to better delete files and dirs of extensions PHPBB3-11605 --- .../phpbb_test_case_helpers.php | 29 ++++--------------- 1 file changed, 6 insertions(+), 23 deletions(-) diff --git a/tests/test_framework/phpbb_test_case_helpers.php b/tests/test_framework/phpbb_test_case_helpers.php index 1b08f2368f..8c91d357b8 100644 --- a/tests/test_framework/phpbb_test_case_helpers.php +++ b/tests/test_framework/phpbb_test_case_helpers.php @@ -54,14 +54,18 @@ class phpbb_test_case_helpers { global $phpbb_root_path; + // Remove all of the files we copied from test ext -> board ext + $this->empty_dir($phpbb_root_path . 'ext/'); + // Copy back the board installed extensions from the temp directory if (file_exists($phpbb_root_path . 'store/temp_ext/')) { $this->copy_dir($phpbb_root_path . 'store/temp_ext/', $phpbb_root_path . 'ext/'); + + // Remove all of the files we copied from board ext -> temp_ext + $this->empty_dir($phpbb_root_path . 'store/temp_ext/'); } - // Remove all of the files we copied around (from board ext -> temp_ext, from test ext -> board ext) - $this->remove_files($this->copied_files); $this->copied_files = array(); if (file_exists($phpbb_root_path . 'store/temp_ext/')) @@ -254,27 +258,6 @@ class phpbb_test_case_helpers return $copied_files; } - /** - * Remove files/directories that are listed in an array - * Designed for use with $this->copy_dir() - * - * @param array $file_list - */ - public function remove_files($file_list) - { - foreach ($file_list as $file) - { - if (is_dir($file)) - { - rmdir($file); - } - else - { - unlink($file); - } - } - } - /** * Empty directory (remove any subdirectories/files below) * From fa8d5c7d209b616e9552e072e38242ef4e74aaca Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Tue, 11 Jun 2013 16:04:23 +0200 Subject: [PATCH 044/157] [ticket/11605] Remove unused copied_files property PHPBB3-11605 --- tests/test_framework/phpbb_test_case_helpers.php | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/tests/test_framework/phpbb_test_case_helpers.php b/tests/test_framework/phpbb_test_case_helpers.php index 8c91d357b8..50b2bf03ec 100644 --- a/tests/test_framework/phpbb_test_case_helpers.php +++ b/tests/test_framework/phpbb_test_case_helpers.php @@ -18,8 +18,6 @@ class phpbb_test_case_helpers $this->test_case = $test_case; } - private $copied_files = array(); - /** * This should only be called once before the tests are run. * This is used to copy the fixtures to the phpBB install @@ -28,12 +26,10 @@ class phpbb_test_case_helpers { global $phpbb_root_path; - $this->copied_files = array(); - if (file_exists($phpbb_root_path . 'ext/')) { // First, move any extensions setup on the board to a temp directory - $this->copied_files = $this->copy_dir($phpbb_root_path . 'ext/', $phpbb_root_path . 'store/temp_ext/'); + $this->copy_dir($phpbb_root_path . 'ext/', $phpbb_root_path . 'store/temp_ext/'); // Then empty the ext/ directory on the board (for accurate test cases) $this->empty_dir($phpbb_root_path . 'ext/'); @@ -42,7 +38,7 @@ class phpbb_test_case_helpers // Copy our ext/ files from the test case to the board foreach ($fixtures as $fixture) { - $this->copied_files = array_merge($this->copied_files, $this->copy_dir($fixtures_dir . $fixture, $phpbb_root_path . 'ext/' . $fixture)); + $this->copy_dir($fixtures_dir . $fixture, $phpbb_root_path . 'ext/' . $fixture); } } @@ -66,8 +62,6 @@ class phpbb_test_case_helpers $this->empty_dir($phpbb_root_path . 'store/temp_ext/'); } - $this->copied_files = array(); - if (file_exists($phpbb_root_path . 'store/temp_ext/')) { $this->empty_dir($phpbb_root_path . 'store/temp_ext/'); From d5f651c51406fb71dd5075be8a33a904aa570450 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Tue, 11 Jun 2013 16:16:17 +0200 Subject: [PATCH 045/157] [ticket/11599] Copy the forums into a static array for later reuse PHPBB3-11599 --- tests/tree/nestedset_forum_base.php | 55 +++++++++++++++++++++-------- 1 file changed, 40 insertions(+), 15 deletions(-) diff --git a/tests/tree/nestedset_forum_base.php b/tests/tree/nestedset_forum_base.php index 776e822280..43680609f8 100644 --- a/tests/tree/nestedset_forum_base.php +++ b/tests/tree/nestedset_forum_base.php @@ -59,27 +59,52 @@ class phpbb_tests_tree_nestedset_forum_base extends phpbb_database_test_case $this->set = new phpbb_tree_nestedset_forum($this->db, $this->lock, 'phpbb_forums'); $this->set_up_forums(); - - $sql = "UPDATE phpbb_forums - SET forum_parents = 'a:0:{}'"; - $this->db->sql_query($sql); } protected function set_up_forums() { - $this->create_forum('Parent with two flat children'); - $this->create_forum('Flat child #1', 1); - $this->create_forum('Flat child #2', 1); + static $forums; - $this->create_forum('Parent with two nested children'); - $this->create_forum('Nested child #1', 4); - $this->create_forum('Nested child #2', 5); + if (empty($forums)) + { + $this->create_forum('Parent with two flat children'); + $this->create_forum('Flat child #1', 1); + $this->create_forum('Flat child #2', 1); - $this->create_forum('Parent with flat and nested children'); - $this->create_forum('Mixed child #1', 7); - $this->create_forum('Mixed child #2', 7); - $this->create_forum('Nested child #1 of Mixed child #2', 9); - $this->create_forum('Mixed child #3', 7); + $this->create_forum('Parent with two nested children'); + $this->create_forum('Nested child #1', 4); + $this->create_forum('Nested child #2', 5); + + $this->create_forum('Parent with flat and nested children'); + $this->create_forum('Mixed child #1', 7); + $this->create_forum('Mixed child #2', 7); + $this->create_forum('Nested child #1 of Mixed child #2', 9); + $this->create_forum('Mixed child #3', 7); + + // Updating forum_parents column here so it's not empty + // This is required, so we can see whether the methods + // correctly clear the values. + $sql = "UPDATE phpbb_forums + SET forum_parents = 'a:0:{}'"; + $this->db->sql_query($sql); + + // Copy the forums into a static array, so we can reuse the list later + $sql = 'SELECT * + FROM phpbb_forums'; + $result = $this->db->sql_query($sql); + $forums = $this->db->sql_fetchrowset($result); + $this->db->sql_freeresult($result); + } + else + { + $buffer = new phpbb_db_sql_insert_buffer($this->db, 'phpbb_forums'); + $buffer->insert_all($forums); + $buffer->flush(); + + $this->database_synchronisation(array( + 'phpbb_forums' => array('forum_id'), + )); + } } protected function create_forum($name, $parent_id = 0) From fbebc2874fb7f9462b7cf2481a14166cfb906297 Mon Sep 17 00:00:00 2001 From: riadhchtara Date: Sat, 21 Apr 2012 17:43:13 +0200 Subject: [PATCH 046/157] [ticket/10820] Image downloader recognize new version of ie When a user download image attachement using ie8, the file is displayed. However, when he uses ie version greater than 8, the image is download. A changes are made to phpbb/download/file.php to solve the problem. We check now if the ie version is greater or equal to 8 and not only equal to 8 PHPBB3-10820 --- phpBB/download/file.php | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index 3ceb1ee0cc..b942c92a1c 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -285,7 +285,7 @@ else if (($display_cat == ATTACHMENT_CATEGORY_NONE/* || $display_cat == ATTACHME $db->sql_query($sql); } -if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && ((strpos(strtolower($user->browser), 'msie') !== false) && (strpos(strtolower($user->browser), 'msie 8.0') === false))) +if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && !is_greater_ie7($user->browser)) { wrap_img_in_html(append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'id=' . $attachment['attach_id']), $attachment['real_filename']); file_gc(); @@ -343,8 +343,8 @@ function send_avatar_to_browser($file, $browser) $image_data = @getimagesize($file_path); header('Content-Type: ' . image_type_to_mime_type($image_data[2])); - - if (strpos(strtolower($browser), 'msie') !== false && strpos(strtolower($browser), 'msie 8.0') === false) + + if (strpos(strtolower($browser), 'msie') !== false && !is_greater_ie7($user->browser)) { header('Content-Disposition: attachment; ' . header_filename($file)); @@ -477,10 +477,9 @@ function send_file_to_browser($attachment, $upload_dir, $category) */ // Send out the Headers. Do not set Content-Disposition to inline please, it is a security measure for users using the Internet Explorer. - $is_ie8 = (strpos(strtolower($user->browser), 'msie 8.0') !== false); header('Content-Type: ' . $attachment['mimetype']); - - if ($is_ie8) + + if (is_greater_ie7($user->browser)) { header('X-Content-Type-Options: nosniff'); } @@ -492,7 +491,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) } else { - if (empty($user->browser) || (!$is_ie8 && (strpos(strtolower($user->browser), 'msie') !== false))) + if (empty($user->browser) || (!is_greater_ie7($user->browser) && (strpos(strtolower($user->browser), 'msie') !== false))) { header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename']))); if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie 6.0') !== false)) @@ -503,7 +502,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) else { header('Content-Disposition: ' . ((strpos($attachment['mimetype'], 'image') === 0) ? 'inline' : 'attachment') . '; ' . header_filename(htmlspecialchars_decode($attachment['real_filename']))); - if ($is_ie8 && (strpos($attachment['mimetype'], 'image') !== 0)) + if (is_greater_ie7($user->browser) && (strpos($attachment['mimetype'], 'image') !== 0)) { header('X-Download-Options: noopen'); } @@ -680,7 +679,8 @@ function set_modified_headers($stamp, $browser) { // let's see if we have to send the file at all $last_load = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? strtotime(trim($_SERVER['HTTP_IF_MODIFIED_SINCE'])) : false; - if ((strpos(strtolower($browser), 'msie 6.0') === false) && (strpos(strtolower($browser), 'msie 8.0') === false)) + + if ((strpos(strtolower($browser), 'msie 6.0') === false) && (!is_greater_ie7($user->browser))) { if ($last_load !== false && $last_load >= $stamp) { @@ -709,4 +709,9 @@ function file_gc() exit; } +function is_greater_ie7($browser) +{ + return preg_match('/msie (\d{2,3}|[89]+).[0-9.]*;/', strtolower($browser)); +} + ?> \ No newline at end of file From 80d164b12151c3b3d5eb42d1874a0a1d3b288d12 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Thu, 7 Feb 2013 23:59:46 +0530 Subject: [PATCH 047/157] [ticket/10820] proper usage of global and local variable browser PHPBB3-10820 --- phpBB/download/file.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index b942c92a1c..6764ee7eac 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -344,7 +344,7 @@ function send_avatar_to_browser($file, $browser) $image_data = @getimagesize($file_path); header('Content-Type: ' . image_type_to_mime_type($image_data[2])); - if (strpos(strtolower($browser), 'msie') !== false && !is_greater_ie7($user->browser)) + if (strpos(strtolower($browser), 'msie') !== false && !is_greater_ie7($browser)) { header('Content-Disposition: attachment; ' . header_filename($file)); @@ -680,7 +680,7 @@ function set_modified_headers($stamp, $browser) // let's see if we have to send the file at all $last_load = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? strtotime(trim($_SERVER['HTTP_IF_MODIFIED_SINCE'])) : false; - if ((strpos(strtolower($browser), 'msie 6.0') === false) && (!is_greater_ie7($user->browser))) + if ((strpos(strtolower($browser), 'msie 6.0') === false) && (!is_greater_ie7($browser))) { if ($last_load !== false && $last_load >= $stamp) { From 9236f12577087e5b800b9c23e988a671702f1a9e Mon Sep 17 00:00:00 2001 From: Dhruv Date: Fri, 8 Feb 2013 00:05:06 +0530 Subject: [PATCH 048/157] [ticket/10820] fix IE check function Add phpbb_ prefix to function name and return boolean value. PHPBB3-10820 --- phpBB/download/file.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index 6764ee7eac..af41951c46 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -285,7 +285,7 @@ else if (($display_cat == ATTACHMENT_CATEGORY_NONE/* || $display_cat == ATTACHME $db->sql_query($sql); } -if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && !is_greater_ie7($user->browser)) +if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && !phpbb_is_greater_ie7($user->browser)) { wrap_img_in_html(append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'id=' . $attachment['attach_id']), $attachment['real_filename']); file_gc(); @@ -344,7 +344,7 @@ function send_avatar_to_browser($file, $browser) $image_data = @getimagesize($file_path); header('Content-Type: ' . image_type_to_mime_type($image_data[2])); - if (strpos(strtolower($browser), 'msie') !== false && !is_greater_ie7($browser)) + if (strpos(strtolower($browser), 'msie') !== false && !phpbb_is_greater_ie7($browser)) { header('Content-Disposition: attachment; ' . header_filename($file)); @@ -479,7 +479,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) // Send out the Headers. Do not set Content-Disposition to inline please, it is a security measure for users using the Internet Explorer. header('Content-Type: ' . $attachment['mimetype']); - if (is_greater_ie7($user->browser)) + if (phpbb_is_greater_ie7($user->browser)) { header('X-Content-Type-Options: nosniff'); } @@ -491,7 +491,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) } else { - if (empty($user->browser) || (!is_greater_ie7($user->browser) && (strpos(strtolower($user->browser), 'msie') !== false))) + if (empty($user->browser) || (!phpbb_is_greater_ie7($user->browser) && (strpos(strtolower($user->browser), 'msie') !== false))) { header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename']))); if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie 6.0') !== false)) @@ -502,7 +502,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) else { header('Content-Disposition: ' . ((strpos($attachment['mimetype'], 'image') === 0) ? 'inline' : 'attachment') . '; ' . header_filename(htmlspecialchars_decode($attachment['real_filename']))); - if (is_greater_ie7($user->browser) && (strpos($attachment['mimetype'], 'image') !== 0)) + if (phpbb_is_greater_ie7($user->browser) && (strpos($attachment['mimetype'], 'image') !== 0)) { header('X-Download-Options: noopen'); } @@ -680,7 +680,7 @@ function set_modified_headers($stamp, $browser) // let's see if we have to send the file at all $last_load = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? strtotime(trim($_SERVER['HTTP_IF_MODIFIED_SINCE'])) : false; - if ((strpos(strtolower($browser), 'msie 6.0') === false) && (!is_greater_ie7($browser))) + if ((strpos(strtolower($browser), 'msie 6.0') === false) && (!phpbb_is_greater_ie7($browser))) { if ($last_load !== false && $last_load >= $stamp) { @@ -709,9 +709,9 @@ function file_gc() exit; } -function is_greater_ie7($browser) +function phpbb_is_greater_ie7($browser) { - return preg_match('/msie (\d{2,3}|[89]+).[0-9.]*;/', strtolower($browser)); + return (bool) preg_match('/msie (\d{2,3}|[89]+).[0-9.]*;/', strtolower($browser)); } ?> \ No newline at end of file From 875914767414da7ef7076f444542c09bd0b83c72 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Fri, 8 Feb 2013 13:58:41 +0530 Subject: [PATCH 049/157] [ticket/10820] add function docblock PHPBB3-10820 --- phpBB/download/file.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index af41951c46..abab473bf2 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -709,6 +709,10 @@ function file_gc() exit; } +/** +* Check if the browser is internet explorer version 7+ +* @returns true if ie7+ +*/ function phpbb_is_greater_ie7($browser) { return (bool) preg_match('/msie (\d{2,3}|[89]+).[0-9.]*;/', strtolower($browser)); From 07c62dd64f65551012bd942be29179cfae99d7ab Mon Sep 17 00:00:00 2001 From: Dhruv Date: Mon, 4 Mar 2013 22:44:19 +0530 Subject: [PATCH 050/157] [ticket/10820] remove unnecessary condition checks PHPBB3-10820 --- phpBB/download/file.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index abab473bf2..8bb77efe4d 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -344,7 +344,7 @@ function send_avatar_to_browser($file, $browser) $image_data = @getimagesize($file_path); header('Content-Type: ' . image_type_to_mime_type($image_data[2])); - if (strpos(strtolower($browser), 'msie') !== false && !phpbb_is_greater_ie7($browser)) + if (!phpbb_is_greater_ie7($browser)) { header('Content-Disposition: attachment; ' . header_filename($file)); @@ -491,7 +491,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) } else { - if (empty($user->browser) || (!phpbb_is_greater_ie7($user->browser) && (strpos(strtolower($user->browser), 'msie') !== false))) + if (empty($user->browser) || !phpbb_is_greater_ie7($user->browser)) { header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename']))); if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie 6.0') !== false)) From 364828de24c14a73d98621b545f7732c18b18a4d Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sat, 13 Apr 2013 22:48:09 +0530 Subject: [PATCH 051/157] [ticket/10820] Use singular return PHPBB3-10820 --- phpBB/download/file.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index 8bb77efe4d..20d3e60580 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -711,7 +711,7 @@ function file_gc() /** * Check if the browser is internet explorer version 7+ -* @returns true if ie7+ +* @return true if ie7+ */ function phpbb_is_greater_ie7($browser) { From 687b04bcfc7a4dac8c53e9dbf5e7c31347d9d474 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sat, 13 Apr 2013 22:50:37 +0530 Subject: [PATCH 052/157] [ticket/10820] simplify regex and escape dot PHPBB3-10820 --- phpBB/download/file.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index 20d3e60580..5b274160e8 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -715,7 +715,7 @@ function file_gc() */ function phpbb_is_greater_ie7($browser) { - return (bool) preg_match('/msie (\d{2,3}|[89]+).[0-9.]*;/', strtolower($browser)); + return (bool) preg_match('/msie [^67]+\\.*;/', strtolower($browser)); } ?> \ No newline at end of file From ea7ece5d252fa8ede7d611abc812f8abc93c011d Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sat, 27 Apr 2013 20:57:51 +0530 Subject: [PATCH 053/157] [ticket/10820] add param and return to function Add param and return in function docblock. Rename function parameter to $user_agent. PHPBB3-10820 --- phpBB/download/file.php | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index 5b274160e8..081f18b15c 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -711,11 +711,14 @@ function file_gc() /** * Check if the browser is internet explorer version 7+ -* @return true if ie7+ +* +* @param string $user_agent User agent HTTP header +* +* @return bool true if ie7+ */ -function phpbb_is_greater_ie7($browser) +function phpbb_is_greater_ie7($user_agent) { - return (bool) preg_match('/msie [^67]+\\.*;/', strtolower($browser)); + return (bool) preg_match('/msie [^67]+\\.*;/', strtolower($user_agent)); } ?> \ No newline at end of file From 5ebebbd7190fb5e541df9956b5d58983765d931b Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sat, 27 Apr 2013 21:33:30 +0530 Subject: [PATCH 054/157] [ticket/10820] fix docblock PHPBB3-10820 --- phpBB/download/file.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index 081f18b15c..cba4ef3b7b 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -714,7 +714,7 @@ function file_gc() * * @param string $user_agent User agent HTTP header * -* @return bool true if ie7+ +* @return bool true if internet explorer version is greater than 7 */ function phpbb_is_greater_ie7($user_agent) { From 8f733cc658e20da74e910f3e36edcfdf86a7eba3 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sat, 27 Apr 2013 23:24:22 +0530 Subject: [PATCH 055/157] [ticket/10820] remove unnecessary parentheses PHPBB3-10820 --- phpBB/download/file.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index cba4ef3b7b..f781480bb7 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -680,7 +680,7 @@ function set_modified_headers($stamp, $browser) // let's see if we have to send the file at all $last_load = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? strtotime(trim($_SERVER['HTTP_IF_MODIFIED_SINCE'])) : false; - if ((strpos(strtolower($browser), 'msie 6.0') === false) && (!phpbb_is_greater_ie7($browser))) + if (strpos(strtolower($browser), 'msie 6.0') === false && !phpbb_is_greater_ie7($browser)) { if ($last_load !== false && $last_load >= $stamp) { From 6b5780b753a857dec087d363601e54f1515213fa Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sun, 12 May 2013 16:03:48 +0530 Subject: [PATCH 056/157] [ticket/10820] fix regex Extract IE version from user agent string and then compare it with 7 PHPBB3-10820 --- phpBB/download/file.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index f781480bb7..abc67ecdac 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -718,7 +718,15 @@ function file_gc() */ function phpbb_is_greater_ie7($user_agent) { - return (bool) preg_match('/msie [^67]+\\.*;/', strtolower($user_agent)); + if (preg_match('/msie (\d+)/', strtolower($user_agent), $matches)) + { + $ie_version = (int) $matches[1]; + return ($ie_version > 7); + } + else + { + return false; + } } ?> \ No newline at end of file From 11cd9f901e53c2e1fe2aa1f3ce5d1f0c445d7ba7 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Wed, 5 Jun 2013 00:14:46 +0530 Subject: [PATCH 057/157] [ticket/10820] Inject IE version in function PHPBB3-10820 --- phpBB/download/file.php | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index abc67ecdac..009fa3572a 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -285,7 +285,7 @@ else if (($display_cat == ATTACHMENT_CATEGORY_NONE/* || $display_cat == ATTACHME $db->sql_query($sql); } -if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && !phpbb_is_greater_ie7($user->browser)) +if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && !phpbb_is_greater_ie_version($user->browser, 7)) { wrap_img_in_html(append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'id=' . $attachment['attach_id']), $attachment['real_filename']); file_gc(); @@ -344,7 +344,7 @@ function send_avatar_to_browser($file, $browser) $image_data = @getimagesize($file_path); header('Content-Type: ' . image_type_to_mime_type($image_data[2])); - if (!phpbb_is_greater_ie7($browser)) + if (!phpbb_is_greater_ie_version($browser, 7)) { header('Content-Disposition: attachment; ' . header_filename($file)); @@ -479,7 +479,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) // Send out the Headers. Do not set Content-Disposition to inline please, it is a security measure for users using the Internet Explorer. header('Content-Type: ' . $attachment['mimetype']); - if (phpbb_is_greater_ie7($user->browser)) + if (phpbb_is_greater_ie_version($user->browser, 7)) { header('X-Content-Type-Options: nosniff'); } @@ -491,7 +491,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) } else { - if (empty($user->browser) || !phpbb_is_greater_ie7($user->browser)) + if (empty($user->browser) || !phpbb_is_greater_ie_version($user->browser, 7)) { header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename']))); if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie 6.0') !== false)) @@ -502,7 +502,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) else { header('Content-Disposition: ' . ((strpos($attachment['mimetype'], 'image') === 0) ? 'inline' : 'attachment') . '; ' . header_filename(htmlspecialchars_decode($attachment['real_filename']))); - if (phpbb_is_greater_ie7($user->browser) && (strpos($attachment['mimetype'], 'image') !== 0)) + if (phpbb_is_greater_ie_version($user->browser, 7) && (strpos($attachment['mimetype'], 'image') !== 0)) { header('X-Download-Options: noopen'); } @@ -680,7 +680,7 @@ function set_modified_headers($stamp, $browser) // let's see if we have to send the file at all $last_load = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? strtotime(trim($_SERVER['HTTP_IF_MODIFIED_SINCE'])) : false; - if (strpos(strtolower($browser), 'msie 6.0') === false && !phpbb_is_greater_ie7($browser)) + if (strpos(strtolower($browser), 'msie 6.0') === false && !phpbb_is_greater_ie_version($browser, 7)) { if ($last_load !== false && $last_load >= $stamp) { @@ -713,15 +713,16 @@ function file_gc() * Check if the browser is internet explorer version 7+ * * @param string $user_agent User agent HTTP header +* @param int $version IE version to check against * * @return bool true if internet explorer version is greater than 7 */ -function phpbb_is_greater_ie7($user_agent) +function phpbb_is_greater_ie_version($user_agent, $version) { if (preg_match('/msie (\d+)/', strtolower($user_agent), $matches)) { $ie_version = (int) $matches[1]; - return ($ie_version > 7); + return ($ie_version > $version); } else { From e0b9cdf708cf75ac189b935dad3e816a1363de3a Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sat, 8 Jun 2013 23:13:45 +0530 Subject: [PATCH 058/157] [ticket/10820] Fix function docblock PHPBB3-10820 --- phpBB/download/file.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index 009fa3572a..e06fd117cf 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -715,7 +715,7 @@ function file_gc() * @param string $user_agent User agent HTTP header * @param int $version IE version to check against * -* @return bool true if internet explorer version is greater than 7 +* @return bool true if internet explorer version is greater than $version */ function phpbb_is_greater_ie_version($user_agent, $version) { From e633ace07267579d9860a165e288fbd1ed4ba442 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Tue, 11 Jun 2013 14:53:03 +0200 Subject: [PATCH 059/157] [ticket/11603] Fix github api url and use curl with valid user agent PHPBB3-11603 --- git-tools/merge.php | 7 ++++++- git-tools/setup_github_network.php | 8 +++++++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/git-tools/merge.php b/git-tools/merge.php index 41a96c0890..2acd2280b9 100755 --- a/git-tools/merge.php +++ b/git-tools/merge.php @@ -124,7 +124,12 @@ function get_repository_url($username, $repository, $ssh = false) function api_request($query) { - $contents = file_get_contents("http://github.com/api/v2/json/$query"); + $c = curl_init(); + curl_setopt($c, CURLOPT_URL, "https://api.github.com/$query"); + curl_setopt($c, CURLOPT_RETURNTRANSFER, true); + curl_setopt($c, CURLOPT_USERAGENT, 'phpBB/1.0'); + $contents = curl_exec($c); + curl_close($c); if ($contents === false) { diff --git a/git-tools/setup_github_network.php b/git-tools/setup_github_network.php index 5f2e1609a7..87ce2616e3 100755 --- a/git-tools/setup_github_network.php +++ b/git-tools/setup_github_network.php @@ -145,7 +145,13 @@ function get_repository_url($username, $repository, $ssh = false) function api_request($query) { - $contents = file_get_contents("http://github.com/api/v2/json/$query"); + $c = curl_init(); + curl_setopt($c, CURLOPT_URL, "https://api.github.com/$query"); + curl_setopt($c, CURLOPT_RETURNTRANSFER, true); + curl_setopt($c, CURLOPT_USERAGENT, 'phpBB/1.0'); + $contents = curl_exec($c); + curl_close($c); + if ($contents === false) { return false; From bcc98ae3e7dce9c1c967622d2fccebbb0f07e9fe Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Wed, 12 Jun 2013 17:35:39 +0200 Subject: [PATCH 060/157] [ticket/11603] Rename network to forks and fix handling PHPBB3-11603 --- git-tools/setup_github_network.php | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/git-tools/setup_github_network.php b/git-tools/setup_github_network.php index 87ce2616e3..95f8c86ba3 100755 --- a/git-tools/setup_github_network.php +++ b/git-tools/setup_github_network.php @@ -22,7 +22,7 @@ function show_usage() echo " collaborators Repositories of people who have push access to the specified repository\n"; echo " contributors Repositories of people who have contributed to the specified repository\n"; echo " organisation Repositories of members of the organisation at github\n"; - echo " network All repositories of the whole github network\n"; + echo " forks All repositories of the whole github network\n"; echo "\n"; echo "Options:\n"; @@ -55,10 +55,10 @@ exit(work($scope, $username, $repository, $developer)); function work($scope, $username, $repository, $developer) { // Get some basic data - $network = get_network($username, $repository); + $forks = get_forks($username, $repository); $collaborators = get_collaborators($username, $repository); - if ($network === false || $collaborators === false) + if ($forks === false || $collaborators === false) { echo "Error: failed to retrieve network or collaborators\n"; return 1; @@ -67,19 +67,19 @@ function work($scope, $username, $repository, $developer) switch ($scope) { case 'collaborators': - $remotes = array_intersect_key($network, $collaborators); + $remotes = array_intersect_key($forks, $collaborators); break; case 'organisation': - $remotes = array_intersect_key($network, get_organisation_members($username)); + $remotes = array_intersect_key($forks, get_organisation_members($username)); break; case 'contributors': - $remotes = array_intersect_key($network, get_contributors($username, $repository)); + $remotes = array_intersect_key($forks, get_contributors($username, $repository)); break; - case 'network': - $remotes = $network; + case 'forks': + $remotes = $forks; break; default: @@ -210,20 +210,20 @@ function get_collaborators($username, $repository) return $usernames; } -function get_network($username, $repository) +function get_forks($username, $repository) { - $request = api_request("repos/show/$username/$repository/network"); + $request = api_request("repos/$username/$repository/forks"); if ($request === false) { return false; } $usernames = array(); - foreach ($request->network as $network) + foreach ($request as $fork) { - $usernames[$network->owner] = array( - 'username' => $network->owner, - 'repository' => $network->name, + $usernames[$fork->owner->login] = array( + 'username' => $fork->owner->login, + 'repository' => $fork->name, ); } From e4ccc5e6eac2bfebb8770a1a8f73f965ef0146fc Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Thu, 13 Jun 2013 13:05:33 +0200 Subject: [PATCH 061/157] [ticket/11603] Fix github API calls - Some URLs changed - Response is a plain array now - Added error messages when API limit is reached PHPBB3-11603 --- git-tools/merge.php | 11 +++++- git-tools/setup_github_network.php | 60 ++++++++++++++++++++++++------ 2 files changed, 57 insertions(+), 14 deletions(-) diff --git a/git-tools/merge.php b/git-tools/merge.php index 2acd2280b9..5eb48a53f8 100755 --- a/git-tools/merge.php +++ b/git-tools/merge.php @@ -128,6 +128,7 @@ function api_request($query) curl_setopt($c, CURLOPT_URL, "https://api.github.com/$query"); curl_setopt($c, CURLOPT_RETURNTRANSFER, true); curl_setopt($c, CURLOPT_USERAGENT, 'phpBB/1.0'); + curl_setopt($c, CURLOPT_HEADER, true); $contents = curl_exec($c); curl_close($c); @@ -135,13 +136,19 @@ function api_request($query) { throw new RuntimeException("Error: failed to retrieve pull request data\n", 4); } + $contents = json_decode($contents); - return json_decode($contents); + if (isset($contents->message) && strpos($contents->message, 'API Rate Limit') === 0) + { + exit('Reached github API Rate Limit. Please try again later' . "\n"); + } + + return $contents; } function get_pull($username, $repository, $pull_id) { - $request = api_request("pulls/$username/$repository/$pull_id"); + $request = api_request("repos/$username/$repository/pulls/$pull_id"); $pull = $request->pull; diff --git a/git-tools/setup_github_network.php b/git-tools/setup_github_network.php index 95f8c86ba3..de3ea55d13 100755 --- a/git-tools/setup_github_network.php +++ b/git-tools/setup_github_network.php @@ -60,7 +60,7 @@ function work($scope, $username, $repository, $developer) if ($forks === false || $collaborators === false) { - echo "Error: failed to retrieve network or collaborators\n"; + echo "Error: failed to retrieve forks or collaborators\n"; return 1; } @@ -143,34 +143,70 @@ function get_repository_url($username, $repository, $ssh = false) return $url_base . $username . '/' . $repository . '.git'; } -function api_request($query) +function api_request($query, $full_url = false) { $c = curl_init(); - curl_setopt($c, CURLOPT_URL, "https://api.github.com/$query"); + if ($full_url) + { + curl_setopt($c, CURLOPT_URL, $query); + } + else + { + curl_setopt($c, CURLOPT_URL, "https://api.github.com/$query?per_page=100"); + } curl_setopt($c, CURLOPT_RETURNTRANSFER, true); curl_setopt($c, CURLOPT_USERAGENT, 'phpBB/1.0'); + curl_setopt($c, CURLOPT_HEADER, true); $contents = curl_exec($c); curl_close($c); + $sub_request_result = array(); + if ($contents && strpos($contents, "\r\n\r\n") > 0) + { + list($header, $contents) = explode("\r\n\r\n", $contents); + foreach (explode("\n", $header) as $header_element) + { + if (strpos($header_element, 'Link') === 0) + { + list($head, $header_content) = explode(': ', $header_element); + foreach (explode(', ', $header_content) as $links) + { + list($url, $rel) = explode('; ', $links); + if ($rel == 'rel="next"') + { + $sub_request_result = api_request(substr($url, 1, -1), true); + } + } + } + } + } + if ($contents === false) { return false; } - return json_decode($contents); + $contents = json_decode($contents); + + if (isset($contents->message) && strpos($contents->message, 'API Rate Limit') === 0) + { + exit('Reached github API Rate Limit. Please try again later' . "\n"); + } + + return ($sub_request_result) ? array_merge($sub_request_result, $contents) : $contents; } function get_contributors($username, $repository) { - $request = api_request("repos/show/$username/$repository/contributors"); + $request = api_request("repos/$username/$repository/stats/contributors"); if ($request === false) { return false; } $usernames = array(); - foreach ($request->contributors as $contributor) + foreach ($request as $contribution) { - $usernames[$contributor->login] = $contributor->login; + $usernames[$contribution->author->login] = $contribution->author->login; } return $usernames; @@ -178,14 +214,14 @@ function get_contributors($username, $repository) function get_organisation_members($username) { - $request = api_request("organizations/$username/public_members"); + $request = api_request("orgs/$username/public_members"); if ($request === false) { return false; } $usernames = array(); - foreach ($request->users as $member) + foreach ($request as $member) { $usernames[$member->login] = $member->login; } @@ -195,16 +231,16 @@ function get_organisation_members($username) function get_collaborators($username, $repository) { - $request = api_request("repos/show/$username/$repository/collaborators"); + $request = api_request("repos/$username/$repository/collaborators"); if ($request === false) { return false; } $usernames = array(); - foreach ($request->collaborators as $collaborator) + foreach ($request as $collaborator) { - $usernames[$collaborator] = $collaborator; + $usernames[$collaborator->login] = $collaborator->login; } return $usernames; From 48f764437f3398696ad21177da02e024cc5804e5 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Thu, 13 Jun 2013 21:47:37 +0530 Subject: [PATCH 062/157] [ticket/10820] Add additional check for IE in condition PHPBB3-10820 --- phpBB/download/file.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index e06fd117cf..318e893fab 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -285,7 +285,7 @@ else if (($display_cat == ATTACHMENT_CATEGORY_NONE/* || $display_cat == ATTACHME $db->sql_query($sql); } -if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && !phpbb_is_greater_ie_version($user->browser, 7)) +if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && (strpos(strtolower($browser), 'msie') !== false) && !phpbb_is_greater_ie_version($user->browser, 7)) { wrap_img_in_html(append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'id=' . $attachment['attach_id']), $attachment['real_filename']); file_gc(); @@ -344,7 +344,7 @@ function send_avatar_to_browser($file, $browser) $image_data = @getimagesize($file_path); header('Content-Type: ' . image_type_to_mime_type($image_data[2])); - if (!phpbb_is_greater_ie_version($browser, 7)) + if ((strpos(strtolower($browser), 'msie') !== false) && !phpbb_is_greater_ie_version($browser, 7)) { header('Content-Disposition: attachment; ' . header_filename($file)); From 92c55ab111f5d28626975310fc93f35b3ca00ab0 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Thu, 13 Jun 2013 18:41:23 +0200 Subject: [PATCH 063/157] [ticket/11603] Fix spacing and add some comments PHPBB3-11603 --- git-tools/setup_github_network.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/git-tools/setup_github_network.php b/git-tools/setup_github_network.php index de3ea55d13..3f1f61b288 100755 --- a/git-tools/setup_github_network.php +++ b/git-tools/setup_github_network.php @@ -156,17 +156,19 @@ function api_request($query, $full_url = false) } curl_setopt($c, CURLOPT_RETURNTRANSFER, true); curl_setopt($c, CURLOPT_USERAGENT, 'phpBB/1.0'); - curl_setopt($c, CURLOPT_HEADER, true); + curl_setopt($c, CURLOPT_HEADER, true); $contents = curl_exec($c); curl_close($c); $sub_request_result = array(); + // Split possible headers from the body if ($contents && strpos($contents, "\r\n\r\n") > 0) { list($header, $contents) = explode("\r\n\r\n", $contents); foreach (explode("\n", $header) as $header_element) { - if (strpos($header_element, 'Link') === 0) + // Find Link Header which gives us a link to the next page + if (strpos($header_element, 'Link: ') === 0) { list($head, $header_content) = explode(': ', $header_element); foreach (explode(', ', $header_content) as $links) @@ -174,6 +176,7 @@ function api_request($query, $full_url = false) list($url, $rel) = explode('; ', $links); if ($rel == 'rel="next"') { + // Found a next link, follow it and merge the results $sub_request_result = api_request(substr($url, 1, -1), true); } } From a7af0134c0cdd5577a094e78ddae258711591b10 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Thu, 13 Jun 2013 18:43:04 +0200 Subject: [PATCH 064/157] [ticket/11603] Split api_request into two functions (query only vs. full url) PHPBB3-11603 --- git-tools/setup_github_network.php | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/git-tools/setup_github_network.php b/git-tools/setup_github_network.php index 3f1f61b288..c24968c7c2 100755 --- a/git-tools/setup_github_network.php +++ b/git-tools/setup_github_network.php @@ -143,17 +143,15 @@ function get_repository_url($username, $repository, $ssh = false) return $url_base . $username . '/' . $repository . '.git'; } -function api_request($query, $full_url = false) +function api_request($query) +{ + return api_url_request("https://api.github.com/$query?per_page=100"); +} + +function api_url_request($url) { $c = curl_init(); - if ($full_url) - { - curl_setopt($c, CURLOPT_URL, $query); - } - else - { - curl_setopt($c, CURLOPT_URL, "https://api.github.com/$query?per_page=100"); - } + curl_setopt($c, CURLOPT_URL, $url); curl_setopt($c, CURLOPT_RETURNTRANSFER, true); curl_setopt($c, CURLOPT_USERAGENT, 'phpBB/1.0'); curl_setopt($c, CURLOPT_HEADER, true); @@ -177,7 +175,7 @@ function api_request($query, $full_url = false) if ($rel == 'rel="next"') { // Found a next link, follow it and merge the results - $sub_request_result = api_request(substr($url, 1, -1), true); + $sub_request_result = api_url_request(substr($url, 1, -1)); } } } From de150cb4ad4b26ab51bcf60bd4377870e6b3866b Mon Sep 17 00:00:00 2001 From: Dhruv Date: Fri, 14 Jun 2013 00:29:06 +0530 Subject: [PATCH 065/157] [ticket/10820] fix if condition to check for IE PHPBB3-10820 --- phpBB/download/file.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/download/file.php b/phpBB/download/file.php index 318e893fab..22be27c922 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -491,7 +491,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) } else { - if (empty($user->browser) || !phpbb_is_greater_ie_version($user->browser, 7)) + if (empty($user->browser) || ((strpos(strtolower($user->browser), 'msie') !== false) && !phpbb_is_greater_ie_version($user->browser, 7))) { header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename']))); if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie 6.0') !== false)) From 50828e6d39259052fc728df9cb259ee664f6d751 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sat, 15 Jun 2013 18:41:43 +0530 Subject: [PATCH 066/157] [ticket/11094] Add textbox for jabber while memberlist search PHPBB3-11094 --- phpBB/styles/prosilver/template/memberlist_search.html | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/phpBB/styles/prosilver/template/memberlist_search.html b/phpBB/styles/prosilver/template/memberlist_search.html index 9df648f644..e6a4bfba97 100644 --- a/phpBB/styles/prosilver/template/memberlist_search.html +++ b/phpBB/styles/prosilver/template/memberlist_search.html @@ -75,6 +75,10 @@ function insert_single(user)
      +
      +
      +
      +
      From e2c049c997c1829f4f71100bdbdbba9bf72b8868 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 17 Jun 2013 16:11:23 -0400 Subject: [PATCH 067/157] [feature/auth-refactor] Provider Interface Skeleton Creates a skeleton of the authentication provider interface. PHPBB3-9734 --- phpBB/includes/auth/provider_interface.php | 32 ++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 phpBB/includes/auth/provider_interface.php diff --git a/phpBB/includes/auth/provider_interface.php b/phpBB/includes/auth/provider_interface.php new file mode 100644 index 0000000000..ac7bb311a3 --- /dev/null +++ b/phpBB/includes/auth/provider_interface.php @@ -0,0 +1,32 @@ + Date: Mon, 17 Jun 2013 16:35:06 -0400 Subject: [PATCH 068/157] [feature/auth-refactor] Auth Apache Provider Skeleton Creates a skeleton for Apache based authentication using the phpbb_auth_provider_interface named phpbb_auth_provider_apache. This brings over all code in auth_apache.php verbatim complete with all global variables currently in use. PHPBB3-9734 --- phpBB/includes/auth/provider_apache.php | 265 ++++++++++++++++++++++++ 1 file changed, 265 insertions(+) create mode 100644 phpBB/includes/auth/provider_apache.php diff --git a/phpBB/includes/auth/provider_apache.php b/phpBB/includes/auth/provider_apache.php new file mode 100644 index 0000000000..ca3bf41560 --- /dev/null +++ b/phpBB/includes/auth/provider_apache.php @@ -0,0 +1,265 @@ +is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER) || $user->data['username'] !== htmlspecialchars_decode($request->server('PHP_AUTH_USER'))) + { + return $user->lang['APACHE_SETUP_BEFORE_USE']; + } + return false; + } + + /** + * Login function + */ + public function login(&$username, &$password) + { + global $db, $request; + + // do not allow empty password + if (!$password) + { + return array( + 'status' => LOGIN_ERROR_PASSWORD, + 'error_msg' => 'NO_PASSWORD_SUPPLIED', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + if (!$username) + { + return array( + 'status' => LOGIN_ERROR_USERNAME, + 'error_msg' => 'LOGIN_ERROR_USERNAME', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + if (!$request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + $php_auth_user = htmlspecialchars_decode($request->server('PHP_AUTH_USER')); + $php_auth_pw = htmlspecialchars_decode($request->server('PHP_AUTH_PW')); + + if (!empty($php_auth_user) && !empty($php_auth_pw)) + { + if ($php_auth_user !== $username) + { + return array( + 'status' => LOGIN_ERROR_USERNAME, + 'error_msg' => 'LOGIN_ERROR_USERNAME', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type + FROM ' . USERS_TABLE . " + WHERE username = '" . $db->sql_escape($php_auth_user) . "'"; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if ($row) + { + // User inactive... + if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) + { + return array( + 'status' => LOGIN_ERROR_ACTIVE, + 'error_msg' => 'ACTIVE_ERROR', + 'user_row' => $row, + ); + } + + // Successful login... + return array( + 'status' => LOGIN_SUCCESS, + 'error_msg' => false, + 'user_row' => $row, + ); + } + + // this is the user's first login so create an empty profile + return array( + 'status' => LOGIN_SUCCESS_CREATE_PROFILE, + 'error_msg' => false, + 'user_row' => user_row_apache($php_auth_user, $php_auth_pw), + ); + } + + // Not logged into apache + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + /** + * Autologin function + * + * @return array containing the user row or empty if no auto login should + * take place + */ + public function autologin() + { + global $db, $request; + + if (!$request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) + { + return array(); + } + + $php_auth_user = htmlspecialchars_decode($request->server('PHP_AUTH_USER')); + $php_auth_pw = htmlspecialchars_decode($request->server('PHP_AUTH_PW')); + + if (!empty($php_auth_user) && !empty($php_auth_pw)) + { + set_var($php_auth_user, $php_auth_user, 'string', true); + set_var($php_auth_pw, $php_auth_pw, 'string', true); + + $sql = 'SELECT * + FROM ' . USERS_TABLE . " + WHERE username = '" . $db->sql_escape($php_auth_user) . "'"; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if ($row) + { + return ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) ? array() : $row; + } + + if (!function_exists('user_add')) + { + global $phpbb_root_path, $phpEx; + + include($phpbb_root_path . 'includes/functions_user.' . $phpEx); + } + + // create the user if he does not exist yet + user_add(user_row_apache($php_auth_user, $php_auth_pw)); + + $sql = 'SELECT * + FROM ' . USERS_TABLE . " + WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($php_auth_user)) . "'"; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if ($row) + { + return $row; + } + } + + return array(); + } + + /** + * This function generates an array which can be passed to the user_add + * function in order to create a user + * + * @param str $username The username of the new user. + * @param str $password The password of the new user. + * @return array Contains data that can be passed directly to + * the user_add function. + */ + private function user_row($username, $password) + { + global $db, $config, $user; + // first retrieve default group id + $sql = 'SELECT group_id + FROM ' . GROUPS_TABLE . " + WHERE group_name = '" . $db->sql_escape('REGISTERED') . "' + AND group_type = " . GROUP_SPECIAL; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if (!$row) + { + trigger_error('NO_GROUP'); + } + + // generate user account data + return array( + 'username' => $username, + 'user_password' => phpbb_hash($password), + 'user_email' => '', + 'group_id' => (int) $row['group_id'], + 'user_type' => USER_NORMAL, + 'user_ip' => $user->ip, + 'user_new' => ($config['new_member_post_limit']) ? 1 : 0, + ); + } + + /** + * The session validation function checks whether the user is still logged in + * + * @return boolean true if the given user is authenticated or false if + * the session should be closed + */ + public function validate_session(&$user) + { + global $request; + + // Check if PHP_AUTH_USER is set and handle this case + if ($request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) + { + $php_auth_user = $request->server('PHP_AUTH_USER'); + + return ($php_auth_user === $user['username']) ? true : false; + } + + // PHP_AUTH_USER is not set. A valid session is now determined by the user type (anonymous/bot or not) + if ($user['user_type'] == USER_IGNORE) + { + return true; + } + + return false; + } + + public function acp() + { + return; + } +} From 4917fd9ca7a372766ea1a2ec7d0726eba09d2fe1 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 17 Jun 2013 16:41:56 -0400 Subject: [PATCH 069/157] [feature/auth-refactor] Database Auth Provider Skeleton Creates a skeleton of the database auth provider from auth_db.php. The functions are copied verbatim complete with globals and any existing errors. PHPBB3-9734 --- phpBB/includes/auth/provider_db.php | 309 ++++++++++++++++++++++++++++ 1 file changed, 309 insertions(+) create mode 100644 phpBB/includes/auth/provider_db.php diff --git a/phpBB/includes/auth/provider_db.php b/phpBB/includes/auth/provider_db.php new file mode 100644 index 0000000000..bba74fc2a3 --- /dev/null +++ b/phpBB/includes/auth/provider_db.php @@ -0,0 +1,309 @@ + status constant + * 'error_msg' => string + * 'user_row' => array + * ) + */ + public function login($username, $password, $ip = '', $browser = '', $forwarded_for = '') + { + global $db, $config; + global $request; + + // Auth plugins get the password untrimmed. + // For compatibility we trim() here. + $password = trim($password); + + // do not allow empty password + if (!$password) + { + return array( + 'status' => LOGIN_ERROR_PASSWORD, + 'error_msg' => 'NO_PASSWORD_SUPPLIED', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + if (!$username) + { + return array( + 'status' => LOGIN_ERROR_USERNAME, + 'error_msg' => 'LOGIN_ERROR_USERNAME', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + $username_clean = utf8_clean_string($username); + + $sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts + FROM ' . USERS_TABLE . " + WHERE username_clean = '" . $db->sql_escape($username_clean) . "'"; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if (($ip && !$config['ip_login_limit_use_forwarded']) || + ($forwarded_for && $config['ip_login_limit_use_forwarded'])) + { + $sql = 'SELECT COUNT(*) AS attempts + FROM ' . LOGIN_ATTEMPT_TABLE . ' + WHERE attempt_time > ' . (time() - (int) $config['ip_login_limit_time']); + if ($config['ip_login_limit_use_forwarded']) + { + $sql .= " AND attempt_forwarded_for = '" . $db->sql_escape($forwarded_for) . "'"; + } + else + { + $sql .= " AND attempt_ip = '" . $db->sql_escape($ip) . "' "; + } + + $result = $db->sql_query($sql); + $attempts = (int) $db->sql_fetchfield('attempts'); + $db->sql_freeresult($result); + + $attempt_data = array( + 'attempt_ip' => $ip, + 'attempt_browser' => trim(substr($browser, 0, 149)), + 'attempt_forwarded_for' => $forwarded_for, + 'attempt_time' => time(), + 'user_id' => ($row) ? (int) $row['user_id'] : 0, + 'username' => $username, + 'username_clean' => $username_clean, + ); + $sql = 'INSERT INTO ' . LOGIN_ATTEMPT_TABLE . $db->sql_build_array('INSERT', $attempt_data); + $result = $db->sql_query($sql); + } + else + { + $attempts = 0; + } + + if (!$row) + { + if ($config['ip_login_limit_max'] && $attempts >= $config['ip_login_limit_max']) + { + return array( + 'status' => LOGIN_ERROR_ATTEMPTS, + 'error_msg' => 'LOGIN_ERROR_ATTEMPTS', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + return array( + 'status' => LOGIN_ERROR_USERNAME, + 'error_msg' => 'LOGIN_ERROR_USERNAME', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + $show_captcha = ($config['max_login_attempts'] && $row['user_login_attempts'] >= $config['max_login_attempts']) || + ($config['ip_login_limit_max'] && $attempts >= $config['ip_login_limit_max']); + + // If there are too much login attempts, we need to check for an confirm image + // Every auth module is able to define what to do by itself... + if ($show_captcha) + { + // Visual Confirmation handling + if (!class_exists('phpbb_captcha_factory', false)) + { + global $phpbb_root_path, $phpEx; + include ($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx); + } + + $captcha = phpbb_captcha_factory::get_instance($config['captcha_plugin']); + $captcha->init(CONFIRM_LOGIN); + $vc_response = $captcha->validate($row); + if ($vc_response) + { + return array( + 'status' => LOGIN_ERROR_ATTEMPTS, + 'error_msg' => 'LOGIN_ERROR_ATTEMPTS', + 'user_row' => $row, + ); + } + else + { + $captcha->reset(); + } + + } + + // If the password convert flag is set we need to convert it + if ($row['user_pass_convert']) + { + // enable super globals to get literal value + // this is needed to prevent unicode normalization + $super_globals_disabled = $request->super_globals_disabled(); + if ($super_globals_disabled) + { + $request->enable_super_globals(); + } + + // in phpBB2 passwords were used exactly as they were sent, with addslashes applied + $password_old_format = isset($_REQUEST['password']) ? (string) $_REQUEST['password'] : ''; + $password_old_format = (!STRIP) ? addslashes($password_old_format) : $password_old_format; + $password_new_format = $request->variable('password', '', true); + + if ($super_globals_disabled) + { + $request->disable_super_globals(); + } + + if ($password == $password_new_format) + { + if (!function_exists('utf8_to_cp1252')) + { + global $phpbb_root_path, $phpEx; + include($phpbb_root_path . 'includes/utf/data/recode_basic.' . $phpEx); + } + + // cp1252 is phpBB2's default encoding, characters outside ASCII range might work when converted into that encoding + // plain md5 support left in for conversions from other systems. + if ((strlen($row['user_password']) == 34 && (phpbb_check_hash(md5($password_old_format), $row['user_password']) || phpbb_check_hash(md5(utf8_to_cp1252($password_old_format)), $row['user_password']))) + || (strlen($row['user_password']) == 32 && (md5($password_old_format) == $row['user_password'] || md5(utf8_to_cp1252($password_old_format)) == $row['user_password']))) + { + $hash = phpbb_hash($password_new_format); + + // Update the password in the users table to the new format and remove user_pass_convert flag + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_password = \'' . $db->sql_escape($hash) . '\', + user_pass_convert = 0 + WHERE user_id = ' . $row['user_id']; + $db->sql_query($sql); + + $row['user_pass_convert'] = 0; + $row['user_password'] = $hash; + } + else + { + // Although we weren't able to convert this password we have to + // increase login attempt count to make sure this cannot be exploited + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_login_attempts = user_login_attempts + 1 + WHERE user_id = ' . (int) $row['user_id'] . ' + AND user_login_attempts < ' . LOGIN_ATTEMPTS_MAX; + $db->sql_query($sql); + + return array( + 'status' => LOGIN_ERROR_PASSWORD_CONVERT, + 'error_msg' => 'LOGIN_ERROR_PASSWORD_CONVERT', + 'user_row' => $row, + ); + } + } + } + + // Check password ... + if (!$row['user_pass_convert'] && phpbb_check_hash($password, $row['user_password'])) + { + // Check for old password hash... + if (strlen($row['user_password']) == 32) + { + $hash = phpbb_hash($password); + + // Update the password in the users table to the new format + $sql = 'UPDATE ' . USERS_TABLE . " + SET user_password = '" . $db->sql_escape($hash) . "', + user_pass_convert = 0 + WHERE user_id = {$row['user_id']}"; + $db->sql_query($sql); + + $row['user_password'] = $hash; + } + + $sql = 'DELETE FROM ' . LOGIN_ATTEMPT_TABLE . ' + WHERE user_id = ' . $row['user_id']; + $db->sql_query($sql); + + if ($row['user_login_attempts'] != 0) + { + // Successful, reset login attempts (the user passed all stages) + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_login_attempts = 0 + WHERE user_id = ' . $row['user_id']; + $db->sql_query($sql); + } + + // User inactive... + if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) + { + return array( + 'status' => LOGIN_ERROR_ACTIVE, + 'error_msg' => 'ACTIVE_ERROR', + 'user_row' => $row, + ); + } + + // Successful login... set user_login_attempts to zero... + return array( + 'status' => LOGIN_SUCCESS, + 'error_msg' => false, + 'user_row' => $row, + ); + } + + // Password incorrect - increase login attempts + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_login_attempts = user_login_attempts + 1 + WHERE user_id = ' . (int) $row['user_id'] . ' + AND user_login_attempts < ' . LOGIN_ATTEMPTS_MAX; + $db->sql_query($sql); + + // Give status about wrong password... + return array( + 'status' => ($show_captcha) ? LOGIN_ERROR_ATTEMPTS : LOGIN_ERROR_PASSWORD, + 'error_msg' => ($show_captcha) ? 'LOGIN_ERROR_ATTEMPTS' : 'LOGIN_ERROR_PASSWORD', + 'user_row' => $row, + ); + } + + public function autologin() + { + return; + } + + public function acp() + { + return; + } +} From 817813034032b8e94079f195db097f2377ae9ac3 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 17 Jun 2013 16:50:01 -0400 Subject: [PATCH 070/157] [feature/auth-refactor] LDAP Auth Provider Skeleton Creates a ldap auth provider using code taken verbatim from auth_ldap.php. PHPBB3-9734 --- phpBB/includes/auth/provider_ldap.php | 358 ++++++++++++++++++++++++++ 1 file changed, 358 insertions(+) create mode 100644 phpBB/includes/auth/provider_ldap.php diff --git a/phpBB/includes/auth/provider_ldap.php b/phpBB/includes/auth/provider_ldap.php new file mode 100644 index 0000000000..fb2be5ae9d --- /dev/null +++ b/phpBB/includes/auth/provider_ldap.php @@ -0,0 +1,358 @@ +lang['LDAP_NO_LDAP_EXTENSION']; + } + + $config['ldap_port'] = (int) $config['ldap_port']; + if ($config['ldap_port']) + { + $ldap = @ldap_connect($config['ldap_server'], $config['ldap_port']); + } + else + { + $ldap = @ldap_connect($config['ldap_server']); + } + + if (!$ldap) + { + return $user->lang['LDAP_NO_SERVER_CONNECTION']; + } + + @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); + @ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); + + if ($config['ldap_user'] || $config['ldap_password']) + { + if (!@ldap_bind($ldap, htmlspecialchars_decode($config['ldap_user']), htmlspecialchars_decode($config['ldap_password']))) + { + return $user->lang['LDAP_INCORRECT_USER_PASSWORD']; + } + } + + // ldap_connect only checks whether the specified server is valid, so the connection might still fail + $search = @ldap_search( + $ldap, + htmlspecialchars_decode($config['ldap_base_dn']), + ldap_user_filter($user->data['username']), + (empty($config['ldap_email'])) ? + array(htmlspecialchars_decode($config['ldap_uid'])) : + array(htmlspecialchars_decode($config['ldap_uid']), htmlspecialchars_decode($config['ldap_email'])), + 0, + 1 + ); + + if ($search === false) + { + return $user->lang['LDAP_SEARCH_FAILED']; + } + + $result = @ldap_get_entries($ldap, $search); + + @ldap_close($ldap); + + + if (!is_array($result) || sizeof($result) < 2) + { + return sprintf($user->lang['LDAP_NO_IDENTITY'], $user->data['username']); + } + + if (!empty($config['ldap_email']) && !isset($result[0][htmlspecialchars_decode($config['ldap_email'])])) + { + return $user->lang['LDAP_NO_EMAIL']; + } + + return false; + } + + /** + * Login function + */ + public function login(&$username, &$password) + { + global $db, $config, $user; + + // do not allow empty password + if (!$password) + { + return array( + 'status' => LOGIN_ERROR_PASSWORD, + 'error_msg' => 'NO_PASSWORD_SUPPLIED', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + if (!$username) + { + return array( + 'status' => LOGIN_ERROR_USERNAME, + 'error_msg' => 'LOGIN_ERROR_USERNAME', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + if (!@extension_loaded('ldap')) + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + 'error_msg' => 'LDAP_NO_LDAP_EXTENSION', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + $config['ldap_port'] = (int) $config['ldap_port']; + if ($config['ldap_port']) + { + $ldap = @ldap_connect($config['ldap_server'], $config['ldap_port']); + } + else + { + $ldap = @ldap_connect($config['ldap_server']); + } + + if (!$ldap) + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + 'error_msg' => 'LDAP_NO_SERVER_CONNECTION', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); + @ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); + + if ($config['ldap_user'] || $config['ldap_password']) + { + if (!@ldap_bind($ldap, htmlspecialchars_decode($config['ldap_user']), htmlspecialchars_decode($config['ldap_password']))) + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + 'error_msg' => 'LDAP_NO_SERVER_CONNECTION', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + } + + $search = @ldap_search( + $ldap, + htmlspecialchars_decode($config['ldap_base_dn']), + ldap_user_filter($username), + (empty($config['ldap_email'])) ? + array(htmlspecialchars_decode($config['ldap_uid'])) : + array(htmlspecialchars_decode($config['ldap_uid']), htmlspecialchars_decode($config['ldap_email'])), + 0, + 1 + ); + + $ldap_result = @ldap_get_entries($ldap, $search); + + if (is_array($ldap_result) && sizeof($ldap_result) > 1) + { + if (@ldap_bind($ldap, $ldap_result[0]['dn'], htmlspecialchars_decode($password))) + { + @ldap_close($ldap); + + $sql ='SELECT user_id, username, user_password, user_passchg, user_email, user_type + FROM ' . USERS_TABLE . " + WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'"; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if ($row) + { + unset($ldap_result); + + // User inactive... + if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) + { + return array( + 'status' => LOGIN_ERROR_ACTIVE, + 'error_msg' => 'ACTIVE_ERROR', + 'user_row' => $row, + ); + } + + // Successful login... set user_login_attempts to zero... + return array( + 'status' => LOGIN_SUCCESS, + 'error_msg' => false, + 'user_row' => $row, + ); + } + else + { + // retrieve default group id + $sql = 'SELECT group_id + FROM ' . GROUPS_TABLE . " + WHERE group_name = '" . $db->sql_escape('REGISTERED') . "' + AND group_type = " . GROUP_SPECIAL; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if (!$row) + { + trigger_error('NO_GROUP'); + } + + // generate user account data + $ldap_user_row = array( + 'username' => $username, + 'user_password' => phpbb_hash($password), + 'user_email' => (!empty($config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][htmlspecialchars_decode($config['ldap_email'])][0]) : '', + 'group_id' => (int) $row['group_id'], + 'user_type' => USER_NORMAL, + 'user_ip' => $user->ip, + 'user_new' => ($config['new_member_post_limit']) ? 1 : 0, + ); + + unset($ldap_result); + + // this is the user's first login so create an empty profile + return array( + 'status' => LOGIN_SUCCESS_CREATE_PROFILE, + 'error_msg' => false, + 'user_row' => $ldap_user_row, + ); + } + } + else + { + unset($ldap_result); + @ldap_close($ldap); + + // Give status about wrong password... + return array( + 'status' => LOGIN_ERROR_PASSWORD, + 'error_msg' => 'LOGIN_ERROR_PASSWORD', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + } + + @ldap_close($ldap); + + return array( + 'status' => LOGIN_ERROR_USERNAME, + 'error_msg' => 'LOGIN_ERROR_USERNAME', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + public function autologin(); + + /** + * This function is used to output any required fields in the authentication + * admin panel. It also defines any required configuration table fields. + */ + public function acp(&$new) + { + global $user; + + $tpl = ' + +
      +

      ' . $user->lang['LDAP_SERVER_EXPLAIN'] . '
      +
      +
      +
      +

      ' . $user->lang['LDAP_PORT_EXPLAIN'] . '
      +
      +
      +
      +

      ' . $user->lang['LDAP_DN_EXPLAIN'] . '
      +
      +
      +
      +

      ' . $user->lang['LDAP_UID_EXPLAIN'] . '
      +
      +
      +
      +

      ' . $user->lang['LDAP_USER_FILTER_EXPLAIN'] . '
      +
      +
      +
      +

      ' . $user->lang['LDAP_EMAIL_EXPLAIN'] . '
      +
      +
      +
      +

      ' . $user->lang['LDAP_USER_EXPLAIN'] . '
      +
      +
      +
      +

      ' . $user->lang['LDAP_PASSWORD_EXPLAIN'] . '
      +
      +
      + '; + + // These are fields required in the config table + return array( + 'tpl' => $tpl, + 'config' => array('ldap_server', 'ldap_port', 'ldap_base_dn', 'ldap_uid', 'ldap_user_filter', 'ldap_email', 'ldap_user', 'ldap_password') + ); + } + + /** + * Generates a filter string for ldap_search to find a user + * + * @param $username string Username identifying the searched user + * + * @return string A filter string for ldap_search + */ + public function user_filter($username) + { + global $config; + + $filter = '(' . $config['ldap_uid'] . '=' . ldap_escape(htmlspecialchars_decode($username)) . ')'; + if ($config['ldap_user_filter']) + { + $_filter = ($config['ldap_user_filter'][0] == '(' && substr($config['ldap_user_filter'], -1) == ')') ? $config['ldap_user_filter'] : "({$config['ldap_user_filter']})"; + $filter = "(&{$filter}{$_filter})"; + } + return $filter; + } + + /** + * Escapes an LDAP AttributeValue + */ + public function escape($string) + { + return str_replace(array('*', '\\', '(', ')'), array('\\*', '\\\\', '\\(', '\\)'), $string); + } +} From b8678f467824eed9daa97eacca197348c945e3e9 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Mon, 17 Jun 2013 12:47:09 +0200 Subject: [PATCH 071/157] [ticket/11561] Specify used tables in notification fixture, so they are emptied PHPBB3-11561 --- tests/notification/fixtures/notification.xml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/notification/fixtures/notification.xml b/tests/notification/fixtures/notification.xml index 38e5f811dd..c7b2d03ff1 100644 --- a/tests/notification/fixtures/notification.xml +++ b/tests/notification/fixtures/notification.xml @@ -1,5 +1,13 @@ + +
      + +
      + +
      + +
      From 516581c41edaa5f565ef90bac14cdbdc054e7914 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Tue, 18 Jun 2013 15:04:48 +0200 Subject: [PATCH 072/157] [ticket/11604] Use variables for config.php filesnames. PHPBB3-11604 --- .../phpbb_functional_test_case.php | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/tests/test_framework/phpbb_functional_test_case.php b/tests/test_framework/phpbb_functional_test_case.php index 651ab013c7..1b47cbe125 100644 --- a/tests/test_framework/phpbb_functional_test_case.php +++ b/tests/test_framework/phpbb_functional_test_case.php @@ -184,15 +184,19 @@ class phpbb_functional_test_case extends phpbb_test_case self::$config['table_prefix'] = 'phpbb_'; self::recreate_database(self::$config); - if (file_exists($phpbb_root_path . "config.$phpEx")) + $config_file = $phpbb_root_path . "config.$phpEx"; + $config_file_dev = $phpbb_root_path . "config_dev.$phpEx"; + $config_file_test = $phpbb_root_path . "config_test.$phpEx"; + + if (file_exists($config_file)) { - if (!file_exists($phpbb_root_path . "config_dev.$phpEx")) + if (!file_exists($config_file_dev)) { - rename($phpbb_root_path . "config.$phpEx", $phpbb_root_path . "config_dev.$phpEx"); + rename($config_file, $config_file_dev); } else { - unlink($phpbb_root_path . "config.$phpEx"); + unlink($config_file); } } @@ -254,7 +258,7 @@ class phpbb_functional_test_case extends phpbb_test_case $crawler = self::submit($form); self::assertContains('The configuration file has been written.', $crawler->filter('#main')->text()); - file_put_contents($phpbb_root_path . "config.$phpEx", phpbb_create_config_file_data(self::$config, self::$config['dbms'], array(), true, true)); + file_put_contents($config_file, phpbb_create_config_file_data(self::$config, self::$config['dbms'], array(), true, true)); $form = $crawler->selectButton('submit')->form(); $crawler = self::submit($form); @@ -281,7 +285,7 @@ class phpbb_functional_test_case extends phpbb_test_case $crawler = self::submit($form); self::assertContains('You have successfully installed', $crawler->text()); - copy($phpbb_root_path . "config.$phpEx", $phpbb_root_path . "config_test.$phpEx"); + copy($config_file, $config_file_test); } static private function recreate_database($config) From 21f839494ddb55d1c4aefeed113b5debe9b2e1b3 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Tue, 18 Jun 2013 15:21:28 +0200 Subject: [PATCH 073/157] [ticket/11604] Fix case where config.php is not generated by phpBB. PHPBB3-11604 --- .../phpbb_functional_test_case.php | 24 ++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/tests/test_framework/phpbb_functional_test_case.php b/tests/test_framework/phpbb_functional_test_case.php index 1b47cbe125..16ed9f5a1e 100644 --- a/tests/test_framework/phpbb_functional_test_case.php +++ b/tests/test_framework/phpbb_functional_test_case.php @@ -257,8 +257,30 @@ class phpbb_functional_test_case extends phpbb_test_case $form = $crawler->selectButton('submit')->form(); $crawler = self::submit($form); + $config_writable = strpos($crawler->filter('#main')->text(), 'It was not possible to write the configuration file.') === false; + $config_php_data = phpbb_create_config_file_data(self::$config, self::$config['dbms'], array(), true, true); + + if (!$config_writable) + { + // phpBB could not write to the config.php file, so we have to "Download" it. + self::assertContains('Download config', $crawler->filter('#main')->text()); + + file_put_contents($config_file, $config_php_data); + + $form = $crawler->selectButton('dldone')->form(); + $crawler = self::submit($form); + } + self::assertContains('The configuration file has been written.', $crawler->filter('#main')->text()); - file_put_contents($config_file, phpbb_create_config_file_data(self::$config, self::$config['dbms'], array(), true, true)); + + // Overwrite the config.php file generated by phpBB in order to get the + // DEBUG constants defined if possible. It should be possible when unit + // tests run as the same user as phpBB. + if ($config_writable && is_writable($config_file)) + { + file_put_contents($config_file, $config_php_data); + } + $form = $crawler->selectButton('submit')->form(); $crawler = self::submit($form); From e64abea999f68b248cfe41ab22ac60abc9e2951f Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 18 Jun 2013 15:17:14 -0400 Subject: [PATCH 074/157] [feature/auth-refactor] Document the provider interface Provides basic documentation of the auth_provideR_interface. Changes the login method to login($username, $password) for consistency with the providers. acp() is not fully documented. It appears that it is meant to return an array of some sort and take in a variable by reference. PHPBB3-9734 --- phpBB/includes/auth/provider_interface.php | 32 +++++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) diff --git a/phpBB/includes/auth/provider_interface.php b/phpBB/includes/auth/provider_interface.php index ac7bb311a3..8d966d8b3e 100644 --- a/phpBB/includes/auth/provider_interface.php +++ b/phpBB/includes/auth/provider_interface.php @@ -22,11 +22,41 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_interface { + /** + * Checks whether the user is currently identified to the authentication + * provider. + * Called in acp_board while setting authentication plugins. + * + * @return boolean|string False if the user is identified, otherwise an + * error message. + */ public function init(); - public function login(); + /** + * Performs login. + * + * @param $username string The name of the user being authenticated. + * @param $password string The password of the user. + * @return array An associative array of the format: + * array( + * 'status' => status constant + * 'error_msg' => string + * 'user_row' => array + * ) + */ + public function login($username, $password); + /** + * Autologin function + * + * @return array containing the user row or empty if no auto login should + * take place + */ public function autologin(); + /** + * This function is used to output any required fields in the authentication + * admin panel. It also defines any required configuration table fields. + */ public function acp(); } From db27a8c67a9730384a912298a85a7bf38e506d7d Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 18 Jun 2013 15:32:18 -0400 Subject: [PATCH 075/157] [feature/auth-refactor] Fix comment block indentation Comment block indentation was off by one space on the provider_* files due to being incorrectly copied over from the auth_* files. PHPBB3-9734 --- phpBB/includes/auth/provider_apache.php | 52 ++++++++++++------------- phpBB/includes/auth/provider_db.php | 30 +++++++------- phpBB/includes/auth/provider_ldap.php | 34 ++++++++-------- 3 files changed, 58 insertions(+), 58 deletions(-) diff --git a/phpBB/includes/auth/provider_apache.php b/phpBB/includes/auth/provider_apache.php index ca3bf41560..bb25e502a6 100644 --- a/phpBB/includes/auth/provider_apache.php +++ b/phpBB/includes/auth/provider_apache.php @@ -23,12 +23,12 @@ if (!defined('IN_PHPBB')) class phpbb_auth_provider_apache implements phpbb_auth_provider_interface { /** - * Checks whether the user is identified to apache - * Only allow changing authentication to apache if the user is identified - * Called in acp_board while setting authentication plugins - * - * @return boolean|string false if the user is identified and else an error message - */ + * Checks whether the user is identified to apache + * Only allow changing authentication to apache if the user is identified + * Called in acp_board while setting authentication plugins + * + * @return boolean|string false if the user is identified and else an error message + */ public function init() { global $user, $request; @@ -41,8 +41,8 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface } /** - * Login function - */ + * Login function + */ public function login(&$username, &$password) { global $db, $request; @@ -133,11 +133,11 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface } /** - * Autologin function - * - * @return array containing the user row or empty if no auto login should - * take place - */ + * Autologin function + * + * @return array containing the user row or empty if no auto login should + * take place + */ public function autologin() { global $db, $request; @@ -194,14 +194,14 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface } /** - * This function generates an array which can be passed to the user_add - * function in order to create a user - * - * @param str $username The username of the new user. - * @param str $password The password of the new user. - * @return array Contains data that can be passed directly to - * the user_add function. - */ + * This function generates an array which can be passed to the user_add + * function in order to create a user + * + * @param str $username The username of the new user. + * @param str $password The password of the new user. + * @return array Contains data that can be passed directly to + * the user_add function. + */ private function user_row($username, $password) { global $db, $config, $user; @@ -232,11 +232,11 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface } /** - * The session validation function checks whether the user is still logged in - * - * @return boolean true if the given user is authenticated or false if - * the session should be closed - */ + * The session validation function checks whether the user is still logged in + * + * @return boolean true if the given user is authenticated or false if + * the session should be closed + */ public function validate_session(&$user) { global $request; diff --git a/phpBB/includes/auth/provider_db.php b/phpBB/includes/auth/provider_db.php index bba74fc2a3..c55837c685 100644 --- a/phpBB/includes/auth/provider_db.php +++ b/phpBB/includes/auth/provider_db.php @@ -30,21 +30,21 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface } /** - * Login function - * - * @param string $username - * @param string $password - * @param string $ip IP address the login is taking place from. Used to - * limit the number of login attempts per IP address. - * @param string $browser The user agent used to login - * @param string $forwarded_for X_FORWARDED_FOR header sent with login request - * @return array A associative array of the format - * array( - * 'status' => status constant - * 'error_msg' => string - * 'user_row' => array - * ) - */ + * Login function + * + * @param string $username + * @param string $password + * @param string $ip IP address the login is taking place from. Used to + * limit the number of login attempts per IP address. + * @param string $browser The user agent used to login + * @param string $forwarded_for X_FORWARDED_FOR header sent with login request + * @return array A associative array of the format + * array( + * 'status' => status constant + * 'error_msg' => string + * 'user_row' => array + * ) + */ public function login($username, $password, $ip = '', $browser = '', $forwarded_for = '') { global $db, $config; diff --git a/phpBB/includes/auth/provider_ldap.php b/phpBB/includes/auth/provider_ldap.php index fb2be5ae9d..3c54ba212c 100644 --- a/phpBB/includes/auth/provider_ldap.php +++ b/phpBB/includes/auth/provider_ldap.php @@ -25,10 +25,10 @@ if (!defined('IN_PHPBB')) class phpbb_auth_provider_db implements phpbb_auth_provider_interface { /** - * Connect to ldap server - * Only allow changing authentication to ldap if we can connect to the ldap server - * Called in acp_board while setting authentication plugins - */ + * Connect to ldap server + * Only allow changing authentication to ldap if we can connect to the ldap server + * Called in acp_board while setting authentication plugins + */ public function init() { global $config, $user; @@ -100,8 +100,8 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface } /** - * Login function - */ + * Login function + */ public function login(&$username, &$password) { global $db, $config, $user; @@ -278,9 +278,9 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface public function autologin(); /** - * This function is used to output any required fields in the authentication - * admin panel. It also defines any required configuration table fields. - */ + * This function is used to output any required fields in the authentication + * admin panel. It also defines any required configuration table fields. + */ public function acp(&$new) { global $user; @@ -329,12 +329,12 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface } /** - * Generates a filter string for ldap_search to find a user - * - * @param $username string Username identifying the searched user - * - * @return string A filter string for ldap_search - */ + * Generates a filter string for ldap_search to find a user + * + * @param $username string Username identifying the searched user + * + * @return string A filter string for ldap_search + */ public function user_filter($username) { global $config; @@ -349,8 +349,8 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface } /** - * Escapes an LDAP AttributeValue - */ + * Escapes an LDAP AttributeValue + */ public function escape($string) { return str_replace(array('*', '\\', '(', ')'), array('\\*', '\\\\', '\\(', '\\)'), $string); From 57689948e252ef3240b2c20be95923d6a0635ca9 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 18 Jun 2013 15:39:51 -0400 Subject: [PATCH 076/157] [feature/auth-refactor] Make Apache consistent with interface Makes the provider_apache consistent with the provider_interface by removing the pass-by-reference of $username and $password. PHPBB3-9734 --- phpBB/includes/auth/provider_apache.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/includes/auth/provider_apache.php b/phpBB/includes/auth/provider_apache.php index bb25e502a6..01aa9400fd 100644 --- a/phpBB/includes/auth/provider_apache.php +++ b/phpBB/includes/auth/provider_apache.php @@ -43,7 +43,7 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface /** * Login function */ - public function login(&$username, &$password) + public function login($username, $password) { global $db, $request; From 204c640c773e707845859d103b74d64596de402d Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 18 Jun 2013 15:57:31 -0400 Subject: [PATCH 077/157] [feature/auth-refactor] Make LDAP consistent with interface Makes the provider_ldap consistent with the provider_interface except for the acp() method which has not yet been finalized. Renames phpbb_auth_provider_ldap::user_filter to phpbb_auth_provider_ldap::ldap_user_filter to maintain the original name of the function from auth_ldap. PHPBB3-9734 --- phpBB/includes/auth/provider_ldap.php | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/phpBB/includes/auth/provider_ldap.php b/phpBB/includes/auth/provider_ldap.php index 3c54ba212c..3636c7ae6d 100644 --- a/phpBB/includes/auth/provider_ldap.php +++ b/phpBB/includes/auth/provider_ldap.php @@ -68,7 +68,7 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface $search = @ldap_search( $ldap, htmlspecialchars_decode($config['ldap_base_dn']), - ldap_user_filter($user->data['username']), + $this->ldap_user_filter($user->data['username']), (empty($config['ldap_email'])) ? array(htmlspecialchars_decode($config['ldap_uid'])) : array(htmlspecialchars_decode($config['ldap_uid']), htmlspecialchars_decode($config['ldap_email'])), @@ -102,7 +102,7 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface /** * Login function */ - public function login(&$username, &$password) + public function login($username, $password) { global $db, $config, $user; @@ -171,7 +171,7 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface $search = @ldap_search( $ldap, htmlspecialchars_decode($config['ldap_base_dn']), - ldap_user_filter($username), + $this->ldap_user_filter($username), (empty($config['ldap_email'])) ? array(htmlspecialchars_decode($config['ldap_uid'])) : array(htmlspecialchars_decode($config['ldap_uid']), htmlspecialchars_decode($config['ldap_email'])), @@ -275,7 +275,10 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface ); } - public function autologin(); + public function autologin() + { + return; + } /** * This function is used to output any required fields in the authentication @@ -335,7 +338,7 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface * * @return string A filter string for ldap_search */ - public function user_filter($username) + public function ldap_user_filter($username) { global $config; From 0432c3273992cf44b711fad92d442c81016a96c1 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 18 Jun 2013 16:07:23 -0400 Subject: [PATCH 078/157] [feature/auth-refactor] Make DB auth consistent with interface Makes provider_db consistent with provider_interface. Removes $ip, $browser, and $forwarded_for from the arguments of phpbb_auth_provider_db::login() as these are provided by the global variable $user. PHPBB3-9734 --- phpBB/includes/auth/provider_db.php | 22 +++++++++------------- 1 file changed, 9 insertions(+), 13 deletions(-) diff --git a/phpBB/includes/auth/provider_db.php b/phpBB/includes/auth/provider_db.php index c55837c685..9e865f4b5b 100644 --- a/phpBB/includes/auth/provider_db.php +++ b/phpBB/includes/auth/provider_db.php @@ -34,10 +34,6 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface * * @param string $username * @param string $password - * @param string $ip IP address the login is taking place from. Used to - * limit the number of login attempts per IP address. - * @param string $browser The user agent used to login - * @param string $forwarded_for X_FORWARDED_FOR header sent with login request * @return array A associative array of the format * array( * 'status' => status constant @@ -45,10 +41,10 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface * 'user_row' => array * ) */ - public function login($username, $password, $ip = '', $browser = '', $forwarded_for = '') + public function login($username, $password) { global $db, $config; - global $request; + global $request, $user; // Auth plugins get the password untrimmed. // For compatibility we trim() here. @@ -82,19 +78,19 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); - if (($ip && !$config['ip_login_limit_use_forwarded']) || - ($forwarded_for && $config['ip_login_limit_use_forwarded'])) + if (($user->ip && !$config['ip_login_limit_use_forwarded']) || + ($user->forwarded_for && $config['ip_login_limit_use_forwarded'])) { $sql = 'SELECT COUNT(*) AS attempts FROM ' . LOGIN_ATTEMPT_TABLE . ' WHERE attempt_time > ' . (time() - (int) $config['ip_login_limit_time']); if ($config['ip_login_limit_use_forwarded']) { - $sql .= " AND attempt_forwarded_for = '" . $db->sql_escape($forwarded_for) . "'"; + $sql .= " AND attempt_forwarded_for = '" . $db->sql_escape($user->forwarded_for) . "'"; } else { - $sql .= " AND attempt_ip = '" . $db->sql_escape($ip) . "' "; + $sql .= " AND attempt_ip = '" . $db->sql_escape($user->ip) . "' "; } $result = $db->sql_query($sql); @@ -102,9 +98,9 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface $db->sql_freeresult($result); $attempt_data = array( - 'attempt_ip' => $ip, - 'attempt_browser' => trim(substr($browser, 0, 149)), - 'attempt_forwarded_for' => $forwarded_for, + 'attempt_ip' => $user->ip, + 'attempt_browser' => trim(substr($user->browser, 0, 149)), + 'attempt_forwarded_for' => $user->forwarded_for, 'attempt_time' => time(), 'user_id' => ($row) ? (int) $row['user_id'] : 0, 'username' => $username, From ffed3d109e25756c4de2116b09d34c4c92d9b61c Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sat, 20 Apr 2013 19:26:01 +0530 Subject: [PATCH 079/157] [ticket/11437] avoid $start becoming negative when no search results are found When search returns no results there is no need to go inside the if statement. Since $result_count becomes zero, $start becomes negative which leads to failed assertion. PHPBB3-11437 --- phpBB/includes/search/fulltext_sphinx.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/includes/search/fulltext_sphinx.php b/phpBB/includes/search/fulltext_sphinx.php index 63e35eb4af..889324bbda 100644 --- a/phpBB/includes/search/fulltext_sphinx.php +++ b/phpBB/includes/search/fulltext_sphinx.php @@ -611,7 +611,7 @@ class phpbb_search_fulltext_sphinx $result_count = $result['total_found']; - if ($start >= $result_count) + if ($result_count && $start >= $result_count) { $start = floor(($result_count - 1) / $per_page) * $per_page; From 7bdab205a13380242ef2469d192abc22b48010d8 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 18 Jun 2013 16:55:35 -0400 Subject: [PATCH 080/157] [feature/auth-refactor] Refactor login to use new interface Refactors auth.php to use the provider_interface during login. PHPBB-9734 --- phpBB/includes/auth/auth.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/phpBB/includes/auth/auth.php b/phpBB/includes/auth/auth.php index 2535247571..009e621e13 100644 --- a/phpBB/includes/auth/auth.php +++ b/phpBB/includes/auth/auth.php @@ -932,10 +932,11 @@ class phpbb_auth $method = trim(basename($config['auth_method'])); include_once($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx); - $method = 'login_' . $method; - if (function_exists($method)) + $class = 'phpbb_auth_provider_' . $method; + if (class_exists($class)) { - $login = $method($username, $password, $user->ip, $user->browser, $user->forwarded_for); + $provider = new $class(); + $login = $provider->login($username, $password); // If the auth module wants us to create an empty profile do so and then treat the status as LOGIN_SUCCESS if ($login['status'] == LOGIN_SUCCESS_CREATE_PROFILE) From 1516ae7e7ed77879506a32f00c9787b95106235d Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Wed, 19 Jun 2013 13:38:03 +0200 Subject: [PATCH 081/157] [ticket/11603] Avoid using cURL PHPBB3-11603 --- git-tools/merge.php | 17 ++++++++++------- git-tools/setup_github_network.php | 21 +++++++++------------ 2 files changed, 19 insertions(+), 19 deletions(-) diff --git a/git-tools/merge.php b/git-tools/merge.php index 5eb48a53f8..08c0ecfbd0 100755 --- a/git-tools/merge.php +++ b/git-tools/merge.php @@ -124,13 +124,16 @@ function get_repository_url($username, $repository, $ssh = false) function api_request($query) { - $c = curl_init(); - curl_setopt($c, CURLOPT_URL, "https://api.github.com/$query"); - curl_setopt($c, CURLOPT_RETURNTRANSFER, true); - curl_setopt($c, CURLOPT_USERAGENT, 'phpBB/1.0'); - curl_setopt($c, CURLOPT_HEADER, true); - $contents = curl_exec($c); - curl_close($c); + return api_url_request("https://api.github.com/$query?per_page=100"); +} + +function api_url_request($url) +{ + $contents = file_get_contents($url, false, stream_context_create(array( + 'http' => array( + 'header' => "User-Agent: phpBB/1.0\r\n", + ), + ))); if ($contents === false) { diff --git a/git-tools/setup_github_network.php b/git-tools/setup_github_network.php index c24968c7c2..e5bc89bf91 100755 --- a/git-tools/setup_github_network.php +++ b/git-tools/setup_github_network.php @@ -150,21 +150,18 @@ function api_request($query) function api_url_request($url) { - $c = curl_init(); - curl_setopt($c, CURLOPT_URL, $url); - curl_setopt($c, CURLOPT_RETURNTRANSFER, true); - curl_setopt($c, CURLOPT_USERAGENT, 'phpBB/1.0'); - curl_setopt($c, CURLOPT_HEADER, true); - $contents = curl_exec($c); - curl_close($c); + $contents = file_get_contents($url, false, stream_context_create(array( + 'http' => array( + 'header' => "User-Agent: phpBB/1.0\r\n", + ), + ))); $sub_request_result = array(); // Split possible headers from the body - if ($contents && strpos($contents, "\r\n\r\n") > 0) + if (!empty($http_response_header)) { - list($header, $contents) = explode("\r\n\r\n", $contents); - foreach (explode("\n", $header) as $header_element) - { + foreach ($http_response_header as $header_element) + { // Find Link Header which gives us a link to the next page if (strpos($header_element, 'Link: ') === 0) { @@ -179,7 +176,7 @@ function api_url_request($url) } } } - } + } } if ($contents === false) From 99e486dc8234d28aae1e9c3ed108f0b78d0033f0 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Wed, 19 Jun 2013 13:45:42 +0200 Subject: [PATCH 082/157] [ticket/11603] Throw RuntimeExceptions instead of using exit() PHPBB3-11603 --- git-tools/merge.php | 2 +- git-tools/setup_github_network.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/git-tools/merge.php b/git-tools/merge.php index 08c0ecfbd0..f6142095fb 100755 --- a/git-tools/merge.php +++ b/git-tools/merge.php @@ -143,7 +143,7 @@ function api_url_request($url) if (isset($contents->message) && strpos($contents->message, 'API Rate Limit') === 0) { - exit('Reached github API Rate Limit. Please try again later' . "\n"); + throw new RuntimeException('Reached github API Rate Limit. Please try again later' . "\n", 4); } return $contents; diff --git a/git-tools/setup_github_network.php b/git-tools/setup_github_network.php index e5bc89bf91..bc85d67ab5 100755 --- a/git-tools/setup_github_network.php +++ b/git-tools/setup_github_network.php @@ -187,7 +187,7 @@ function api_url_request($url) if (isset($contents->message) && strpos($contents->message, 'API Rate Limit') === 0) { - exit('Reached github API Rate Limit. Please try again later' . "\n"); + throw new RuntimeException('Reached github API Rate Limit. Please try again later' . "\n", 4); } return ($sub_request_result) ? array_merge($sub_request_result, $contents) : $contents; From 1af6dc22e2ccb13b610a932a9b043d2d9d4ea17d Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Wed, 19 Jun 2013 17:03:41 +0200 Subject: [PATCH 083/157] [ticket/11604] Skip installer step where config.php is created. PHPBB3-11604 --- .../phpbb_functional_test_case.php | 47 +++++++++++-------- 1 file changed, 27 insertions(+), 20 deletions(-) diff --git a/tests/test_framework/phpbb_functional_test_case.php b/tests/test_framework/phpbb_functional_test_case.php index 16ed9f5a1e..6b423b56fd 100644 --- a/tests/test_framework/phpbb_functional_test_case.php +++ b/tests/test_framework/phpbb_functional_test_case.php @@ -220,10 +220,12 @@ class phpbb_functional_test_case extends phpbb_test_case self::assertContains('Welcome to Installation', $crawler->filter('#main')->text()); $form = $crawler->selectButton('submit')->form(); + // install/index.php?mode=install&sub=requirements $crawler = self::submit($form); self::assertContains('Installation compatibility', $crawler->filter('#main')->text()); $form = $crawler->selectButton('submit')->form(); + // install/index.php?mode=install&sub=database $crawler = self::submit($form); self::assertContains('Database configuration', $crawler->filter('#main')->text()); $form = $crawler->selectButton('submit')->form(array( @@ -237,10 +239,12 @@ class phpbb_functional_test_case extends phpbb_test_case 'table_prefix' => self::$config['table_prefix'], )); + // install/index.php?mode=install&sub=database $crawler = self::submit($form); self::assertContains('Successful connection', $crawler->filter('#main')->text()); $form = $crawler->selectButton('submit')->form(); + // install/index.php?mode=install&sub=administrator $crawler = self::submit($form); self::assertContains('Administrator configuration', $crawler->filter('#main')->text()); $form = $crawler->selectButton('submit')->form(array( @@ -252,38 +256,38 @@ class phpbb_functional_test_case extends phpbb_test_case 'board_email2' => 'nobody@example.com', )); + // install/index.php?mode=install&sub=administrator $crawler = self::submit($form); self::assertContains('Tests passed', $crawler->filter('#main')->text()); $form = $crawler->selectButton('submit')->form(); - $crawler = self::submit($form); - $config_writable = strpos($crawler->filter('#main')->text(), 'It was not possible to write the configuration file.') === false; + // We have to skip install/index.php?mode=install&sub=config_file + // because that step will create a config.php file if phpBB has the + // permission to do so. We have to create the config file on our own + // in order to get the DEBUG constants defined. $config_php_data = phpbb_create_config_file_data(self::$config, self::$config['dbms'], array(), true, true); - - if (!$config_writable) + $config_created = file_put_contents($config_file, $config_php_data) !== false; + if (!$config_created) { - // phpBB could not write to the config.php file, so we have to "Download" it. - self::assertContains('Download config', $crawler->filter('#main')->text()); - - file_put_contents($config_file, $config_php_data); - - $form = $crawler->selectButton('dldone')->form(); - $crawler = self::submit($form); + self::markTestSkipped("Could not write $config_file file."); } - self::assertContains('The configuration file has been written.', $crawler->filter('#main')->text()); - - // Overwrite the config.php file generated by phpBB in order to get the - // DEBUG constants defined if possible. It should be possible when unit - // tests run as the same user as phpBB. - if ($config_writable && is_writable($config_file)) + // We also have to create a install lock that is normally created by + // the installer. The file will be removed by the final step of the + // installer. + $install_lock_file = $phpbb_root_path . 'cache/install_lock'; + $lock_created = file_put_contents($install_lock_file, '') !== false; + if (!$lock_created) { - file_put_contents($config_file, $config_php_data); + self::markTestSkipped("Could not create $lock_created file."); } + @chmod($install_lock_file, 0666); - $form = $crawler->selectButton('submit')->form(); + // install/index.php?mode=install&sub=advanced + $form_data = $form->getValues(); + unset($form_data['submit']); - $crawler = self::submit($form); + $crawler = self::request('POST', 'install/index.php?mode=install&sub=advanced', $form_data); self::assertContains('The settings on this page are only necessary to set if you know that you require something different from the default.', $crawler->filter('#main')->text()); $form = $crawler->selectButton('submit')->form(array( 'email_enable' => true, @@ -300,13 +304,16 @@ class phpbb_functional_test_case extends phpbb_test_case 'script_path' => $parseURL['path'], )); + // install/index.php?mode=install&sub=create_table $crawler = self::submit($form); self::assertContains('The database tables used by phpBB', $crawler->filter('#main')->text()); self::assertContains('have been created and populated with some initial data.', $crawler->filter('#main')->text()); $form = $crawler->selectButton('submit')->form(); + // install/index.php?mode=install&sub=final $crawler = self::submit($form); self::assertContains('You have successfully installed', $crawler->text()); + copy($config_file, $config_file_test); } From 553c300688818c36acc4d579762b3eb428d27321 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 19 Jun 2013 14:20:29 -0400 Subject: [PATCH 084/157] [feature/auth-refactor] Fix typos causing changes to not work Replaces short tags with long tags. Fixes the interface to be an interface and not class in the file. Removes unnecessary include_once from auth.php. PHPBB-9734 --- phpBB/includes/auth/auth.php | 1 - phpBB/includes/auth/provider_apache.php | 2 +- phpBB/includes/auth/provider_db.php | 2 +- phpBB/includes/auth/provider_interface.php | 4 ++-- phpBB/includes/auth/provider_ldap.php | 2 +- 5 files changed, 5 insertions(+), 6 deletions(-) diff --git a/phpBB/includes/auth/auth.php b/phpBB/includes/auth/auth.php index 009e621e13..ab84619977 100644 --- a/phpBB/includes/auth/auth.php +++ b/phpBB/includes/auth/auth.php @@ -930,7 +930,6 @@ class phpbb_auth global $config, $db, $user, $phpbb_root_path, $phpEx; $method = trim(basename($config['auth_method'])); - include_once($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx); $class = 'phpbb_auth_provider_' . $method; if (class_exists($class)) diff --git a/phpBB/includes/auth/provider_apache.php b/phpBB/includes/auth/provider_apache.php index 01aa9400fd..a923fb4265 100644 --- a/phpBB/includes/auth/provider_apache.php +++ b/phpBB/includes/auth/provider_apache.php @@ -1,4 +1,4 @@ - Date: Wed, 19 Jun 2013 14:57:11 -0400 Subject: [PATCH 085/157] [feature/auth-refactor] Refactor acp_board for new auth interface Partially refactors acp_board for the new authentication interface. Leaves some questionable if statements in the file. Modifies the interface to correctly impletment the acp() method. Modifies each provider to comply with the above mentioned interface modification. PHPBB3-9734 --- phpBB/includes/acp/acp_board.php | 35 +++++++++++----------- phpBB/includes/auth/provider_apache.php | 2 +- phpBB/includes/auth/provider_db.php | 2 +- phpBB/includes/auth/provider_interface.php | 2 +- phpBB/includes/auth/provider_ldap.php | 4 +-- 5 files changed, 22 insertions(+), 23 deletions(-) diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 6881e03fdb..9407d81575 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -530,9 +530,9 @@ class acp_board { while (($file = readdir($dp)) !== false) { - if (preg_match('#^auth_(.*?)\.' . $phpEx . '$#', $file)) + if (preg_match('#^provider_(.*?)\.' . $phpEx . '$#', $file) && !preg_match('#^provider_interface\.' . $phpEx . '$#', $file)) { - $auth_plugins[] = basename(preg_replace('#^auth_(.*?)\.' . $phpEx . '$#', '\1', $file)); + $auth_plugins[] = basename(preg_replace('#^provider_(.*?)\.' . $phpEx . '$#', '\1', $file)); } } closedir($dp); @@ -544,14 +544,13 @@ class acp_board $old_auth_config = array(); foreach ($auth_plugins as $method) { - if ($method && file_exists($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx)) + if ($method) { - include_once($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx); - - $method = 'acp_' . $method; - if (function_exists($method)) + $class = 'phpbb_auth_provider_' . $method; + if (class_exists($class)) { - if ($fields = $method($this->new_config)) + $provider = new $class(); + if ($fields = $provider->acp($this->new_config)) { // Check if we need to create config fields for this plugin and save config when submit was pressed foreach ($fields['config'] as $field) @@ -585,14 +584,13 @@ class acp_board if ($submit && (($cfg_array['auth_method'] != $this->new_config['auth_method']) || $updated_auth_settings)) { $method = basename($cfg_array['auth_method']); - if ($method && in_array($method, $auth_plugins)) + if ($method) { - include_once($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx); - - $method = 'init_' . $method; - if (function_exists($method)) + $class = 'phpbb_auth_provider_' . $method; + if (class_exists($class)) { - if ($error = $method()) + $provider = new $class(); + if ($error = $provider->init()) { foreach ($old_auth_config as $config_name => $config_value) { @@ -685,12 +683,13 @@ class acp_board foreach ($auth_plugins as $method) { - if ($method && file_exists($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx)) + if ($method) { - $method = 'acp_' . $method; - if (function_exists($method)) + $class = 'phpbb_auth_provider_' . $method; + if (class_exists($class)) { - $fields = $method($this->new_config); + $provider = new $class(); + $fields = $provider->acp($this->new_config); if ($fields['tpl']) { diff --git a/phpBB/includes/auth/provider_apache.php b/phpBB/includes/auth/provider_apache.php index a923fb4265..2d26b85877 100644 --- a/phpBB/includes/auth/provider_apache.php +++ b/phpBB/includes/auth/provider_apache.php @@ -258,7 +258,7 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface return false; } - public function acp() + public function acp($new) { return; } diff --git a/phpBB/includes/auth/provider_db.php b/phpBB/includes/auth/provider_db.php index 60ea105236..df935fcd73 100644 --- a/phpBB/includes/auth/provider_db.php +++ b/phpBB/includes/auth/provider_db.php @@ -298,7 +298,7 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface return; } - public function acp() + public function acp($new) { return; } diff --git a/phpBB/includes/auth/provider_interface.php b/phpBB/includes/auth/provider_interface.php index 3dd1dba9be..a789dccce7 100644 --- a/phpBB/includes/auth/provider_interface.php +++ b/phpBB/includes/auth/provider_interface.php @@ -58,5 +58,5 @@ interface phpbb_auth_provider_interface * This function is used to output any required fields in the authentication * admin panel. It also defines any required configuration table fields. */ - public function acp(); + public function acp($new); } diff --git a/phpBB/includes/auth/provider_ldap.php b/phpBB/includes/auth/provider_ldap.php index 4d0e68233b..c1f5b3e186 100644 --- a/phpBB/includes/auth/provider_ldap.php +++ b/phpBB/includes/auth/provider_ldap.php @@ -22,7 +22,7 @@ if (!defined('IN_PHPBB')) * * @package auth */ -class phpbb_auth_provider_db implements phpbb_auth_provider_interface +class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface { /** * Connect to ldap server @@ -284,7 +284,7 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface * This function is used to output any required fields in the authentication * admin panel. It also defines any required configuration table fields. */ - public function acp(&$new) + public function acp($new) { global $user; From f4def220ce00a6be06857d5bd9f164473c0411c4 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 19 Jun 2013 15:12:00 -0400 Subject: [PATCH 086/157] [feature/auth-refactor] Refactor session for new auth interface Refactors phpbb_session to use the new auth interface. PHPBB3-9734 --- phpBB/includes/session.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 6bc71da0c1..85ca8abf3d 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -568,12 +568,12 @@ class phpbb_session } $method = basename(trim($config['auth_method'])); - include_once($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx); - $method = 'autologin_' . $method; - if (function_exists($method)) + $class = 'phpbb_auth_provider_' . $method; + if (class_exists($class)) { - $this->data = $method(); + $provider = new $class(); + $this->data = $class->autologin(); if (sizeof($this->data)) { From 8214e6e8377b0858092e48aba3ba2a01994be47f Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 19 Jun 2013 15:32:20 -0400 Subject: [PATCH 087/157] [feature/auth-refactor] Finish refactoring auth plugins I believe that this commit should have final minimal changes needed to replace the old auth plugins with the refactored auth plugins. Added a few more elements to the interface based on the old auth plugins. Documentation is not complete and need works on these new elements. PHPBB3-9734 --- phpBB/includes/auth/provider_apache.php | 7 ++++++- phpBB/includes/auth/provider_db.php | 10 ++++++++++ phpBB/includes/auth/provider_interface.php | 19 +++++++++++++++++++ phpBB/includes/auth/provider_ldap.php | 10 ++++++++++ phpBB/includes/session.php | 19 ++++++++++--------- 5 files changed, 55 insertions(+), 10 deletions(-) diff --git a/phpBB/includes/auth/provider_apache.php b/phpBB/includes/auth/provider_apache.php index 2d26b85877..2ba76e26a9 100644 --- a/phpBB/includes/auth/provider_apache.php +++ b/phpBB/includes/auth/provider_apache.php @@ -237,7 +237,7 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface * @return boolean true if the given user is authenticated or false if * the session should be closed */ - public function validate_session(&$user) + public function validate_session($user) { global $request; @@ -262,4 +262,9 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface { return; } + + public function logout($data, $new_session) + { + return; + } } diff --git a/phpBB/includes/auth/provider_db.php b/phpBB/includes/auth/provider_db.php index df935fcd73..e24e701911 100644 --- a/phpBB/includes/auth/provider_db.php +++ b/phpBB/includes/auth/provider_db.php @@ -302,4 +302,14 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface { return; } + + public function logout($data, $new_session) + { + return; + } + + public function validate_session($user) + { + return; + } } diff --git a/phpBB/includes/auth/provider_interface.php b/phpBB/includes/auth/provider_interface.php index a789dccce7..534f198c21 100644 --- a/phpBB/includes/auth/provider_interface.php +++ b/phpBB/includes/auth/provider_interface.php @@ -57,6 +57,25 @@ interface phpbb_auth_provider_interface /** * This function is used to output any required fields in the authentication * admin panel. It also defines any required configuration table fields. + * + * @param type $new */ public function acp($new); + + /** + * Special logout function. + * + * @param type $data + * @param type $new_session + */ + public function logout($data, $new_session); + + /** + * The session validation function checks whether the user is still logged in. + * + * @param type $user + * @return boolean true if the given user is authenticated, false if the + * session should be closed, or null if not implemented. + */ + public function validate_session($user); } diff --git a/phpBB/includes/auth/provider_ldap.php b/phpBB/includes/auth/provider_ldap.php index c1f5b3e186..8270f50440 100644 --- a/phpBB/includes/auth/provider_ldap.php +++ b/phpBB/includes/auth/provider_ldap.php @@ -358,4 +358,14 @@ class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface { return str_replace(array('*', '\\', '(', ')'), array('\\*', '\\\\', '\\(', '\\)'), $string); } + + public function logout($data, $new_session) + { + return; + } + + public function validate_session($user) + { + return; + } } diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 85ca8abf3d..f12ba1329c 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -402,12 +402,13 @@ class phpbb_session // Check whether the session is still valid if we have one $method = basename(trim($config['auth_method'])); - include_once($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx); - $method = 'validate_session_' . $method; - if (function_exists($method)) + $class = 'phpbb_auth_provider_' . $method; + if (class_exists($class)) { - if (!$method($this->data)) + $provider = new $class(); + $ret = $provider->validate_session($this->data); + if ($ret !== null && !$ret) { $session_expired = true; } @@ -573,7 +574,7 @@ class phpbb_session if (class_exists($class)) { $provider = new $class(); - $this->data = $class->autologin(); + $this->data = $provider->autologin(); if (sizeof($this->data)) { @@ -893,12 +894,12 @@ class phpbb_session // Allow connecting logout with external auth method logout $method = basename(trim($config['auth_method'])); - include_once($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx); - $method = 'logout_' . $method; - if (function_exists($method)) + $class = 'phpbb_auth_provider_' . $method; + if (class_exists($class)) { - $method($this->data, $new_session); + $provider = new $class(); + $provider->logout($this->data, $new_session); } if ($this->data['user_id'] != ANONYMOUS) From 5f4daba160ccfe028862239613be880545437a16 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Thu, 20 Jun 2013 10:57:56 +0200 Subject: [PATCH 088/157] [ticket/11603] Fix usage note PHPBB3-11603 --- git-tools/setup_github_network.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/git-tools/setup_github_network.php b/git-tools/setup_github_network.php index bc85d67ab5..e8417c91d2 100755 --- a/git-tools/setup_github_network.php +++ b/git-tools/setup_github_network.php @@ -15,7 +15,7 @@ function show_usage() echo "$filename adds repositories of a github network as remotes to a local git repository.\n"; echo "\n"; - echo "Usage: [php] $filename -s collaborators|organisation|contributors|network [OPTIONS]\n"; + echo "Usage: [php] $filename -s collaborators|organisation|contributors|forks [OPTIONS]\n"; echo "\n"; echo "Scopes:\n"; From b362fb44d20b387f6a4ba6b6e33ebd387096be18 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Thu, 20 Jun 2013 10:59:43 +0200 Subject: [PATCH 089/157] [ticket/11603] Fix out dated comment PHPBB3-11603 --- git-tools/setup_github_network.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/git-tools/setup_github_network.php b/git-tools/setup_github_network.php index e8417c91d2..4e144edae6 100755 --- a/git-tools/setup_github_network.php +++ b/git-tools/setup_github_network.php @@ -157,7 +157,7 @@ function api_url_request($url) ))); $sub_request_result = array(); - // Split possible headers from the body + // Check headers for pagination links if (!empty($http_response_header)) { foreach ($http_response_header as $header_element) From 3eeeaababd915bb102de523aa4d4378231745f26 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Thu, 20 Jun 2013 19:16:21 +0530 Subject: [PATCH 090/157] [ticket/11503] similar implementation for mssql_native and odbc mssql_native and mssql_odbc db drivers varied at some places where they should have been similar. PHPBB3-11503 --- phpBB/includes/db/driver/mssql_odbc.php | 2 +- phpBB/includes/db/driver/mssqlnative.php | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/phpBB/includes/db/driver/mssql_odbc.php b/phpBB/includes/db/driver/mssql_odbc.php index cde9d332ba..a1d1a5d5dd 100644 --- a/phpBB/includes/db/driver/mssql_odbc.php +++ b/phpBB/includes/db/driver/mssql_odbc.php @@ -253,7 +253,7 @@ class phpbb_db_driver_mssql_odbc extends phpbb_db_driver_mssql_base * Fetch current row * @note number of bytes returned depends on odbc.defaultlrl php.ini setting. If it is limited to 4K for example only 4K of data is returned max. */ - function sql_fetchrow($query_id = false, $debug = false) + function sql_fetchrow($query_id = false) { global $cache; diff --git a/phpBB/includes/db/driver/mssqlnative.php b/phpBB/includes/db/driver/mssqlnative.php index 6f433e10cf..28fc88298a 100644 --- a/phpBB/includes/db/driver/mssqlnative.php +++ b/phpBB/includes/db/driver/mssqlnative.php @@ -326,7 +326,7 @@ class phpbb_db_driver_mssqlnative extends phpbb_db_driver_mssql_base $this->sql_report('stop', $query); } - if ($cache_ttl) + if ($cache && $cache_ttl) { $this->open_queries[(int) $this->query_result] = $this->query_result; $this->query_result = $cache->sql_save($this, $query, $this->query_result, $cache_ttl); @@ -394,7 +394,7 @@ class phpbb_db_driver_mssqlnative extends phpbb_db_driver_mssql_base */ function sql_affectedrows() { - return (!empty($this->query_result)) ? @sqlsrv_rows_affected($this->query_result) : false; + return ($this->db_connect_id) ? @sqlsrv_rows_affected($this->query_result) : false; } /** @@ -409,7 +409,7 @@ class phpbb_db_driver_mssqlnative extends phpbb_db_driver_mssql_base $query_id = $this->query_result; } - if ($cache->sql_exists($query_id)) + if ($cache && $cache->sql_exists($query_id)) { return $cache->sql_fetchrow($query_id); } @@ -474,9 +474,9 @@ class phpbb_db_driver_mssqlnative extends phpbb_db_driver_mssql_base return $cache->sql_freeresult($query_id); } - if (isset($this->open_queries[$query_id])) + if (isset($this->open_queries[(int) $query_id])) { - unset($this->open_queries[$query_id]); + unset($this->open_queries[(int) $query_id]); return @sqlsrv_free_stmt($query_id); } return false; From 0633666e2b5e39a7ebf7d2a68dc4c1b4dbbc0db1 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 20 Jun 2013 16:46:25 -0400 Subject: [PATCH 091/157] [feature/auth-refactor] Fix LDAP conversion error I messed up when converting over auth_ldap this commit fixes that error. I have not been able to extensively test ldap due to not having ldap set up on this computer yet. Apache authentication appears to work. PHPBB3-9734 --- phpBB/includes/auth/provider_ldap.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/phpBB/includes/auth/provider_ldap.php b/phpBB/includes/auth/provider_ldap.php index 8270f50440..ee9b8100ee 100644 --- a/phpBB/includes/auth/provider_ldap.php +++ b/phpBB/includes/auth/provider_ldap.php @@ -338,11 +338,11 @@ class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface * * @return string A filter string for ldap_search */ - public function ldap_user_filter($username) + private function ldap_user_filter($username) { global $config; - $filter = '(' . $config['ldap_uid'] . '=' . ldap_escape(htmlspecialchars_decode($username)) . ')'; + $filter = '(' . $config['ldap_uid'] . '=' . $this->ldap_escape(htmlspecialchars_decode($username)) . ')'; if ($config['ldap_user_filter']) { $_filter = ($config['ldap_user_filter'][0] == '(' && substr($config['ldap_user_filter'], -1) == ')') ? $config['ldap_user_filter'] : "({$config['ldap_user_filter']})"; @@ -354,7 +354,7 @@ class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface /** * Escapes an LDAP AttributeValue */ - public function escape($string) + private function ldap_escape($string) { return str_replace(array('*', '\\', '(', ')'), array('\\*', '\\\\', '\\(', '\\)'), $string); } From 6601c3d64e7a3a57a6c956ee0eba19523b04e52f Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 20 Jun 2013 21:29:16 -0400 Subject: [PATCH 092/157] [feature/auth-refactor] Start turning auth providers into services Creates auth_provider.yml and includes auth_providers.yml in services.yml. PHPBB3-9734 --- phpBB/config/auth_providers.yml | 1 + phpBB/config/services.yml | 1 + 2 files changed, 2 insertions(+) create mode 100644 phpBB/config/auth_providers.yml diff --git a/phpBB/config/auth_providers.yml b/phpBB/config/auth_providers.yml new file mode 100644 index 0000000000..0baad47661 --- /dev/null +++ b/phpBB/config/auth_providers.yml @@ -0,0 +1 @@ +services: diff --git a/phpBB/config/services.yml b/phpBB/config/services.yml index bb96953bcf..4b272c6abd 100644 --- a/phpBB/config/services.yml +++ b/phpBB/config/services.yml @@ -5,6 +5,7 @@ imports: - { resource: migrator.yml } - { resource: avatars.yml } - { resource: feed.yml } + - { resource: auth_providers.yml } services: auth: From 24825b9dc8cd94204da4180a044dbeab563d5563 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 20 Jun 2013 21:55:25 -0400 Subject: [PATCH 093/157] [feature/auth-refactor] Turn provider_db into a service Removes globals from provider_db and turns it into a service. PHPBB3-9734 --- phpBB/config/auth_providers.yml | 17 +++++ phpBB/includes/auth/provider_db.php | 98 +++++++++++++++++------------ 2 files changed, 74 insertions(+), 41 deletions(-) diff --git a/phpBB/config/auth_providers.yml b/phpBB/config/auth_providers.yml index 0baad47661..e702ec665a 100644 --- a/phpBB/config/auth_providers.yml +++ b/phpBB/config/auth_providers.yml @@ -1 +1,18 @@ services: + auth.provider.db: + class: phpbb_auth_provider_db + arguments: + - @dbal.conn + - @config + - @request + - @user + - %core.root_path% + - %core.php_ext% + auth.provider.apache: + class: phpbb_auth_provider_apache + arguments: + + auth.provider.ldap: + class: phpbb_auth_provider_ldap + arguments: + diff --git a/phpBB/includes/auth/provider_db.php b/phpBB/includes/auth/provider_db.php index e24e701911..aaf9cda735 100644 --- a/phpBB/includes/auth/provider_db.php +++ b/phpBB/includes/auth/provider_db.php @@ -24,6 +24,27 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_db implements phpbb_auth_provider_interface { + + /** + * Database Authentication Constructor + * + * @param phpbb_db_driver $db + * @param phpbb_config $config + * @param phpbb_request $request + * @param phpbb_user $user + * @param string $phpbb_root_path + * @param string $phpEx + */ + public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $phpbb_root_path, $phpEx) + { + $this->db = $db; + $this->config = $config; + $this->request = $request; + $this->user = $user; + $this->phpbb_root_path = $phpbb_root_path; + $this->phpEx = $phpEx; + } + public function init() { return; @@ -43,9 +64,6 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface */ public function login($username, $password) { - global $db, $config; - global $request, $user; - // Auth plugins get the password untrimmed. // For compatibility we trim() here. $password = trim($password); @@ -73,41 +91,41 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface $sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts FROM ' . USERS_TABLE . " - WHERE username_clean = '" . $db->sql_escape($username_clean) . "'"; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); + WHERE username_clean = '" . $this->db->sql_escape($username_clean) . "'"; + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); - if (($user->ip && !$config['ip_login_limit_use_forwarded']) || - ($user->forwarded_for && $config['ip_login_limit_use_forwarded'])) + if (($this->user->ip && !$this->config['ip_login_limit_use_forwarded']) || + ($this->user->forwarded_for && $this->config['ip_login_limit_use_forwarded'])) { $sql = 'SELECT COUNT(*) AS attempts FROM ' . LOGIN_ATTEMPT_TABLE . ' - WHERE attempt_time > ' . (time() - (int) $config['ip_login_limit_time']); - if ($config['ip_login_limit_use_forwarded']) + WHERE attempt_time > ' . (time() - (int) $this->config['ip_login_limit_time']); + if ($this->config['ip_login_limit_use_forwarded']) { - $sql .= " AND attempt_forwarded_for = '" . $db->sql_escape($user->forwarded_for) . "'"; + $sql .= " AND attempt_forwarded_for = '" . $this->db->sql_escape($this->user->forwarded_for) . "'"; } else { - $sql .= " AND attempt_ip = '" . $db->sql_escape($user->ip) . "' "; + $sql .= " AND attempt_ip = '" . $this->db->sql_escape($this->user->ip) . "' "; } - $result = $db->sql_query($sql); - $attempts = (int) $db->sql_fetchfield('attempts'); - $db->sql_freeresult($result); + $result = $this->db->sql_query($sql); + $attempts = (int) $this->db->sql_fetchfield('attempts'); + $this->db->sql_freeresult($result); $attempt_data = array( - 'attempt_ip' => $user->ip, - 'attempt_browser' => trim(substr($user->browser, 0, 149)), - 'attempt_forwarded_for' => $user->forwarded_for, + 'attempt_ip' => $this->user->ip, + 'attempt_browser' => trim(substr($this->user->browser, 0, 149)), + 'attempt_forwarded_for' => $this->user->forwarded_for, 'attempt_time' => time(), 'user_id' => ($row) ? (int) $row['user_id'] : 0, 'username' => $username, 'username_clean' => $username_clean, ); - $sql = 'INSERT INTO ' . LOGIN_ATTEMPT_TABLE . $db->sql_build_array('INSERT', $attempt_data); - $result = $db->sql_query($sql); + $sql = 'INSERT INTO ' . LOGIN_ATTEMPT_TABLE . $this->db->sql_build_array('INSERT', $attempt_data); + $result = $this->db->sql_query($sql); } else { @@ -116,7 +134,7 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface if (!$row) { - if ($config['ip_login_limit_max'] && $attempts >= $config['ip_login_limit_max']) + if ($this->config['ip_login_limit_max'] && $attempts >= $this->config['ip_login_limit_max']) { return array( 'status' => LOGIN_ERROR_ATTEMPTS, @@ -132,8 +150,8 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface ); } - $show_captcha = ($config['max_login_attempts'] && $row['user_login_attempts'] >= $config['max_login_attempts']) || - ($config['ip_login_limit_max'] && $attempts >= $config['ip_login_limit_max']); + $show_captcha = ($this->config['max_login_attempts'] && $row['user_login_attempts'] >= $this->config['max_login_attempts']) || + ($this->config['ip_login_limit_max'] && $attempts >= $this->config['ip_login_limit_max']); // If there are too much login attempts, we need to check for an confirm image // Every auth module is able to define what to do by itself... @@ -142,11 +160,10 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface // Visual Confirmation handling if (!class_exists('phpbb_captcha_factory', false)) { - global $phpbb_root_path, $phpEx; - include ($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx); + include ($this->phpbb_root_path . 'includes/captcha/captcha_factory.' . $this->phpEx); } - $captcha = phpbb_captcha_factory::get_instance($config['captcha_plugin']); + $captcha = phpbb_captcha_factory::get_instance($this->config['captcha_plugin']); $captcha->init(CONFIRM_LOGIN); $vc_response = $captcha->validate($row); if ($vc_response) @@ -169,28 +186,27 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface { // enable super globals to get literal value // this is needed to prevent unicode normalization - $super_globals_disabled = $request->super_globals_disabled(); + $super_globals_disabled = $this->request->super_globals_disabled(); if ($super_globals_disabled) { - $request->enable_super_globals(); + $this->request->enable_super_globals(); } // in phpBB2 passwords were used exactly as they were sent, with addslashes applied $password_old_format = isset($_REQUEST['password']) ? (string) $_REQUEST['password'] : ''; $password_old_format = (!STRIP) ? addslashes($password_old_format) : $password_old_format; - $password_new_format = $request->variable('password', '', true); + $password_new_format = $this->request->variable('password', '', true); if ($super_globals_disabled) { - $request->disable_super_globals(); + $this->request->disable_super_globals(); } if ($password == $password_new_format) { if (!function_exists('utf8_to_cp1252')) { - global $phpbb_root_path, $phpEx; - include($phpbb_root_path . 'includes/utf/data/recode_basic.' . $phpEx); + include($this->phpbb_root_path . 'includes/utf/data/recode_basic.' . $this->phpEx); } // cp1252 is phpBB2's default encoding, characters outside ASCII range might work when converted into that encoding @@ -202,10 +218,10 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface // Update the password in the users table to the new format and remove user_pass_convert flag $sql = 'UPDATE ' . USERS_TABLE . ' - SET user_password = \'' . $db->sql_escape($hash) . '\', + SET user_password = \'' . $this->db->sql_escape($hash) . '\', user_pass_convert = 0 WHERE user_id = ' . $row['user_id']; - $db->sql_query($sql); + $this->db->sql_query($sql); $row['user_pass_convert'] = 0; $row['user_password'] = $hash; @@ -218,7 +234,7 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface SET user_login_attempts = user_login_attempts + 1 WHERE user_id = ' . (int) $row['user_id'] . ' AND user_login_attempts < ' . LOGIN_ATTEMPTS_MAX; - $db->sql_query($sql); + $this->db->sql_query($sql); return array( 'status' => LOGIN_ERROR_PASSWORD_CONVERT, @@ -239,17 +255,17 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface // Update the password in the users table to the new format $sql = 'UPDATE ' . USERS_TABLE . " - SET user_password = '" . $db->sql_escape($hash) . "', + SET user_password = '" . $this->db->sql_escape($hash) . "', user_pass_convert = 0 WHERE user_id = {$row['user_id']}"; - $db->sql_query($sql); + $this->db->sql_query($sql); $row['user_password'] = $hash; } $sql = 'DELETE FROM ' . LOGIN_ATTEMPT_TABLE . ' WHERE user_id = ' . $row['user_id']; - $db->sql_query($sql); + $this->db->sql_query($sql); if ($row['user_login_attempts'] != 0) { @@ -257,7 +273,7 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface $sql = 'UPDATE ' . USERS_TABLE . ' SET user_login_attempts = 0 WHERE user_id = ' . $row['user_id']; - $db->sql_query($sql); + $this->db->sql_query($sql); } // User inactive... @@ -283,7 +299,7 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface SET user_login_attempts = user_login_attempts + 1 WHERE user_id = ' . (int) $row['user_id'] . ' AND user_login_attempts < ' . LOGIN_ATTEMPTS_MAX; - $db->sql_query($sql); + $this->db->sql_query($sql); // Give status about wrong password... return array( From c253189e85f780d50aa82c483b432717a967bb1c Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 20 Jun 2013 22:11:24 -0400 Subject: [PATCH 094/157] [feature/auth-refactor] Convert provider_ldap to a service Removes globals from provider_ldap and converts it into a service. PHPBB3-9734 --- phpBB/config/auth_providers.yml | 4 +- phpBB/includes/auth/provider_ldap.php | 122 ++++++++++++++------------ 2 files changed, 67 insertions(+), 59 deletions(-) diff --git a/phpBB/config/auth_providers.yml b/phpBB/config/auth_providers.yml index e702ec665a..e4855d2b95 100644 --- a/phpBB/config/auth_providers.yml +++ b/phpBB/config/auth_providers.yml @@ -15,4 +15,6 @@ services: auth.provider.ldap: class: phpbb_auth_provider_ldap arguments: - + - @dbal.conn + - @config + - @user diff --git a/phpBB/includes/auth/provider_ldap.php b/phpBB/includes/auth/provider_ldap.php index ee9b8100ee..67d8d8335f 100644 --- a/phpBB/includes/auth/provider_ldap.php +++ b/phpBB/includes/auth/provider_ldap.php @@ -24,6 +24,20 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface { + /** + * LDAP Authentication Constructor + * + * @param phpbb_db_driver $db + * @param phpbb_config $config + * @param phpbb_user $user + */ + public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_user $user) + { + $this->db = $db; + $this->config = $config; + $this->user = $user; + } + /** * Connect to ldap server * Only allow changing authentication to ldap if we can connect to the ldap server @@ -31,54 +45,52 @@ class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface */ public function init() { - global $config, $user; - if (!@extension_loaded('ldap')) { - return $user->lang['LDAP_NO_LDAP_EXTENSION']; + return $this->user->lang['LDAP_NO_LDAP_EXTENSION']; } - $config['ldap_port'] = (int) $config['ldap_port']; - if ($config['ldap_port']) + $this->config['ldap_port'] = (int) $this->config['ldap_port']; + if ($this->config['ldap_port']) { - $ldap = @ldap_connect($config['ldap_server'], $config['ldap_port']); + $ldap = @ldap_connect($this->config['ldap_server'], $this->config['ldap_port']); } else { - $ldap = @ldap_connect($config['ldap_server']); + $ldap = @ldap_connect($this->config['ldap_server']); } if (!$ldap) { - return $user->lang['LDAP_NO_SERVER_CONNECTION']; + return $this->user->lang['LDAP_NO_SERVER_CONNECTION']; } @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); @ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); - if ($config['ldap_user'] || $config['ldap_password']) + if ($this->config['ldap_user'] || $this->config['ldap_password']) { - if (!@ldap_bind($ldap, htmlspecialchars_decode($config['ldap_user']), htmlspecialchars_decode($config['ldap_password']))) + if (!@ldap_bind($ldap, htmlspecialchars_decode($this->config['ldap_user']), htmlspecialchars_decode($this->config['ldap_password']))) { - return $user->lang['LDAP_INCORRECT_USER_PASSWORD']; + return $this->user->lang['LDAP_INCORRECT_USER_PASSWORD']; } } // ldap_connect only checks whether the specified server is valid, so the connection might still fail $search = @ldap_search( $ldap, - htmlspecialchars_decode($config['ldap_base_dn']), - $this->ldap_user_filter($user->data['username']), - (empty($config['ldap_email'])) ? - array(htmlspecialchars_decode($config['ldap_uid'])) : - array(htmlspecialchars_decode($config['ldap_uid']), htmlspecialchars_decode($config['ldap_email'])), + htmlspecialchars_decode($this->config['ldap_base_dn']), + $this->ldap_user_filter($this->user->data['username']), + (empty($this->config['ldap_email'])) ? + array(htmlspecialchars_decode($this->config['ldap_uid'])) : + array(htmlspecialchars_decode($this->config['ldap_uid']), htmlspecialchars_decode($this->config['ldap_email'])), 0, 1 ); if ($search === false) { - return $user->lang['LDAP_SEARCH_FAILED']; + return $this->user->lang['LDAP_SEARCH_FAILED']; } $result = @ldap_get_entries($ldap, $search); @@ -88,12 +100,12 @@ class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface if (!is_array($result) || sizeof($result) < 2) { - return sprintf($user->lang['LDAP_NO_IDENTITY'], $user->data['username']); + return sprintf($this->user->lang['LDAP_NO_IDENTITY'], $this->user->data['username']); } - if (!empty($config['ldap_email']) && !isset($result[0][htmlspecialchars_decode($config['ldap_email'])])) + if (!empty($this->config['ldap_email']) && !isset($result[0][htmlspecialchars_decode($this->config['ldap_email'])])) { - return $user->lang['LDAP_NO_EMAIL']; + return $this->user->lang['LDAP_NO_EMAIL']; } return false; @@ -104,8 +116,6 @@ class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface */ public function login($username, $password) { - global $db, $config, $user; - // do not allow empty password if (!$password) { @@ -134,14 +144,14 @@ class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface ); } - $config['ldap_port'] = (int) $config['ldap_port']; - if ($config['ldap_port']) + $this->config['ldap_port'] = (int) $this->config['ldap_port']; + if ($this->config['ldap_port']) { - $ldap = @ldap_connect($config['ldap_server'], $config['ldap_port']); + $ldap = @ldap_connect($this->config['ldap_server'], $this->config['ldap_port']); } else { - $ldap = @ldap_connect($config['ldap_server']); + $ldap = @ldap_connect($this->config['ldap_server']); } if (!$ldap) @@ -156,9 +166,9 @@ class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); @ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); - if ($config['ldap_user'] || $config['ldap_password']) + if ($this->config['ldap_user'] || $this->config['ldap_password']) { - if (!@ldap_bind($ldap, htmlspecialchars_decode($config['ldap_user']), htmlspecialchars_decode($config['ldap_password']))) + if (!@ldap_bind($ldap, htmlspecialchars_decode($this->config['ldap_user']), htmlspecialchars_decode($this->config['ldap_password']))) { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, @@ -170,11 +180,11 @@ class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface $search = @ldap_search( $ldap, - htmlspecialchars_decode($config['ldap_base_dn']), + htmlspecialchars_decode($this->config['ldap_base_dn']), $this->ldap_user_filter($username), - (empty($config['ldap_email'])) ? - array(htmlspecialchars_decode($config['ldap_uid'])) : - array(htmlspecialchars_decode($config['ldap_uid']), htmlspecialchars_decode($config['ldap_email'])), + (empty($this->config['ldap_email'])) ? + array(htmlspecialchars_decode($this->config['ldap_uid'])) : + array(htmlspecialchars_decode($this->config['ldap_uid']), htmlspecialchars_decode($this->config['ldap_email'])), 0, 1 ); @@ -189,10 +199,10 @@ class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface $sql ='SELECT user_id, username, user_password, user_passchg, user_email, user_type FROM ' . USERS_TABLE . " - WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'"; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); + WHERE username_clean = '" . $this->db->sql_escape(utf8_clean_string($username)) . "'"; + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); if ($row) { @@ -220,11 +230,11 @@ class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface // retrieve default group id $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . " - WHERE group_name = '" . $db->sql_escape('REGISTERED') . "' + WHERE group_name = '" . $this->db->sql_escape('REGISTERED') . "' AND group_type = " . GROUP_SPECIAL; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); if (!$row) { @@ -235,11 +245,11 @@ class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface $ldap_user_row = array( 'username' => $username, 'user_password' => phpbb_hash($password), - 'user_email' => (!empty($config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][htmlspecialchars_decode($config['ldap_email'])][0]) : '', + 'user_email' => (!empty($this->config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][htmlspecialchars_decode($this->config['ldap_email'])][0]) : '', 'group_id' => (int) $row['group_id'], 'user_type' => USER_NORMAL, - 'user_ip' => $user->ip, - 'user_new' => ($config['new_member_post_limit']) ? 1 : 0, + 'user_ip' => $this->user->ip, + 'user_new' => ($this->config['new_member_post_limit']) ? 1 : 0, ); unset($ldap_result); @@ -286,40 +296,38 @@ class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface */ public function acp($new) { - global $user; - $tpl = '
      -

      ' . $user->lang['LDAP_SERVER_EXPLAIN'] . '
      +

      ' . $this->user->lang['LDAP_SERVER_EXPLAIN'] . '
      -

      ' . $user->lang['LDAP_PORT_EXPLAIN'] . '
      +

      ' . $this->user->lang['LDAP_PORT_EXPLAIN'] . '
      -

      ' . $user->lang['LDAP_DN_EXPLAIN'] . '
      +

      ' . $this->user->lang['LDAP_DN_EXPLAIN'] . '
      -

      ' . $user->lang['LDAP_UID_EXPLAIN'] . '
      +

      ' . $this->user->lang['LDAP_UID_EXPLAIN'] . '
      -

      ' . $user->lang['LDAP_USER_FILTER_EXPLAIN'] . '
      +

      ' . $this->user->lang['LDAP_USER_FILTER_EXPLAIN'] . '
      -

      ' . $user->lang['LDAP_EMAIL_EXPLAIN'] . '
      +

      ' . $this->user->lang['LDAP_EMAIL_EXPLAIN'] . '
      -

      ' . $user->lang['LDAP_USER_EXPLAIN'] . '
      +

      ' . $this->user->lang['LDAP_USER_EXPLAIN'] . '
      -

      ' . $user->lang['LDAP_PASSWORD_EXPLAIN'] . '
      +

      ' . $this->user->lang['LDAP_PASSWORD_EXPLAIN'] . '
      '; @@ -340,12 +348,10 @@ class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface */ private function ldap_user_filter($username) { - global $config; - - $filter = '(' . $config['ldap_uid'] . '=' . $this->ldap_escape(htmlspecialchars_decode($username)) . ')'; - if ($config['ldap_user_filter']) + $filter = '(' . $this->config['ldap_uid'] . '=' . $this->ldap_escape(htmlspecialchars_decode($username)) . ')'; + if ($this->config['ldap_user_filter']) { - $_filter = ($config['ldap_user_filter'][0] == '(' && substr($config['ldap_user_filter'], -1) == ')') ? $config['ldap_user_filter'] : "({$config['ldap_user_filter']})"; + $_filter = ($this->config['ldap_user_filter'][0] == '(' && substr($this->config['ldap_user_filter'], -1) == ')') ? $this->config['ldap_user_filter'] : "({$this->config['ldap_user_filter']})"; $filter = "(&{$filter}{$_filter})"; } return $filter; From c9062fc1ee9bade7c2b4d84c99b3b71a78d5570c Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 20 Jun 2013 22:21:22 -0400 Subject: [PATCH 095/157] [feature/auth-refactor] Convert provider_apache to a service Removes globals from provider_apache and turns it into a service. PHPBB3-9734 --- phpBB/config/auth_providers.yml | 7 +- phpBB/includes/auth/provider_apache.php | 89 ++++++++++++++----------- 2 files changed, 55 insertions(+), 41 deletions(-) diff --git a/phpBB/config/auth_providers.yml b/phpBB/config/auth_providers.yml index e4855d2b95..e91fd8ff99 100644 --- a/phpBB/config/auth_providers.yml +++ b/phpBB/config/auth_providers.yml @@ -11,7 +11,12 @@ services: auth.provider.apache: class: phpbb_auth_provider_apache arguments: - + - @dbal.conn + - @config + - @request + - @user + - %core.root_path% + - %core.php_ext% auth.provider.ldap: class: phpbb_auth_provider_ldap arguments: diff --git a/phpBB/includes/auth/provider_apache.php b/phpBB/includes/auth/provider_apache.php index 2ba76e26a9..adb1fb6cea 100644 --- a/phpBB/includes/auth/provider_apache.php +++ b/phpBB/includes/auth/provider_apache.php @@ -22,6 +22,26 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface { + /** + * Apache Authentication Constructor + * + * @param phpbb_db_driver $db + * @param phpbb_config $config + * @param phpbb_request $request + * @param phpbb_user $user + * @param string $phpbb_root_path + * @param string $phpEx + */ + public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $phpbb_root_path, $phpEx) + { + $this->db = $db; + $this->config = $config; + $this->request = $request; + $this->user = $user; + $this->phpbb_root_path = $phpbb_root_path; + $this->phpEx = $phpEx; + } + /** * Checks whether the user is identified to apache * Only allow changing authentication to apache if the user is identified @@ -31,11 +51,9 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface */ public function init() { - global $user, $request; - - if (!$request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER) || $user->data['username'] !== htmlspecialchars_decode($request->server('PHP_AUTH_USER'))) + if (!$this->request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER) || $this->user->data['username'] !== htmlspecialchars_decode($this->request->server('PHP_AUTH_USER'))) { - return $user->lang['APACHE_SETUP_BEFORE_USE']; + return $this->user->lang['APACHE_SETUP_BEFORE_USE']; } return false; } @@ -45,8 +63,6 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface */ public function login($username, $password) { - global $db, $request; - // do not allow empty password if (!$password) { @@ -66,7 +82,7 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface ); } - if (!$request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) + if (!$this->request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, @@ -75,8 +91,8 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface ); } - $php_auth_user = htmlspecialchars_decode($request->server('PHP_AUTH_USER')); - $php_auth_pw = htmlspecialchars_decode($request->server('PHP_AUTH_PW')); + $php_auth_user = htmlspecialchars_decode($this->request->server('PHP_AUTH_USER')); + $php_auth_pw = htmlspecialchars_decode($this->request->server('PHP_AUTH_PW')); if (!empty($php_auth_user) && !empty($php_auth_pw)) { @@ -91,10 +107,10 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type FROM ' . USERS_TABLE . " - WHERE username = '" . $db->sql_escape($php_auth_user) . "'"; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); + WHERE username = '" . $this->db->sql_escape($php_auth_user) . "'"; + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); if ($row) { @@ -140,15 +156,13 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface */ public function autologin() { - global $db, $request; - - if (!$request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) + if (!$this->request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) { return array(); } - $php_auth_user = htmlspecialchars_decode($request->server('PHP_AUTH_USER')); - $php_auth_pw = htmlspecialchars_decode($request->server('PHP_AUTH_PW')); + $php_auth_user = htmlspecialchars_decode($this->request->server('PHP_AUTH_USER')); + $php_auth_pw = htmlspecialchars_decode($this->request->server('PHP_AUTH_PW')); if (!empty($php_auth_user) && !empty($php_auth_pw)) { @@ -157,10 +171,10 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface $sql = 'SELECT * FROM ' . USERS_TABLE . " - WHERE username = '" . $db->sql_escape($php_auth_user) . "'"; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); + WHERE username = '" . $this->db->sql_escape($php_auth_user) . "'"; + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); if ($row) { @@ -169,9 +183,7 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface if (!function_exists('user_add')) { - global $phpbb_root_path, $phpEx; - - include($phpbb_root_path . 'includes/functions_user.' . $phpEx); + include($this->phpbb_root_path . 'includes/functions_user.' . $this->phpEx); } // create the user if he does not exist yet @@ -179,10 +191,10 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface $sql = 'SELECT * FROM ' . USERS_TABLE . " - WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($php_auth_user)) . "'"; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); + WHERE username_clean = '" . $this->db->sql_escape(utf8_clean_string($php_auth_user)) . "'"; + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); if ($row) { @@ -204,15 +216,14 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface */ private function user_row($username, $password) { - global $db, $config, $user; // first retrieve default group id $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . " - WHERE group_name = '" . $db->sql_escape('REGISTERED') . "' + WHERE group_name = '" . $this->db->sql_escape('REGISTERED') . "' AND group_type = " . GROUP_SPECIAL; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); if (!$row) { @@ -226,8 +237,8 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface 'user_email' => '', 'group_id' => (int) $row['group_id'], 'user_type' => USER_NORMAL, - 'user_ip' => $user->ip, - 'user_new' => ($config['new_member_post_limit']) ? 1 : 0, + 'user_ip' => $this->user->ip, + 'user_new' => ($this->config['new_member_post_limit']) ? 1 : 0, ); } @@ -239,12 +250,10 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface */ public function validate_session($user) { - global $request; - // Check if PHP_AUTH_USER is set and handle this case - if ($request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) + if ($this->request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) { - $php_auth_user = $request->server('PHP_AUTH_USER'); + $php_auth_user = $this->request->server('PHP_AUTH_USER'); return ($php_auth_user === $user['username']) ? true : false; } From 95f38b457e6b00cbc3b15b7768d435d467f5bc2c Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 20 Jun 2013 22:50:35 -0400 Subject: [PATCH 096/157] [feature/auth-refactor] Create an auth.provider_collector service Creates an auth.provider_collector service for all auth providers. PHPBB3-9734 --- phpBB/config/auth_providers.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/phpBB/config/auth_providers.yml b/phpBB/config/auth_providers.yml index e91fd8ff99..bcc448e4d7 100644 --- a/phpBB/config/auth_providers.yml +++ b/phpBB/config/auth_providers.yml @@ -1,4 +1,10 @@ services: + auth.provider_collection: + class: phpbb_di_service_collection + arguments: + - @service_container + tags: + - { name: service_collection, tag: auth.provider } auth.provider.db: class: phpbb_auth_provider_db arguments: @@ -8,6 +14,8 @@ services: - @user - %core.root_path% - %core.php_ext% + tags: + - { name: auth.provider } auth.provider.apache: class: phpbb_auth_provider_apache arguments: @@ -17,9 +25,13 @@ services: - @user - %core.root_path% - %core.php_ext% + tags: + - { name: auth.provider } auth.provider.ldap: class: phpbb_auth_provider_ldap arguments: - @dbal.conn - @config - @user + tags: + - { name: auth.provider } From 6cbb2d6136dc702e8d07eb53b24a026238768841 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Fri, 21 Jun 2013 18:24:06 +0530 Subject: [PATCH 097/157] [ticket/10776] update min php version 5.3.3 in readme PHPBB3-10776 --- phpBB/docs/README.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/docs/README.html b/phpBB/docs/README.html index bf72ce1d1f..81ce736df7 100644 --- a/phpBB/docs/README.html +++ b/phpBB/docs/README.html @@ -325,7 +325,7 @@
      -

      phpBB is no longer supported on PHP3 due to several compatibility issues and we recommend that you upgrade to the latest stable release of PHP5 to run phpBB. The minimum version required is PHP 4.3.3. The minimum version that will be required for phpBB 3.1 is PHP 5.3.2.

      +

      phpBB is no longer supported on PHP3 due to several compatibility issues and we recommend that you upgrade to the latest stable release of PHP5 to run phpBB. The minimum version required is PHP 4.3.3. The minimum version that will be required for phpBB 3.1 is PHP 5.3.3.

      Please remember that running any application on a development (unstable, e.g. a beta release) version of PHP can lead to strange/unexpected results which may appear to be bugs in the application. Therefore, we recommend you upgrade to the newest stable version of PHP before running phpBB3. If you are running a development version of PHP please check any bugs you find on a system running a stable release before submitting.

      From b8610c4b989fd1e4e9e310de776de38dfe4a09a2 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 21 Jun 2013 18:04:11 -0400 Subject: [PATCH 098/157] [feature/auth-refactor] Refactor code to use services Refactors all loading of auth providers to use services instead of directly calling the class. PHPBB3-9734 --- phpBB/includes/acp/acp_board.php | 15 +++++------- phpBB/includes/auth/auth.php | 7 +++--- phpBB/includes/session.php | 42 ++++++++++++-------------------- 3 files changed, 24 insertions(+), 40 deletions(-) diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 9407d81575..383e035817 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -546,10 +546,9 @@ class acp_board { if ($method) { - $class = 'phpbb_auth_provider_' . $method; - if (class_exists($class)) + $provider = $phpbb_container->get('auth.provider.' . $method); + if ($provider) { - $provider = new $class(); if ($fields = $provider->acp($this->new_config)) { // Check if we need to create config fields for this plugin and save config when submit was pressed @@ -586,10 +585,9 @@ class acp_board $method = basename($cfg_array['auth_method']); if ($method) { - $class = 'phpbb_auth_provider_' . $method; - if (class_exists($class)) + $provider = $phpbb_container->get('auth.provider.' . $method); + if ($provider) { - $provider = new $class(); if ($error = $provider->init()) { foreach ($old_auth_config as $config_name => $config_value) @@ -685,10 +683,9 @@ class acp_board { if ($method) { - $class = 'phpbb_auth_provider_' . $method; - if (class_exists($class)) + $provider = $phpbb_container->get('auth.provider.' . $method); + if ($provider) { - $provider = new $class(); $fields = $provider->acp($this->new_config); if ($fields['tpl']) diff --git a/phpBB/includes/auth/auth.php b/phpBB/includes/auth/auth.php index ab84619977..279959974d 100644 --- a/phpBB/includes/auth/auth.php +++ b/phpBB/includes/auth/auth.php @@ -927,14 +927,13 @@ class phpbb_auth */ function login($username, $password, $autologin = false, $viewonline = 1, $admin = 0) { - global $config, $db, $user, $phpbb_root_path, $phpEx; + global $config, $db, $user, $phpbb_root_path, $phpEx, $phpbb_container; $method = trim(basename($config['auth_method'])); - $class = 'phpbb_auth_provider_' . $method; - if (class_exists($class)) + $provider = $phpbb_container->get('auth.provider.' . $method); + if ($provider) { - $provider = new $class(); $login = $provider->login($username, $password); // If the auth module wants us to create an empty profile do so and then treat the status as LOGIN_SUCCESS diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index f12ba1329c..66bf053f7d 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -207,7 +207,7 @@ class phpbb_session function session_begin($update_session_page = true) { global $phpEx, $SID, $_SID, $_EXTRA_URL, $db, $config, $phpbb_root_path; - global $request; + global $request, $phpbb_container; // Give us some basic information $this->time_now = time(); @@ -403,15 +403,11 @@ class phpbb_session // Check whether the session is still valid if we have one $method = basename(trim($config['auth_method'])); - $class = 'phpbb_auth_provider_' . $method; - if (class_exists($class)) + $provider = $phpbb_container->get('auth.provider.' . $method); + $ret = $provider->validate_session($this->data); + if ($ret !== null && !$ret) { - $provider = new $class(); - $ret = $provider->validate_session($this->data); - if ($ret !== null && !$ret) - { - $session_expired = true; - } + $session_expired = true; } if (!$session_expired) @@ -505,7 +501,7 @@ class phpbb_session */ function session_create($user_id = false, $set_admin = false, $persist_login = false, $viewonline = true) { - global $SID, $_SID, $db, $config, $cache, $phpbb_root_path, $phpEx; + global $SID, $_SID, $db, $config, $cache, $phpbb_root_path, $phpEx, $phpbb_container; $this->data = array(); @@ -570,17 +566,13 @@ class phpbb_session $method = basename(trim($config['auth_method'])); - $class = 'phpbb_auth_provider_' . $method; - if (class_exists($class)) - { - $provider = new $class(); - $this->data = $provider->autologin(); + $provider = $phpbb_container->get('auth.provider.' . $method); + $this->data = $provider->autologin(); - if (sizeof($this->data)) - { - $this->cookie_data['k'] = ''; - $this->cookie_data['u'] = $this->data['user_id']; - } + if (sizeof($this->data)) + { + $this->cookie_data['k'] = ''; + $this->cookie_data['u'] = $this->data['user_id']; } // If we're presented with an autologin key we'll join against it. @@ -885,7 +877,7 @@ class phpbb_session */ function session_kill($new_session = true) { - global $SID, $_SID, $db, $config, $phpbb_root_path, $phpEx; + global $SID, $_SID, $db, $config, $phpbb_root_path, $phpEx, $phpbb_container; $sql = 'DELETE FROM ' . SESSIONS_TABLE . " WHERE session_id = '" . $db->sql_escape($this->session_id) . "' @@ -895,12 +887,8 @@ class phpbb_session // Allow connecting logout with external auth method logout $method = basename(trim($config['auth_method'])); - $class = 'phpbb_auth_provider_' . $method; - if (class_exists($class)) - { - $provider = new $class(); - $provider->logout($this->data, $new_session); - } + $provider = $phpbb_container->get('auth.provider.' . $method); + $provider->logout($this->data, $new_session); if ($this->data['user_id'] != ANONYMOUS) { From 465b515600d7639fcb46fd98810187e0b500ee91 Mon Sep 17 00:00:00 2001 From: sakimahesh Date: Fri, 26 Apr 2013 05:35:21 +0530 Subject: [PATCH 099/157] [ticket/9341] Correctly named template vars PHPBB3-9341 --- phpBB/includes/functions.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index b087e1298b..03a5b36a43 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2345,9 +2345,9 @@ function phpbb_generate_template_pagination($template, $base_url, $block_var_nam $tpl_prefix . 'BASE_URL' => $base_url, 'A_' . $tpl_prefix . 'BASE_URL' => addslashes($base_url), $tpl_prefix . 'PER_PAGE' => $per_page, - $tpl_prefix . 'PREVIOUS_PAGE' => $previous_page, + 'U_' . $tpl_prefix . 'PREVIOUS_PAGE' => $previous_page, $tpl_prefix . 'PREV_PAGE' => $previous_page, - $tpl_prefix . 'NEXT_PAGE' => ($on_page != $total_pages) ? $base_url . $url_delim . $start_name . '=' . ($on_page * $per_page) : '', + 'U_' . $tpl_prefix . 'NEXT_PAGE' => ($on_page != $total_pages) ? $base_url . $url_delim . $start_name . '=' . ($on_page * $per_page) : '', $tpl_prefix . 'TOTAL_PAGES' => $total_pages, $tpl_prefix . 'CURRENT_PAGE' => $on_page, ); From fdd60548bf7427471fa5585ec10f643c370bb829 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Thu, 20 Jun 2013 22:32:37 +0530 Subject: [PATCH 100/157] [ticket/9341] Use U_PREVIOUS and U_NEXT in template files PHPBB3-9341 --- phpBB/adm/style/acp_icons.html | 4 ++-- phpBB/styles/prosilver/template/mcp_forum.html | 4 ++-- phpBB/styles/prosilver/template/mcp_logs.html | 4 ++-- phpBB/styles/prosilver/template/mcp_notes_user.html | 4 ++-- phpBB/styles/prosilver/template/mcp_queue.html | 4 ++-- phpBB/styles/prosilver/template/mcp_reports.html | 4 ++-- phpBB/styles/prosilver/template/memberlist_body.html | 4 ++-- phpBB/styles/prosilver/template/search_results.html | 4 ++-- phpBB/styles/prosilver/template/ucp_attachments.html | 4 ++-- phpBB/styles/prosilver/template/ucp_pm_viewfolder.html | 4 ++-- phpBB/styles/prosilver/template/viewforum_body.html | 4 ++-- phpBB/styles/prosilver/template/viewonline_body.html | 4 ++-- phpBB/styles/prosilver/template/viewtopic_body.html | 6 +++--- 13 files changed, 27 insertions(+), 27 deletions(-) diff --git a/phpBB/adm/style/acp_icons.html b/phpBB/adm/style/acp_icons.html index 373a7b890c..eca02d2798 100644 --- a/phpBB/adm/style/acp_icons.html +++ b/phpBB/adm/style/acp_icons.html @@ -243,8 +243,8 @@ {items.EMOTION} - {ICON_MOVE_UP_DISABLED}{ICON_MOVE_UP}  - {ICON_MOVE_DOWN_DISABLED}{ICON_MOVE_DOWN} + {ICON_MOVE_UP_DISABLED}{ICON_MOVE_UP}  + {ICON_MOVE_DOWN_DISABLED}{ICON_MOVE_DOWN}  {ICON_EDIT} {ICON_DELETE} diff --git a/phpBB/styles/prosilver/template/mcp_forum.html b/phpBB/styles/prosilver/template/mcp_forum.html index ac686932b7..db5525fcd0 100644 --- a/phpBB/styles/prosilver/template/mcp_forum.html +++ b/phpBB/styles/prosilver/template/mcp_forum.html @@ -85,8 +85,8 @@
      - {L_NEXT} - {L_PREVIOUS} + {L_NEXT} + {L_PREVIOUS} diff --git a/phpBB/styles/prosilver/template/mcp_logs.html b/phpBB/styles/prosilver/template/mcp_logs.html index c9db4e8afa..492c8cf201 100644 --- a/phpBB/styles/prosilver/template/mcp_logs.html +++ b/phpBB/styles/prosilver/template/mcp_logs.html @@ -54,8 +54,8 @@
      - {L_NEXT} - {L_PREVIOUS} + {L_NEXT} + {L_PREVIOUS} diff --git a/phpBB/styles/prosilver/template/mcp_notes_user.html b/phpBB/styles/prosilver/template/mcp_notes_user.html index 328d12a04f..1738e45045 100644 --- a/phpBB/styles/prosilver/template/mcp_notes_user.html +++ b/phpBB/styles/prosilver/template/mcp_notes_user.html @@ -95,8 +95,8 @@
      - {L_NEXT} - {L_PREVIOUS} + {L_NEXT} + {L_PREVIOUS} diff --git a/phpBB/styles/prosilver/template/mcp_queue.html b/phpBB/styles/prosilver/template/mcp_queue.html index 4d20804e66..d630606175 100644 --- a/phpBB/styles/prosilver/template/mcp_queue.html +++ b/phpBB/styles/prosilver/template/mcp_queue.html @@ -67,8 +67,8 @@
    - {L_NEXT} - {L_PREVIOUS} + {L_NEXT} + {L_PREVIOUS} diff --git a/phpBB/styles/prosilver/template/mcp_reports.html b/phpBB/styles/prosilver/template/mcp_reports.html index 9a70b4a62a..902744fe25 100644 --- a/phpBB/styles/prosilver/template/mcp_reports.html +++ b/phpBB/styles/prosilver/template/mcp_reports.html @@ -72,8 +72,8 @@
    - {L_NEXT} - {L_PREVIOUS} + {L_NEXT} + {L_PREVIOUS} diff --git a/phpBB/styles/prosilver/template/memberlist_body.html b/phpBB/styles/prosilver/template/memberlist_body.html index 17dc2c33c0..07a7e2e182 100644 --- a/phpBB/styles/prosilver/template/memberlist_body.html +++ b/phpBB/styles/prosilver/template/memberlist_body.html @@ -140,8 +140,8 @@
    - {L_PREVIOUS} - {L_NEXT} + {L_PREVIOUS} + {L_NEXT}
    diff --git a/phpBB/styles/prosilver/template/search_results.html b/phpBB/styles/prosilver/template/search_results.html index 1132e5295a..e31c278a4b 100644 --- a/phpBB/styles/prosilver/template/search_results.html +++ b/phpBB/styles/prosilver/template/search_results.html @@ -154,8 +154,8 @@
    - {L_PREVIOUS} - {L_NEXT} + {L_PREVIOUS} + {L_NEXT} diff --git a/phpBB/styles/prosilver/template/ucp_attachments.html b/phpBB/styles/prosilver/template/ucp_attachments.html index 6e1bdfdd57..feb04278dc 100644 --- a/phpBB/styles/prosilver/template/ucp_attachments.html +++ b/phpBB/styles/prosilver/template/ucp_attachments.html @@ -51,8 +51,8 @@
    - {L_NEXT} - {L_PREVIOUS} + {L_NEXT} + {L_PREVIOUS} diff --git a/phpBB/styles/prosilver/template/ucp_pm_viewfolder.html b/phpBB/styles/prosilver/template/ucp_pm_viewfolder.html index 00b735fae6..c5078df268 100644 --- a/phpBB/styles/prosilver/template/ucp_pm_viewfolder.html +++ b/phpBB/styles/prosilver/template/ucp_pm_viewfolder.html @@ -122,8 +122,8 @@
    - {L_PREVIOUS} - {L_NEXT} + {L_PREVIOUS} + {L_NEXT} diff --git a/phpBB/styles/prosilver/template/viewforum_body.html b/phpBB/styles/prosilver/template/viewforum_body.html index dd16b27988..9cbe7bc45a 100644 --- a/phpBB/styles/prosilver/template/viewforum_body.html +++ b/phpBB/styles/prosilver/template/viewforum_body.html @@ -192,8 +192,8 @@
    - {L_PREVIOUS} - {L_NEXT} + {L_PREVIOUS} + {L_NEXT} diff --git a/phpBB/styles/prosilver/template/viewonline_body.html b/phpBB/styles/prosilver/template/viewonline_body.html index cb19a40d8f..74e891f7d0 100644 --- a/phpBB/styles/prosilver/template/viewonline_body.html +++ b/phpBB/styles/prosilver/template/viewonline_body.html @@ -47,9 +47,9 @@
    - +
    - {L_PREVIOUS}{L_PREVIOUS}{L_NEXT}{L_NEXT} + {L_PREVIOUS}{L_PREVIOUS}{L_NEXT}{L_NEXT}
    diff --git a/phpBB/styles/prosilver/template/viewtopic_body.html b/phpBB/styles/prosilver/template/viewtopic_body.html index 5f999ade0c..9c0743d04d 100644 --- a/phpBB/styles/prosilver/template/viewtopic_body.html +++ b/phpBB/styles/prosilver/template/viewtopic_body.html @@ -245,12 +245,12 @@ - +
    - {L_PREVIOUS} - {L_NEXT} + {L_PREVIOUS} + {L_NEXT} From 80e2d65399e7dcf9b53dada4929d7194275721ad Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 24 Jun 2013 12:05:29 -0400 Subject: [PATCH 101/157] [feature/auth-refactor] Initial auth unit test provider_db Initial work on a unit test for the provider_db login function. Does not work currently. PHPBB3-9734 --- tests/auth/fixtures/user.xml | 33 +++++++++++++++++++++++++++ tests/auth/provider_db_test.php | 40 +++++++++++++++++++++++++++++++++ 2 files changed, 73 insertions(+) create mode 100644 tests/auth/fixtures/user.xml create mode 100644 tests/auth/provider_db_test.php diff --git a/tests/auth/fixtures/user.xml b/tests/auth/fixtures/user.xml new file mode 100644 index 0000000000..34584babbf --- /dev/null +++ b/tests/auth/fixtures/user.xml @@ -0,0 +1,33 @@ + + + + user_id + username + username_clean + user_password + user_passchg + user_pass_convert + user_email + user_type + user_login_attempts + user_permissions + user_sig + user_occ + user_interests + + 1 + foobar + foobar + $H$9E45lK6J8nLTSm9oJE5aNCSTFK9wqa/ + 0 + 0 + example@example.com + 0 + 0 + + + + + +
    +     diff --git a/tests/auth/provider_db_test.php b/tests/auth/provider_db_test.php new file mode 100644 index 0000000000..c6355ae7f9 --- /dev/null +++ b/tests/auth/provider_db_test.php @@ -0,0 +1,40 @@ +createXMLDataSet(dirname(__FILE__).'/fixtures/user.xml'); + } + + public function test_login() + { + global $phpbb_root_path, $phpEx; + + $db = $this->new_dbal(); + $config = new phpbb_config(array( + 'ip_login_limit_max' => 0, + 'ip_login_limit_use_forwarded' => 0, + 'max_login_attempts' => 0, + )); + $request = $this->getMock('phpbb_request'); + $user = $this->getMock('phpbb_user'); + $provider = new phpbb_auth_provider_db($db, $config, $request, $user, $phpbb_root_path, $phpEx); + + $expected = array( + 'status' => LOGIN_SUCCESS, + 'error_msg' => false, + 'user_row' => '', + ); + $this->assertEquals($expected, $provider->login('example', 'example')); + } +} From 8e1a503f4437eb38de6a349a841db75648a81678 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 25 Jun 2013 13:22:56 -0400 Subject: [PATCH 102/157] [feature/auth-refactor] Finish provider_db unit test for login Finishes the provider_db unit test for login. The test currently passes. PHPBB3-9734 --- tests/auth/provider_db_test.php | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/tests/auth/provider_db_test.php b/tests/auth/provider_db_test.php index c6355ae7f9..d876683f84 100644 --- a/tests/auth/provider_db_test.php +++ b/tests/auth/provider_db_test.php @@ -33,8 +33,18 @@ class phpbb_auth_provider_db_test extends phpbb_database_test_case $expected = array( 'status' => LOGIN_SUCCESS, 'error_msg' => false, - 'user_row' => '', + 'user_row' => array( + 'user_id' => '1', + 'username' => 'foobar', + 'user_password' => '$H$9E45lK6J8nLTSm9oJE5aNCSTFK9wqa/', + 'user_passchg' => '0', + 'user_pass_convert' => '0', + 'user_email' => 'example@example.com', + 'user_type' => '0', + 'user_login_attempts' => '0', + ), ); - $this->assertEquals($expected, $provider->login('example', 'example')); + + $this->assertEquals($expected, $provider->login('foobar', 'example')); } } From 91c80dfc8eed6ed3cfa90732087741c8433acabf Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 25 Jun 2013 13:34:43 -0400 Subject: [PATCH 103/157] [feature/auth-refactor] Skeleton of provider_apache_test Creates a skeleton of the tests for provider_apache. PHPBB3-9734 --- tests/auth/provider_apache_test.php | 49 +++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 tests/auth/provider_apache_test.php diff --git a/tests/auth/provider_apache_test.php b/tests/auth/provider_apache_test.php new file mode 100644 index 0000000000..d552c4131e --- /dev/null +++ b/tests/auth/provider_apache_test.php @@ -0,0 +1,49 @@ +new_dbal(); + $config = new phpbb_config(array()); + $request = $this->getMock('phpbb_request'); + $user = $this->getMock('phpbb_user'); + + $this->provider = new phpbb_auth_provider_apache($db, $config, $request, $user, $phpbb_root_path, $phpEx); + } + + public function getDataSet() + { + return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/user.xml'); + } + + public function test_init() + { + $this->markTestIncomplete(); + } + + public function test_login() + { + $this->markTestIncomplete(); + } + + public function test_validate_session() + { + $this->markTestIncomplete(); + } +} From e5de05d8dbbcf0a38aa5c1c2a872765b163ccb31 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 25 Jun 2013 14:05:40 -0400 Subject: [PATCH 104/157] [feature/auth-refactor] Test for init on provider_apache Provides a test for the init() method of provider_apache. Appears to be failing due to an error with the mock request class. PHPBB3-9734 --- tests/auth/provider_apache_test.php | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/tests/auth/provider_apache_test.php b/tests/auth/provider_apache_test.php index d552c4131e..1530dcb746 100644 --- a/tests/auth/provider_apache_test.php +++ b/tests/auth/provider_apache_test.php @@ -12,6 +12,8 @@ require_once dirname(__FILE__).'/../../phpBB/includes/functions.php'; class phpbb_auth_provider_apache_test extends phpbb_database_test_case { protected $provider; + protected $user; + protected $request; protected function setup() { @@ -21,10 +23,10 @@ class phpbb_auth_provider_apache_test extends phpbb_database_test_case $db = $this->new_dbal(); $config = new phpbb_config(array()); - $request = $this->getMock('phpbb_request'); - $user = $this->getMock('phpbb_user'); + $this->request = $this->getMock('phpbb_request'); + $this->user = $this->getMock('phpbb_user'); - $this->provider = new phpbb_auth_provider_apache($db, $config, $request, $user, $phpbb_root_path, $phpEx); + $this->provider = new phpbb_auth_provider_apache($db, $config, $this->request, $this->user, $phpbb_root_path, $phpEx); } public function getDataSet() @@ -32,9 +34,15 @@ class phpbb_auth_provider_apache_test extends phpbb_database_test_case return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/user.xml'); } + /** + * Test to see if a user is identified to Apache. Expects false if they are. + */ public function test_init() { - $this->markTestIncomplete(); + $this->user->data['username'] = 'foobar'; + $this->request->overwrite('PHP_AUTH_USER', 'foobar', phpbb_request_interface::SERVER); + + $this->assertFalse($this->provider->init()); } public function test_login() From 307dd9777b67e8a7628bb74eeba8cc55ab6a8f58 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 25 Jun 2013 14:12:31 -0400 Subject: [PATCH 105/157] [feature/auth-refactor] Test login() for provider_apache Provides a test for the login() method for provider_apache. Appears to be failing due to an issue with the mock phpBB request class. PHPBB3-9734 --- tests/auth/provider_apache_test.php | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/tests/auth/provider_apache_test.php b/tests/auth/provider_apache_test.php index 1530dcb746..4773e4fdc3 100644 --- a/tests/auth/provider_apache_test.php +++ b/tests/auth/provider_apache_test.php @@ -47,7 +47,26 @@ class phpbb_auth_provider_apache_test extends phpbb_database_test_case public function test_login() { - $this->markTestIncomplete(); + $username = 'foobar'; + $password = 'example'; + + $this->request->overwrite('PHP_AUTH_USER', $username, phpbb_request_interface::SERVER); + $this->request->overwrite('PHP_AUTH_PW', $password, phpbb_request_interface::SERVER); + + $expected = array( + 'status' => LOGIN_SUCCESS, + 'error_msg' => false, + 'user_row' => array( + 'user_id' => '1', + 'username' => 'foobar', + 'user_password' => '$H$9E45lK6J8nLTSm9oJE5aNCSTFK9wqa/', + 'user_passchg' => '0', + 'user_email' => 'example@example.com', + 'user_type' => '0', + ), + ); + + $this->assertEquals($expected, $this->provider->login($username, $password)); } public function test_validate_session() From 9e04328545c933aa801c52c1567efd3d2e06fcf3 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 25 Jun 2013 14:24:47 -0400 Subject: [PATCH 106/157] [feature/auth-refactor] Test autologin() on provider_apache Provides a test for the autologin() method of provider_apache that assumes the user already exists in the database. PHPBB3-9734 --- tests/auth/provider_apache_test.php | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/tests/auth/provider_apache_test.php b/tests/auth/provider_apache_test.php index 4773e4fdc3..6cfd676fc2 100644 --- a/tests/auth/provider_apache_test.php +++ b/tests/auth/provider_apache_test.php @@ -69,6 +69,34 @@ class phpbb_auth_provider_apache_test extends phpbb_database_test_case $this->assertEquals($expected, $this->provider->login($username, $password)); } + public function test_autologin() + { + $this->request->overwrite('PHP_AUTH_USER', 'foobar', phpbb_request_interface::SERVER); + $this->request->overwrite('PHP_AUTH_PW', 'example', phpbb_request_interface::SERVER); + + $expected = array( + 'status' => LOGIN_SUCCESS, + 'error_msg' => false, + 'user_row' => array( + 'user_id' => '1', + 'username' => 'foobar', + 'username_clean' => 'foobar', + 'user_password' => '$H$9E45lK6J8nLTSm9oJE5aNCSTFK9wqa/', + 'user_passchg' => '0', + 'user_pass_convert' => '0', + 'user_email' => 'example@example.com', + 'user_type' => '0', + 'user_login_attempts' => '0', + 'user_permission' => '', + 'user_sig' => '', + 'user_occ' => '', + 'user_interests' => '', + ), + ); + + $this->assertEquals($expected, $this->provider->autologin()); + } + public function test_validate_session() { $this->markTestIncomplete(); From 5444e5b6831d5ce87ff2adaf1f7b0e4788592bc3 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 25 Jun 2013 14:28:16 -0400 Subject: [PATCH 107/157] [feature/auth-refactor] Test validate_session on provider_apache Provides a test for the validate_session() method of provider_apache. PHPBB3-9734 --- tests/auth/provider_apache_test.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tests/auth/provider_apache_test.php b/tests/auth/provider_apache_test.php index 6cfd676fc2..092b90bea3 100644 --- a/tests/auth/provider_apache_test.php +++ b/tests/auth/provider_apache_test.php @@ -99,6 +99,10 @@ class phpbb_auth_provider_apache_test extends phpbb_database_test_case public function test_validate_session() { - $this->markTestIncomplete(); + $user = $this->getMock('phpbb_user'); + $user->data['username'] = 'foobar'; + $this->request->overwrite('PHP_AUTH_USER', 'foobar', phpbb_request_interface::SERVER); + + $this->assertTrue($this->provider->validate_session($user)); } } From 5f3ed197e73550e78b37dd38496210737cf3f39d Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 25 Jun 2013 16:25:45 -0400 Subject: [PATCH 108/157] [feature/auth-refactor] Fix auth tests to use mock objects correctly PHPBB3-9734 --- tests/auth/provider_apache_test.php | 148 +++++++++++++++++++++++----- 1 file changed, 123 insertions(+), 25 deletions(-) diff --git a/tests/auth/provider_apache_test.php b/tests/auth/provider_apache_test.php index 092b90bea3..0ca6ef763e 100644 --- a/tests/auth/provider_apache_test.php +++ b/tests/auth/provider_apache_test.php @@ -40,7 +40,15 @@ class phpbb_auth_provider_apache_test extends phpbb_database_test_case public function test_init() { $this->user->data['username'] = 'foobar'; - $this->request->overwrite('PHP_AUTH_USER', 'foobar', phpbb_request_interface::SERVER); + $this->request->expects($this->once()) + ->method('is_set') + ->with('PHP_AUTH_USER', + phpbb_request_interface::SERVER) + ->will($this->returnValue(true)); + $this->request->expects($this->once()) + ->method('server') + ->with('PHP_AUTH_USER') + ->will($this->returnValue('foobar')); $this->assertFalse($this->provider->init()); } @@ -50,8 +58,19 @@ class phpbb_auth_provider_apache_test extends phpbb_database_test_case $username = 'foobar'; $password = 'example'; - $this->request->overwrite('PHP_AUTH_USER', $username, phpbb_request_interface::SERVER); - $this->request->overwrite('PHP_AUTH_PW', $password, phpbb_request_interface::SERVER); + $this->request->expects($this->once()) + ->method('is_set') + ->with('PHP_AUTH_USER', + phpbb_request_interface::SERVER) + ->will($this->returnValue(true)); + $this->request->expects($this->at(1)) + ->method('server') + ->with('PHP_AUTH_USER') + ->will($this->returnValue('foobar')); + $this->request->expects($this->at(2)) + ->method('server') + ->with('PHP_AUTH_PW') + ->will($this->returnValue('example')); $expected = array( 'status' => LOGIN_SUCCESS, @@ -71,27 +90,96 @@ class phpbb_auth_provider_apache_test extends phpbb_database_test_case public function test_autologin() { - $this->request->overwrite('PHP_AUTH_USER', 'foobar', phpbb_request_interface::SERVER); - $this->request->overwrite('PHP_AUTH_PW', 'example', phpbb_request_interface::SERVER); + $this->request->expects($this->once()) + ->method('is_set') + ->with('PHP_AUTH_USER', + phpbb_request_interface::SERVER) + ->will($this->returnValue(true)); + $this->request->expects($this->at(1)) + ->method('server') + ->with('PHP_AUTH_USER') + ->will($this->returnValue('foobar')); + $this->request->expects($this->at(2)) + ->method('server') + ->with('PHP_AUTH_PW') + ->will($this->returnValue('example')); $expected = array( - 'status' => LOGIN_SUCCESS, - 'error_msg' => false, - 'user_row' => array( - 'user_id' => '1', - 'username' => 'foobar', - 'username_clean' => 'foobar', - 'user_password' => '$H$9E45lK6J8nLTSm9oJE5aNCSTFK9wqa/', - 'user_passchg' => '0', - 'user_pass_convert' => '0', - 'user_email' => 'example@example.com', - 'user_type' => '0', - 'user_login_attempts' => '0', - 'user_permission' => '', - 'user_sig' => '', - 'user_occ' => '', - 'user_interests' => '', - ), + 'user_id' => '1', + 'user_type' => '0', + 'group_id' => '3', + 'user_permissions' => '', + 'user_perm_from' => '0', + 'user_ip' => '', + 'user_regdate' => '0', + 'username' => 'foobar', + 'username_clean' => 'foobar', + 'user_password' => '$H$9E45lK6J8nLTSm9oJE5aNCSTFK9wqa/', + 'user_passchg' => '0', + 'user_pass_convert' => '0', + 'user_email' => 'example@example.com', + 'user_email_hash' => '0', + 'user_birthday' => '', + 'user_lastvisit' => '0', + 'user_lastmark' => '0', + 'user_lastpost_time' => '0', + 'user_lastpage' => '', + 'user_last_confirm_key' => '', + 'user_last_search' => '0', + 'user_warnings' => '0', + 'user_last_warning' => '0', + 'user_login_attempts' => '0', + 'user_inactive_reason' => '0', + 'user_inactive_time' => '0', + 'user_posts' => '0', + 'user_lang' => '', + 'user_timezone' => 'UTC', + 'user_dateformat' => 'd M Y H:i', + 'user_style' => '0', + 'user_rank' => '0', + 'user_colour' => '', + 'user_new_privmsg' => '0', + 'user_unread_privmsg' => '0', + 'user_last_privmsg' => '0', + 'user_message_rules' => '0', + 'user_full_folder' => '-3', + 'user_emailtime' => '0', + 'user_topic_show_days' => '0', + 'user_topic_sortby_type' => 't', + 'user_topic_sortby_dir' => 'd', + 'user_post_show_days' => '0', + 'user_post_sortby_type' => 't', + 'user_post_sortby_dir' => 'a', + 'user_notify' => '0', + 'user_notify_pm' => '1', + 'user_notify_type' => '0', + 'user_allow_pm' => '1', + 'user_allow_viewonline' => '1', + 'user_allow_viewemail' => '1', + 'user_allow_massemail' => '1', + 'user_options' => '230271', + 'user_avatar' => '', + 'user_avatar_type' => '', + 'user_avatar_width' => '0', + 'user_avatar_height' => '0', + 'user_sig' => '', + 'user_sig_bbcode_uid' => '', + 'user_sig_bbcode_bitfield' => '', + 'user_from' => '', + 'user_icq' => '', + 'user_aim' => '', + 'user_yim' => '', + 'user_msnm' => '', + 'user_jabber' => '', + 'user_website' => '', + 'user_occ' => '', + 'user_interests' => '', + 'user_actkey' => '', + 'user_newpasswd' => '', + 'user_form_salt' => '', + 'user_new' => '1', + 'user_reminded' => '0', + 'user_reminded_time' => '0', ); $this->assertEquals($expected, $this->provider->autologin()); @@ -99,9 +187,19 @@ class phpbb_auth_provider_apache_test extends phpbb_database_test_case public function test_validate_session() { - $user = $this->getMock('phpbb_user'); - $user->data['username'] = 'foobar'; - $this->request->overwrite('PHP_AUTH_USER', 'foobar', phpbb_request_interface::SERVER); + $user = array( + 'username' => 'foobar', + 'user_type' + ); + $this->request->expects($this->once()) + ->method('is_set') + ->with('PHP_AUTH_USER', + phpbb_request_interface::SERVER) + ->will($this->returnValue(true)); + $this->request->expects($this->once()) + ->method('server') + ->with('PHP_AUTH_USER') + ->will($this->returnValue('foobar')); $this->assertTrue($this->provider->validate_session($user)); } From 4f3f0a8791cea806cc63cfe4709605ad63f8cbd4 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 25 Jun 2013 21:56:58 -0400 Subject: [PATCH 109/157] [feature/auth-refactor] Remove references to old auth plugins Removes what is hopefully the last references to the old auth plugins in the code base. PHPBB3-9734 --- phpBB/includes/acp/acp_board.php | 38 ++++++++------------------------ 1 file changed, 9 insertions(+), 29 deletions(-) diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 383e035817..1ac6697255 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -523,21 +523,11 @@ class acp_board { // Retrieve a list of auth plugins and check their config values $auth_plugins = array(); + $auth_providers = $phpbb_container->get('auth.provider_collection'); - $dp = @opendir($phpbb_root_path . 'includes/auth'); - - if ($dp) + foreach($auth_providers as $key => $value) { - while (($file = readdir($dp)) !== false) - { - if (preg_match('#^provider_(.*?)\.' . $phpEx . '$#', $file) && !preg_match('#^provider_interface\.' . $phpEx . '$#', $file)) - { - $auth_plugins[] = basename(preg_replace('#^provider_(.*?)\.' . $phpEx . '$#', '\1', $file)); - } - } - closedir($dp); - - sort($auth_plugins); + $auth_plugins[] = str_replace('auth.provider.', '', $key); } $updated_auth_settings = false; @@ -546,7 +536,7 @@ class acp_board { if ($method) { - $provider = $phpbb_container->get('auth.provider.' . $method); + $provider = $auth_providers['auth.provider.' . $method]; if ($provider) { if ($fields = $provider->acp($this->new_config)) @@ -585,7 +575,7 @@ class acp_board $method = basename($cfg_array['auth_method']); if ($method) { - $provider = $phpbb_container->get('auth.provider.' . $method); + $provider = $auth_providers['auth.provider.' . $method]; if ($provider) { if ($error = $provider->init()) @@ -683,7 +673,7 @@ class acp_board { if ($method) { - $provider = $phpbb_container->get('auth.provider.' . $method); + $provider = $auth_providers['auth.provider.' . $method]; if ($provider) { $fields = $provider->acp($this->new_config); @@ -709,23 +699,13 @@ class acp_board global $phpbb_root_path, $phpEx; $auth_plugins = array(); + $auth_providers = $phpbb_container->get('auth.provider_collection'); - $dp = @opendir($phpbb_root_path . 'includes/auth'); - - if (!$dp) + foreach($auth_providers as $key => $value) { - return ''; + $auth_plugins[] = str_replace('auth.provider.', '', $key); } - while (($file = readdir($dp)) !== false) - { - if (preg_match('#^auth_(.*?)\.' . $phpEx . '$#', $file)) - { - $auth_plugins[] = preg_replace('#^auth_(.*?)\.' . $phpEx . '$#', '\1', $file); - } - } - closedir($dp); - sort($auth_plugins); $auth_select = ''; From 09372d765d5adbca743063a7410b97abf4536015 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 25 Jun 2013 22:01:00 -0400 Subject: [PATCH 110/157] [feature/auth-refactor] Remove old auth plugins PHPBB3-9734 --- phpBB/includes/auth/auth_apache.php | 247 -------------------- phpBB/includes/auth/auth_db.php | 289 ----------------------- phpBB/includes/auth/auth_ldap.php | 350 ---------------------------- 3 files changed, 886 deletions(-) delete mode 100644 phpBB/includes/auth/auth_apache.php delete mode 100644 phpBB/includes/auth/auth_db.php delete mode 100644 phpBB/includes/auth/auth_ldap.php diff --git a/phpBB/includes/auth/auth_apache.php b/phpBB/includes/auth/auth_apache.php deleted file mode 100644 index 10b288aa09..0000000000 --- a/phpBB/includes/auth/auth_apache.php +++ /dev/null @@ -1,247 +0,0 @@ -is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER) || $user->data['username'] !== htmlspecialchars_decode($request->server('PHP_AUTH_USER'))) - { - return $user->lang['APACHE_SETUP_BEFORE_USE']; - } - return false; -} - -/** -* Login function -*/ -function login_apache(&$username, &$password) -{ - global $db, $request; - - // do not allow empty password - if (!$password) - { - return array( - 'status' => LOGIN_ERROR_PASSWORD, - 'error_msg' => 'NO_PASSWORD_SUPPLIED', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - if (!$username) - { - return array( - 'status' => LOGIN_ERROR_USERNAME, - 'error_msg' => 'LOGIN_ERROR_USERNAME', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - if (!$request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) - { - return array( - 'status' => LOGIN_ERROR_EXTERNAL_AUTH, - 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - $php_auth_user = htmlspecialchars_decode($request->server('PHP_AUTH_USER')); - $php_auth_pw = htmlspecialchars_decode($request->server('PHP_AUTH_PW')); - - if (!empty($php_auth_user) && !empty($php_auth_pw)) - { - if ($php_auth_user !== $username) - { - return array( - 'status' => LOGIN_ERROR_USERNAME, - 'error_msg' => 'LOGIN_ERROR_USERNAME', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type - FROM ' . USERS_TABLE . " - WHERE username = '" . $db->sql_escape($php_auth_user) . "'"; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - if ($row) - { - // User inactive... - if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) - { - return array( - 'status' => LOGIN_ERROR_ACTIVE, - 'error_msg' => 'ACTIVE_ERROR', - 'user_row' => $row, - ); - } - - // Successful login... - return array( - 'status' => LOGIN_SUCCESS, - 'error_msg' => false, - 'user_row' => $row, - ); - } - - // this is the user's first login so create an empty profile - return array( - 'status' => LOGIN_SUCCESS_CREATE_PROFILE, - 'error_msg' => false, - 'user_row' => user_row_apache($php_auth_user, $php_auth_pw), - ); - } - - // Not logged into apache - return array( - 'status' => LOGIN_ERROR_EXTERNAL_AUTH, - 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', - 'user_row' => array('user_id' => ANONYMOUS), - ); -} - -/** -* Autologin function -* -* @return array containing the user row or empty if no auto login should take place -*/ -function autologin_apache() -{ - global $db, $request; - - if (!$request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) - { - return array(); - } - - $php_auth_user = htmlspecialchars_decode($request->server('PHP_AUTH_USER')); - $php_auth_pw = htmlspecialchars_decode($request->server('PHP_AUTH_PW')); - - if (!empty($php_auth_user) && !empty($php_auth_pw)) - { - set_var($php_auth_user, $php_auth_user, 'string', true); - set_var($php_auth_pw, $php_auth_pw, 'string', true); - - $sql = 'SELECT * - FROM ' . USERS_TABLE . " - WHERE username = '" . $db->sql_escape($php_auth_user) . "'"; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - if ($row) - { - return ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) ? array() : $row; - } - - if (!function_exists('user_add')) - { - global $phpbb_root_path, $phpEx; - - include($phpbb_root_path . 'includes/functions_user.' . $phpEx); - } - - // create the user if he does not exist yet - user_add(user_row_apache($php_auth_user, $php_auth_pw)); - - $sql = 'SELECT * - FROM ' . USERS_TABLE . " - WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($php_auth_user)) . "'"; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - if ($row) - { - return $row; - } - } - - return array(); -} - -/** -* This function generates an array which can be passed to the user_add function in order to create a user -*/ -function user_row_apache($username, $password) -{ - global $db, $config, $user; - // first retrieve default group id - $sql = 'SELECT group_id - FROM ' . GROUPS_TABLE . " - WHERE group_name = '" . $db->sql_escape('REGISTERED') . "' - AND group_type = " . GROUP_SPECIAL; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - if (!$row) - { - trigger_error('NO_GROUP'); - } - - // generate user account data - return array( - 'username' => $username, - 'user_password' => phpbb_hash($password), - 'user_email' => '', - 'group_id' => (int) $row['group_id'], - 'user_type' => USER_NORMAL, - 'user_ip' => $user->ip, - 'user_new' => ($config['new_member_post_limit']) ? 1 : 0, - ); -} - -/** -* The session validation function checks whether the user is still logged in -* -* @return boolean true if the given user is authenticated or false if the session should be closed -*/ -function validate_session_apache(&$user) -{ - global $request; - - // Check if PHP_AUTH_USER is set and handle this case - if ($request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) - { - $php_auth_user = $request->server('PHP_AUTH_USER'); - - return ($php_auth_user === $user['username']) ? true : false; - } - - // PHP_AUTH_USER is not set. A valid session is now determined by the user type (anonymous/bot or not) - if ($user['user_type'] == USER_IGNORE) - { - return true; - } - - return false; -} diff --git a/phpBB/includes/auth/auth_db.php b/phpBB/includes/auth/auth_db.php deleted file mode 100644 index ac944532a5..0000000000 --- a/phpBB/includes/auth/auth_db.php +++ /dev/null @@ -1,289 +0,0 @@ - status constant -* 'error_msg' => string -* 'user_row' => array -* ) -*/ -function login_db($username, $password, $ip = '', $browser = '', $forwarded_for = '') -{ - global $db, $config; - global $request; - - // Auth plugins get the password untrimmed. - // For compatibility we trim() here. - $password = trim($password); - - // do not allow empty password - if (!$password) - { - return array( - 'status' => LOGIN_ERROR_PASSWORD, - 'error_msg' => 'NO_PASSWORD_SUPPLIED', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - if (!$username) - { - return array( - 'status' => LOGIN_ERROR_USERNAME, - 'error_msg' => 'LOGIN_ERROR_USERNAME', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - $username_clean = utf8_clean_string($username); - - $sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts - FROM ' . USERS_TABLE . " - WHERE username_clean = '" . $db->sql_escape($username_clean) . "'"; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - if (($ip && !$config['ip_login_limit_use_forwarded']) || - ($forwarded_for && $config['ip_login_limit_use_forwarded'])) - { - $sql = 'SELECT COUNT(*) AS attempts - FROM ' . LOGIN_ATTEMPT_TABLE . ' - WHERE attempt_time > ' . (time() - (int) $config['ip_login_limit_time']); - if ($config['ip_login_limit_use_forwarded']) - { - $sql .= " AND attempt_forwarded_for = '" . $db->sql_escape($forwarded_for) . "'"; - } - else - { - $sql .= " AND attempt_ip = '" . $db->sql_escape($ip) . "' "; - } - - $result = $db->sql_query($sql); - $attempts = (int) $db->sql_fetchfield('attempts'); - $db->sql_freeresult($result); - - $attempt_data = array( - 'attempt_ip' => $ip, - 'attempt_browser' => trim(substr($browser, 0, 149)), - 'attempt_forwarded_for' => $forwarded_for, - 'attempt_time' => time(), - 'user_id' => ($row) ? (int) $row['user_id'] : 0, - 'username' => $username, - 'username_clean' => $username_clean, - ); - $sql = 'INSERT INTO ' . LOGIN_ATTEMPT_TABLE . $db->sql_build_array('INSERT', $attempt_data); - $result = $db->sql_query($sql); - } - else - { - $attempts = 0; - } - - if (!$row) - { - if ($config['ip_login_limit_max'] && $attempts >= $config['ip_login_limit_max']) - { - return array( - 'status' => LOGIN_ERROR_ATTEMPTS, - 'error_msg' => 'LOGIN_ERROR_ATTEMPTS', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - return array( - 'status' => LOGIN_ERROR_USERNAME, - 'error_msg' => 'LOGIN_ERROR_USERNAME', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - $show_captcha = ($config['max_login_attempts'] && $row['user_login_attempts'] >= $config['max_login_attempts']) || - ($config['ip_login_limit_max'] && $attempts >= $config['ip_login_limit_max']); - - // If there are too much login attempts, we need to check for an confirm image - // Every auth module is able to define what to do by itself... - if ($show_captcha) - { - // Visual Confirmation handling - if (!class_exists('phpbb_captcha_factory', false)) - { - global $phpbb_root_path, $phpEx; - include ($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx); - } - - $captcha = phpbb_captcha_factory::get_instance($config['captcha_plugin']); - $captcha->init(CONFIRM_LOGIN); - $vc_response = $captcha->validate($row); - if ($vc_response) - { - return array( - 'status' => LOGIN_ERROR_ATTEMPTS, - 'error_msg' => 'LOGIN_ERROR_ATTEMPTS', - 'user_row' => $row, - ); - } - else - { - $captcha->reset(); - } - - } - - // If the password convert flag is set we need to convert it - if ($row['user_pass_convert']) - { - // enable super globals to get literal value - // this is needed to prevent unicode normalization - $super_globals_disabled = $request->super_globals_disabled(); - if ($super_globals_disabled) - { - $request->enable_super_globals(); - } - - // in phpBB2 passwords were used exactly as they were sent, with addslashes applied - $password_old_format = isset($_REQUEST['password']) ? (string) $_REQUEST['password'] : ''; - $password_old_format = (!STRIP) ? addslashes($password_old_format) : $password_old_format; - $password_new_format = $request->variable('password', '', true); - - if ($super_globals_disabled) - { - $request->disable_super_globals(); - } - - if ($password == $password_new_format) - { - if (!function_exists('utf8_to_cp1252')) - { - global $phpbb_root_path, $phpEx; - include($phpbb_root_path . 'includes/utf/data/recode_basic.' . $phpEx); - } - - // cp1252 is phpBB2's default encoding, characters outside ASCII range might work when converted into that encoding - // plain md5 support left in for conversions from other systems. - if ((strlen($row['user_password']) == 34 && (phpbb_check_hash(md5($password_old_format), $row['user_password']) || phpbb_check_hash(md5(utf8_to_cp1252($password_old_format)), $row['user_password']))) - || (strlen($row['user_password']) == 32 && (md5($password_old_format) == $row['user_password'] || md5(utf8_to_cp1252($password_old_format)) == $row['user_password']))) - { - $hash = phpbb_hash($password_new_format); - - // Update the password in the users table to the new format and remove user_pass_convert flag - $sql = 'UPDATE ' . USERS_TABLE . ' - SET user_password = \'' . $db->sql_escape($hash) . '\', - user_pass_convert = 0 - WHERE user_id = ' . $row['user_id']; - $db->sql_query($sql); - - $row['user_pass_convert'] = 0; - $row['user_password'] = $hash; - } - else - { - // Although we weren't able to convert this password we have to - // increase login attempt count to make sure this cannot be exploited - $sql = 'UPDATE ' . USERS_TABLE . ' - SET user_login_attempts = user_login_attempts + 1 - WHERE user_id = ' . (int) $row['user_id'] . ' - AND user_login_attempts < ' . LOGIN_ATTEMPTS_MAX; - $db->sql_query($sql); - - return array( - 'status' => LOGIN_ERROR_PASSWORD_CONVERT, - 'error_msg' => 'LOGIN_ERROR_PASSWORD_CONVERT', - 'user_row' => $row, - ); - } - } - } - - // Check password ... - if (!$row['user_pass_convert'] && phpbb_check_hash($password, $row['user_password'])) - { - // Check for old password hash... - if (strlen($row['user_password']) == 32) - { - $hash = phpbb_hash($password); - - // Update the password in the users table to the new format - $sql = 'UPDATE ' . USERS_TABLE . " - SET user_password = '" . $db->sql_escape($hash) . "', - user_pass_convert = 0 - WHERE user_id = {$row['user_id']}"; - $db->sql_query($sql); - - $row['user_password'] = $hash; - } - - $sql = 'DELETE FROM ' . LOGIN_ATTEMPT_TABLE . ' - WHERE user_id = ' . $row['user_id']; - $db->sql_query($sql); - - if ($row['user_login_attempts'] != 0) - { - // Successful, reset login attempts (the user passed all stages) - $sql = 'UPDATE ' . USERS_TABLE . ' - SET user_login_attempts = 0 - WHERE user_id = ' . $row['user_id']; - $db->sql_query($sql); - } - - // User inactive... - if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) - { - return array( - 'status' => LOGIN_ERROR_ACTIVE, - 'error_msg' => 'ACTIVE_ERROR', - 'user_row' => $row, - ); - } - - // Successful login... set user_login_attempts to zero... - return array( - 'status' => LOGIN_SUCCESS, - 'error_msg' => false, - 'user_row' => $row, - ); - } - - // Password incorrect - increase login attempts - $sql = 'UPDATE ' . USERS_TABLE . ' - SET user_login_attempts = user_login_attempts + 1 - WHERE user_id = ' . (int) $row['user_id'] . ' - AND user_login_attempts < ' . LOGIN_ATTEMPTS_MAX; - $db->sql_query($sql); - - // Give status about wrong password... - return array( - 'status' => ($show_captcha) ? LOGIN_ERROR_ATTEMPTS : LOGIN_ERROR_PASSWORD, - 'error_msg' => ($show_captcha) ? 'LOGIN_ERROR_ATTEMPTS' : 'LOGIN_ERROR_PASSWORD', - 'user_row' => $row, - ); -} diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php deleted file mode 100644 index 98355dd044..0000000000 --- a/phpBB/includes/auth/auth_ldap.php +++ /dev/null @@ -1,350 +0,0 @@ -lang['LDAP_NO_LDAP_EXTENSION']; - } - - $config['ldap_port'] = (int) $config['ldap_port']; - if ($config['ldap_port']) - { - $ldap = @ldap_connect($config['ldap_server'], $config['ldap_port']); - } - else - { - $ldap = @ldap_connect($config['ldap_server']); - } - - if (!$ldap) - { - return $user->lang['LDAP_NO_SERVER_CONNECTION']; - } - - @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); - @ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); - - if ($config['ldap_user'] || $config['ldap_password']) - { - if (!@ldap_bind($ldap, htmlspecialchars_decode($config['ldap_user']), htmlspecialchars_decode($config['ldap_password']))) - { - return $user->lang['LDAP_INCORRECT_USER_PASSWORD']; - } - } - - // ldap_connect only checks whether the specified server is valid, so the connection might still fail - $search = @ldap_search( - $ldap, - htmlspecialchars_decode($config['ldap_base_dn']), - ldap_user_filter($user->data['username']), - (empty($config['ldap_email'])) ? - array(htmlspecialchars_decode($config['ldap_uid'])) : - array(htmlspecialchars_decode($config['ldap_uid']), htmlspecialchars_decode($config['ldap_email'])), - 0, - 1 - ); - - if ($search === false) - { - return $user->lang['LDAP_SEARCH_FAILED']; - } - - $result = @ldap_get_entries($ldap, $search); - - @ldap_close($ldap); - - - if (!is_array($result) || sizeof($result) < 2) - { - return sprintf($user->lang['LDAP_NO_IDENTITY'], $user->data['username']); - } - - if (!empty($config['ldap_email']) && !isset($result[0][htmlspecialchars_decode($config['ldap_email'])])) - { - return $user->lang['LDAP_NO_EMAIL']; - } - - return false; -} - -/** -* Login function -*/ -function login_ldap(&$username, &$password) -{ - global $db, $config, $user; - - // do not allow empty password - if (!$password) - { - return array( - 'status' => LOGIN_ERROR_PASSWORD, - 'error_msg' => 'NO_PASSWORD_SUPPLIED', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - if (!$username) - { - return array( - 'status' => LOGIN_ERROR_USERNAME, - 'error_msg' => 'LOGIN_ERROR_USERNAME', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - if (!@extension_loaded('ldap')) - { - return array( - 'status' => LOGIN_ERROR_EXTERNAL_AUTH, - 'error_msg' => 'LDAP_NO_LDAP_EXTENSION', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - $config['ldap_port'] = (int) $config['ldap_port']; - if ($config['ldap_port']) - { - $ldap = @ldap_connect($config['ldap_server'], $config['ldap_port']); - } - else - { - $ldap = @ldap_connect($config['ldap_server']); - } - - if (!$ldap) - { - return array( - 'status' => LOGIN_ERROR_EXTERNAL_AUTH, - 'error_msg' => 'LDAP_NO_SERVER_CONNECTION', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); - @ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); - - if ($config['ldap_user'] || $config['ldap_password']) - { - if (!@ldap_bind($ldap, htmlspecialchars_decode($config['ldap_user']), htmlspecialchars_decode($config['ldap_password']))) - { - return array( - 'status' => LOGIN_ERROR_EXTERNAL_AUTH, - 'error_msg' => 'LDAP_NO_SERVER_CONNECTION', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - } - - $search = @ldap_search( - $ldap, - htmlspecialchars_decode($config['ldap_base_dn']), - ldap_user_filter($username), - (empty($config['ldap_email'])) ? - array(htmlspecialchars_decode($config['ldap_uid'])) : - array(htmlspecialchars_decode($config['ldap_uid']), htmlspecialchars_decode($config['ldap_email'])), - 0, - 1 - ); - - $ldap_result = @ldap_get_entries($ldap, $search); - - if (is_array($ldap_result) && sizeof($ldap_result) > 1) - { - if (@ldap_bind($ldap, $ldap_result[0]['dn'], htmlspecialchars_decode($password))) - { - @ldap_close($ldap); - - $sql ='SELECT user_id, username, user_password, user_passchg, user_email, user_type - FROM ' . USERS_TABLE . " - WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'"; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - if ($row) - { - unset($ldap_result); - - // User inactive... - if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) - { - return array( - 'status' => LOGIN_ERROR_ACTIVE, - 'error_msg' => 'ACTIVE_ERROR', - 'user_row' => $row, - ); - } - - // Successful login... set user_login_attempts to zero... - return array( - 'status' => LOGIN_SUCCESS, - 'error_msg' => false, - 'user_row' => $row, - ); - } - else - { - // retrieve default group id - $sql = 'SELECT group_id - FROM ' . GROUPS_TABLE . " - WHERE group_name = '" . $db->sql_escape('REGISTERED') . "' - AND group_type = " . GROUP_SPECIAL; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - if (!$row) - { - trigger_error('NO_GROUP'); - } - - // generate user account data - $ldap_user_row = array( - 'username' => $username, - 'user_password' => phpbb_hash($password), - 'user_email' => (!empty($config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][htmlspecialchars_decode($config['ldap_email'])][0]) : '', - 'group_id' => (int) $row['group_id'], - 'user_type' => USER_NORMAL, - 'user_ip' => $user->ip, - 'user_new' => ($config['new_member_post_limit']) ? 1 : 0, - ); - - unset($ldap_result); - - // this is the user's first login so create an empty profile - return array( - 'status' => LOGIN_SUCCESS_CREATE_PROFILE, - 'error_msg' => false, - 'user_row' => $ldap_user_row, - ); - } - } - else - { - unset($ldap_result); - @ldap_close($ldap); - - // Give status about wrong password... - return array( - 'status' => LOGIN_ERROR_PASSWORD, - 'error_msg' => 'LOGIN_ERROR_PASSWORD', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - } - - @ldap_close($ldap); - - return array( - 'status' => LOGIN_ERROR_USERNAME, - 'error_msg' => 'LOGIN_ERROR_USERNAME', - 'user_row' => array('user_id' => ANONYMOUS), - ); -} - -/** -* Generates a filter string for ldap_search to find a user -* -* @param $username string Username identifying the searched user -* -* @return string A filter string for ldap_search -*/ -function ldap_user_filter($username) -{ - global $config; - - $filter = '(' . $config['ldap_uid'] . '=' . ldap_escape(htmlspecialchars_decode($username)) . ')'; - if ($config['ldap_user_filter']) - { - $_filter = ($config['ldap_user_filter'][0] == '(' && substr($config['ldap_user_filter'], -1) == ')') ? $config['ldap_user_filter'] : "({$config['ldap_user_filter']})"; - $filter = "(&{$filter}{$_filter})"; - } - return $filter; -} - -/** -* Escapes an LDAP AttributeValue -*/ -function ldap_escape($string) -{ - return str_replace(array('*', '\\', '(', ')'), array('\\*', '\\\\', '\\(', '\\)'), $string); -} - -/** -* This function is used to output any required fields in the authentication -* admin panel. It also defines any required configuration table fields. -*/ -function acp_ldap(&$new) -{ - global $user; - - $tpl = ' - -
    -

    ' . $user->lang['LDAP_SERVER_EXPLAIN'] . '
    -
    -
    -
    -

    ' . $user->lang['LDAP_PORT_EXPLAIN'] . '
    -
    -
    -
    -

    ' . $user->lang['LDAP_DN_EXPLAIN'] . '
    -
    -
    -
    -

    ' . $user->lang['LDAP_UID_EXPLAIN'] . '
    -
    -
    -
    -

    ' . $user->lang['LDAP_USER_FILTER_EXPLAIN'] . '
    -
    -
    -
    -

    ' . $user->lang['LDAP_EMAIL_EXPLAIN'] . '
    -
    -
    -
    -

    ' . $user->lang['LDAP_USER_EXPLAIN'] . '
    -
    -
    -
    -

    ' . $user->lang['LDAP_PASSWORD_EXPLAIN'] . '
    -
    -
    - '; - - // These are fields required in the config table - return array( - 'tpl' => $tpl, - 'config' => array('ldap_server', 'ldap_port', 'ldap_base_dn', 'ldap_uid', 'ldap_user_filter', 'ldap_email', 'ldap_user', 'ldap_password') - ); -} From b78b6711c80f2a47f3ab71dde9b733e04d9b523d Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 25 Jun 2013 22:14:39 -0400 Subject: [PATCH 111/157] [feature/auth-refactor] Don't truncate name then reattach same thing PHPBB3-9734 --- phpBB/includes/acp/acp_board.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 1ac6697255..bff5a3e64d 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -527,7 +527,7 @@ class acp_board foreach($auth_providers as $key => $value) { - $auth_plugins[] = str_replace('auth.provider.', '', $key); + $auth_plugins[] = $key; } $updated_auth_settings = false; @@ -536,7 +536,7 @@ class acp_board { if ($method) { - $provider = $auth_providers['auth.provider.' . $method]; + $provider = $auth_providers[$method]; if ($provider) { if ($fields = $provider->acp($this->new_config)) @@ -575,7 +575,7 @@ class acp_board $method = basename($cfg_array['auth_method']); if ($method) { - $provider = $auth_providers['auth.provider.' . $method]; + $provider = $auth_providers[$method]; if ($provider) { if ($error = $provider->init()) @@ -673,7 +673,7 @@ class acp_board { if ($method) { - $provider = $auth_providers['auth.provider.' . $method]; + $provider = $auth_providers[$method]; if ($provider) { $fields = $provider->acp($this->new_config); From 3c394aee6208277eb852764ca6b4ef50e2832301 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 25 Jun 2013 22:21:38 -0400 Subject: [PATCH 112/157] [feature/auth-refactor] Refactor auth in acp_board Changes the acp_board code to directly call the auth providers out of the $auth_providers variable that is populated by the phpbb_container. PHPBB3-9734 --- phpBB/includes/acp/acp_board.php | 25 +++---------------------- 1 file changed, 3 insertions(+), 22 deletions(-) diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index bff5a3e64d..d6bf2d637b 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -525,20 +525,10 @@ class acp_board $auth_plugins = array(); $auth_providers = $phpbb_container->get('auth.provider_collection'); - foreach($auth_providers as $key => $value) - { - $auth_plugins[] = $key; - } - $updated_auth_settings = false; $old_auth_config = array(); - foreach ($auth_plugins as $method) + foreach ($auth_providers as $provider) { - if ($method) - { - $provider = $auth_providers[$method]; - if ($provider) - { if ($fields = $provider->acp($this->new_config)) { // Check if we need to create config fields for this plugin and save config when submit was pressed @@ -566,8 +556,6 @@ class acp_board } } unset($fields); - } - } } if ($submit && (($cfg_array['auth_method'] != $this->new_config['auth_method']) || $updated_auth_settings)) @@ -575,7 +563,7 @@ class acp_board $method = basename($cfg_array['auth_method']); if ($method) { - $provider = $auth_providers[$method]; + $provider = $auth_providers['auth.provider.' . $method]; if ($provider) { if ($error = $provider->init()) @@ -669,13 +657,8 @@ class acp_board { $template->assign_var('S_AUTH', true); - foreach ($auth_plugins as $method) + foreach ($auth_provider as $provider) { - if ($method) - { - $provider = $auth_providers[$method]; - if ($provider) - { $fields = $provider->acp($this->new_config); if ($fields['tpl']) @@ -685,8 +668,6 @@ class acp_board ); } unset($fields); - } - } } } } From 08614e2b8540766037e13f3eb1e6d4d64eea7b46 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 25 Jun 2013 22:25:40 -0400 Subject: [PATCH 113/157] [feature/auth-refactor] Fix indentation on acp_board PHPBB3-9734 --- phpBB/includes/acp/acp_board.php | 79 +++++++++++++++----------------- 1 file changed, 38 insertions(+), 41 deletions(-) diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index d6bf2d637b..5e8efaa60c 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -529,51 +529,48 @@ class acp_board $old_auth_config = array(); foreach ($auth_providers as $provider) { - if ($fields = $provider->acp($this->new_config)) + if ($fields = $provider->acp($this->new_config)) + { + // Check if we need to create config fields for this plugin and save config when submit was pressed + foreach ($fields['config'] as $field) + { + if (!isset($config[$field])) { - // Check if we need to create config fields for this plugin and save config when submit was pressed - foreach ($fields['config'] as $field) - { - if (!isset($config[$field])) - { - set_config($field, ''); - } - - if (!isset($cfg_array[$field]) || strpos($field, 'legend') !== false) - { - continue; - } - - $old_auth_config[$field] = $this->new_config[$field]; - $config_value = $cfg_array[$field]; - $this->new_config[$field] = $config_value; - - if ($submit) - { - $updated_auth_settings = true; - set_config($field, $config_value); - } - } + set_config($field, ''); } - unset($fields); + + if (!isset($cfg_array[$field]) || strpos($field, 'legend') !== false) + { + continue; + } + + $old_auth_config[$field] = $this->new_config[$field]; + $config_value = $cfg_array[$field]; + $this->new_config[$field] = $config_value; + + if ($submit) + { + $updated_auth_settings = true; + set_config($field, $config_value); + } + } + } + unset($fields); } if ($submit && (($cfg_array['auth_method'] != $this->new_config['auth_method']) || $updated_auth_settings)) { $method = basename($cfg_array['auth_method']); - if ($method) + if (array_key_exists('auth.provider.' . $method, $auth_providers)) { $provider = $auth_providers['auth.provider.' . $method]; - if ($provider) + if ($error = $provider->init()) { - if ($error = $provider->init()) + foreach ($old_auth_config as $config_name => $config_value) { - foreach ($old_auth_config as $config_name => $config_value) - { - set_config($config_name, $config_value); - } - trigger_error($error . adm_back_link($this->u_action), E_USER_WARNING); + set_config($config_name, $config_value); } + trigger_error($error . adm_back_link($this->u_action), E_USER_WARNING); } set_config('auth_method', basename($cfg_array['auth_method'])); } @@ -659,15 +656,15 @@ class acp_board foreach ($auth_provider as $provider) { - $fields = $provider->acp($this->new_config); + $fields = $provider->acp($this->new_config); - if ($fields['tpl']) - { - $template->assign_block_vars('auth_tpl', array( - 'TPL' => $fields['tpl']) - ); - } - unset($fields); + if ($fields['tpl']) + { + $template->assign_block_vars('auth_tpl', array( + 'TPL' => $fields['tpl']) + ); + } + unset($fields); } } } From 59929669f508f06b2440bf36af463851acbeb711 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 25 Jun 2013 22:26:45 -0400 Subject: [PATCH 114/157] [feature/auth-refactor] Fix errors in acp_board Fixes errors introduced by the last several commits. PHPBB3-9734 --- phpBB/includes/acp/acp_board.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 5e8efaa60c..4a758207fd 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -654,7 +654,7 @@ class acp_board { $template->assign_var('S_AUTH', true); - foreach ($auth_provider as $provider) + foreach ($auth_providers as $provider) { $fields = $provider->acp($this->new_config); @@ -674,7 +674,7 @@ class acp_board */ function select_auth_method($selected_method, $key = '') { - global $phpbb_root_path, $phpEx; + global $phpbb_root_path, $phpEx, $phpbb_container; $auth_plugins = array(); $auth_providers = $phpbb_container->get('auth.provider_collection'); From 4afdd650cdea0a09da14e8dff23cee1b30e5980d Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 26 Jun 2013 00:02:03 -0400 Subject: [PATCH 115/157] [feature/auth-refactor] Removed no longer used variable PHPBB3-9734 --- phpBB/includes/acp/acp_board.php | 1 - 1 file changed, 1 deletion(-) diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 4a758207fd..4d07f96c6f 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -522,7 +522,6 @@ class acp_board if ($mode == 'auth') { // Retrieve a list of auth plugins and check their config values - $auth_plugins = array(); $auth_providers = $phpbb_container->get('auth.provider_collection'); $updated_auth_settings = false; From 19bbf7b7de4a2575405b84c8a253cbf9de315b7c Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 26 Jun 2013 11:31:11 -0400 Subject: [PATCH 116/157] [feature/auth-refactor] Fix two session tests broken by changes PHPBB3-9734 --- tests/session/continue_test.php | 13 +++++++++++++ tests/session/init_test.php | 13 +++++++++++++ 2 files changed, 26 insertions(+) diff --git a/tests/session/continue_test.php b/tests/session/continue_test.php index ad78d92299..e5a7f7a4a1 100644 --- a/tests/session/continue_test.php +++ b/tests/session/continue_test.php @@ -53,7 +53,20 @@ class phpbb_session_continue_test extends phpbb_database_test_case */ public function test_session_begin_valid_session($session_id, $user_id, $user_agent, $ip, $expected_sessions, $expected_cookies, $message) { + global $phpbb_container, $phpbb_root_path, $phpEx; + $db = $this->new_dbal(); + $config = new phpbb_config(array()); + $request = $this->getMock('phpbb_request'); + $user = $this->getMock('phpbb_user'); + + $auth_provider = new phpbb_auth_provider_db($db, $config, $request, $user, $phpbb_root_path, $phpEx); + $phpbb_container = $this->getMock('Symfony\Component\DependencyInjection\ContainerInterface'); + $phpbb_container->expects($this->any()) + ->method('get') + ->with('auth.provider.db') + ->will($this->returnValue($auth_provider)); + $session_factory = new phpbb_session_testable_factory; $session_factory->set_cookies(array( '_sid' => $session_id, diff --git a/tests/session/init_test.php b/tests/session/init_test.php index 830de34ed0..43af8c554f 100644 --- a/tests/session/init_test.php +++ b/tests/session/init_test.php @@ -20,7 +20,20 @@ class phpbb_session_init_test extends phpbb_database_test_case public function test_login_session_create() { + global $phpbb_container, $phpbb_root_path, $phpEx; + $db = $this->new_dbal(); + $config = new phpbb_config(array()); + $request = $this->getMock('phpbb_request'); + $user = $this->getMock('phpbb_user'); + + $auth_provider = new phpbb_auth_provider_db($db, $config, $request, $user, $phpbb_root_path, $phpEx); + $phpbb_container = $this->getMock('Symfony\Component\DependencyInjection\ContainerInterface'); + $phpbb_container->expects($this->any()) + ->method('get') + ->with('auth.provider.db') + ->will($this->returnValue($auth_provider)); + $session_factory = new phpbb_session_testable_factory; $session = $session_factory->get_session($db); From a105a6d7a7140fe94e9b0a166fa515b9e02d9e3e Mon Sep 17 00:00:00 2001 From: Andy Chase Date: Tue, 25 Jun 2013 12:39:43 -0700 Subject: [PATCH 117/157] [ticket/11615] Rename init_test to creation_test for clarity PHPBB3-11615 --- tests/session/{init_test.php => creation_test.php} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename tests/session/{init_test.php => creation_test.php} (100%) diff --git a/tests/session/init_test.php b/tests/session/creation_test.php similarity index 100% rename from tests/session/init_test.php rename to tests/session/creation_test.php From c29cca1a755461ec2bd63b7cc9292d79ae0508d6 Mon Sep 17 00:00:00 2001 From: Andy Chase Date: Tue, 25 Jun 2013 12:40:31 -0700 Subject: [PATCH 118/157] [ticket/11615] Rename class in file to match PHPBB3-11615 --- tests/session/creation_test.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/session/creation_test.php b/tests/session/creation_test.php index 2ce6c4a4ac..c5558c1577 100644 --- a/tests/session/creation_test.php +++ b/tests/session/creation_test.php @@ -10,7 +10,7 @@ require_once dirname(__FILE__) . '/../mock/cache.php'; require_once dirname(__FILE__) . '/testable_factory.php'; -class phpbb_session_init_test extends phpbb_database_test_case +class phpbb_session_creation_test extends phpbb_database_test_case { public function getDataSet() { From 4c432fecc75473c5f12a70048973a4139bdf1b22 Mon Sep 17 00:00:00 2001 From: Andy Chase Date: Tue, 25 Jun 2013 12:42:19 -0700 Subject: [PATCH 119/157] [ticket/11615] Remove magic number in creation_test Removing this magic number to its own variable with clean multiplication makes it clear what the number represents. PHPBB3-11615 --- tests/session/creation_test.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/session/creation_test.php b/tests/session/creation_test.php index c5558c1577..b9f8b18c63 100644 --- a/tests/session/creation_test.php +++ b/tests/session/creation_test.php @@ -38,7 +38,8 @@ class phpbb_session_creation_test extends phpbb_database_test_case 'Check if exacly one session for user id 3 was created' ); - $cookie_expire = $session->time_now + 31536000; // default is one year + $one_year_in_seconds = 365 * 24 * 60 * 60; + $cookie_expire = $session->time_now + $one_year_in_seconds; $session->check_cookies($this, array( 'u' => array(null, $cookie_expire), From 7ba81a293f014f3c6b161672b8fbc27e2075d239 Mon Sep 17 00:00:00 2001 From: Andy Chase Date: Tue, 25 Jun 2013 12:42:41 -0700 Subject: [PATCH 120/157] [ticket/11615] Fix typo in creation_test PHPBB3-11615 --- tests/session/creation_test.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/session/creation_test.php b/tests/session/creation_test.php index b9f8b18c63..bef52c6554 100644 --- a/tests/session/creation_test.php +++ b/tests/session/creation_test.php @@ -35,7 +35,7 @@ class phpbb_session_creation_test extends phpbb_database_test_case $this->assertSqlResultEquals( array(array('session_user_id' => 3)), $sql, - 'Check if exacly one session for user id 3 was created' + 'Check if exactly one session for user id 3 was created' ); $one_year_in_seconds = 365 * 24 * 60 * 60; From 1f989c6be774d88ffff8a8d5ac1da58f442f6174 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Thu, 27 Jun 2013 00:57:34 +0530 Subject: [PATCH 121/157] [ticket/9341] Move create_topic and post into functional test case create_topic and create_post are moved into functional test case so that they can be used by other tests as well PHPBB3-9341 --- tests/functional/posting_test.php | 101 ------------------ .../phpbb_functional_test_case.php | 101 ++++++++++++++++++ 2 files changed, 101 insertions(+), 101 deletions(-) diff --git a/tests/functional/posting_test.php b/tests/functional/posting_test.php index 9bcfcc2fda..7fd1e4fdcf 100644 --- a/tests/functional/posting_test.php +++ b/tests/functional/posting_test.php @@ -32,105 +32,4 @@ class phpbb_functional_posting_test extends phpbb_functional_test_case $crawler = self::request('GET', "posting.php?mode=quote&f=2&t={$post2['topic_id']}&p={$post2['post_id']}&sid={$this->sid}"); $this->assertContains('This is a test post posted by the testing framework.', $crawler->filter('html')->text()); } - - /** - * Creates a topic - * - * Be sure to login before creating - * - * @param int $forum_id - * @param string $subject - * @param string $message - * @param array $additional_form_data Any additional form data to be sent in the request - * @return array post_id, topic_id - */ - public function create_topic($forum_id, $subject, $message, $additional_form_data = array()) - { - $posting_url = "posting.php?mode=post&f={$forum_id}&sid={$this->sid}"; - - $form_data = array_merge(array( - 'subject' => $subject, - 'message' => $message, - 'post' => true, - ), $additional_form_data); - - return self::submit_post($posting_url, 'POST_TOPIC', $form_data); - } - - /** - * Creates a post - * - * Be sure to login before creating - * - * @param int $forum_id - * @param string $subject - * @param string $message - * @param array $additional_form_data Any additional form data to be sent in the request - * @return array post_id, topic_id - */ - public function create_post($forum_id, $topic_id, $subject, $message, $additional_form_data = array()) - { - $posting_url = "posting.php?mode=reply&f={$forum_id}&t={$topic_id}&sid={$this->sid}"; - - $form_data = array_merge(array( - 'subject' => $subject, - 'message' => $message, - 'post' => true, - ), $additional_form_data); - - return self::submit_post($posting_url, 'POST_REPLY', $form_data); - } - - /** - * Helper for submitting posts - * - * @param string $posting_url - * @param string $posting_contains - * @param array $form_data - * @return array post_id, topic_id - */ - protected function submit_post($posting_url, $posting_contains, $form_data) - { - $this->add_lang('posting'); - - $crawler = self::request('GET', $posting_url); - $this->assertContains($this->lang($posting_contains), $crawler->filter('html')->text()); - - $hidden_fields = array( - $crawler->filter('[type="hidden"]')->each(function ($node, $i) { - return array('name' => $node->getAttribute('name'), 'value' => $node->getAttribute('value')); - }), - ); - - foreach ($hidden_fields as $fields) - { - foreach($fields as $field) - { - $form_data[$field['name']] = $field['value']; - } - } - - // Bypass time restriction that said that if the lastclick time (i.e. time when the form was opened) - // is not at least 2 seconds before submission, cancel the form - $form_data['lastclick'] = 0; - - // I use a request because the form submission method does not allow you to send data that is not - // contained in one of the actual form fields that the browser sees (i.e. it ignores "hidden" inputs) - // Instead, I send it as a request with the submit button "post" set to true. - $crawler = self::request('POST', $posting_url, $form_data); - $this->assertContains($this->lang('POST_STORED'), $crawler->filter('html')->text()); - - $url = $crawler->selectLink($this->lang('VIEW_MESSAGE', '', ''))->link()->getUri(); - - $matches = $topic_id = $post_id = false; - preg_match_all('#&t=([0-9]+)(&p=([0-9]+))?#', $url, $matches); - - $topic_id = (int) (isset($matches[1][0])) ? $matches[1][0] : 0; - $post_id = (int) (isset($matches[3][0])) ? $matches[3][0] : 0; - - return array( - 'topic_id' => $topic_id, - 'post_id' => $post_id, - ); - } } diff --git a/tests/test_framework/phpbb_functional_test_case.php b/tests/test_framework/phpbb_functional_test_case.php index 97fe147d8e..ece42c5fff 100644 --- a/tests/test_framework/phpbb_functional_test_case.php +++ b/tests/test_framework/phpbb_functional_test_case.php @@ -703,4 +703,105 @@ class phpbb_functional_test_case extends phpbb_test_case return $result; } + + /** + * Creates a topic + * + * Be sure to login before creating + * + * @param int $forum_id + * @param string $subject + * @param string $message + * @param array $additional_form_data Any additional form data to be sent in the request + * @return array post_id, topic_id + */ + public function create_topic($forum_id, $subject, $message, $additional_form_data = array()) + { + $posting_url = "posting.php?mode=post&f={$forum_id}&sid={$this->sid}"; + + $form_data = array_merge(array( + 'subject' => $subject, + 'message' => $message, + 'post' => true, + ), $additional_form_data); + + return self::submit_post($posting_url, 'POST_TOPIC', $form_data); + } + + /** + * Creates a post + * + * Be sure to login before creating + * + * @param int $forum_id + * @param string $subject + * @param string $message + * @param array $additional_form_data Any additional form data to be sent in the request + * @return array post_id, topic_id + */ + public function create_post($forum_id, $topic_id, $subject, $message, $additional_form_data = array()) + { + $posting_url = "posting.php?mode=reply&f={$forum_id}&t={$topic_id}&sid={$this->sid}"; + + $form_data = array_merge(array( + 'subject' => $subject, + 'message' => $message, + 'post' => true, + ), $additional_form_data); + + return self::submit_post($posting_url, 'POST_REPLY', $form_data); + } + + /** + * Helper for submitting posts + * + * @param string $posting_url + * @param string $posting_contains + * @param array $form_data + * @return array post_id, topic_id + */ + protected function submit_post($posting_url, $posting_contains, $form_data) + { + $this->add_lang('posting'); + + $crawler = self::request('GET', $posting_url); + $this->assertContains($this->lang($posting_contains), $crawler->filter('html')->text()); + + $hidden_fields = array( + $crawler->filter('[type="hidden"]')->each(function ($node, $i) { + return array('name' => $node->getAttribute('name'), 'value' => $node->getAttribute('value')); + }), + ); + + foreach ($hidden_fields as $fields) + { + foreach($fields as $field) + { + $form_data[$field['name']] = $field['value']; + } + } + + // Bypass time restriction that said that if the lastclick time (i.e. time when the form was opened) + // is not at least 2 seconds before submission, cancel the form + $form_data['lastclick'] = 0; + + // I use a request because the form submission method does not allow you to send data that is not + // contained in one of the actual form fields that the browser sees (i.e. it ignores "hidden" inputs) + // Instead, I send it as a request with the submit button "post" set to true. + $crawler = self::request('POST', $posting_url, $form_data); + $this->assertContains($this->lang('POST_STORED'), $crawler->filter('html')->text()); + + $url = $crawler->selectLink($this->lang('VIEW_MESSAGE', '', ''))->link()->getUri(); + + $matches = $topic_id = $post_id = false; + preg_match_all('#&t=([0-9]+)(&p=([0-9]+))?#', $url, $matches); + + $topic_id = (int) (isset($matches[1][0])) ? $matches[1][0] : 0; + $post_id = (int) (isset($matches[3][0])) ? $matches[3][0] : 0; + + return array( + 'topic_id' => $topic_id, + 'post_id' => $post_id, + ); + } } From bd9ece7ab678976db58325d740124b309507b5ca Mon Sep 17 00:00:00 2001 From: Dhruv Date: Thu, 27 Jun 2013 00:59:37 +0530 Subject: [PATCH 122/157] [ticket/9341] Add tests for checking Next and Previous template vars PHPBB3-9341 --- tests/functional/paging_test.php | 33 ++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 tests/functional/paging_test.php diff --git a/tests/functional/paging_test.php b/tests/functional/paging_test.php new file mode 100644 index 0000000000..d2e52ccf09 --- /dev/null +++ b/tests/functional/paging_test.php @@ -0,0 +1,33 @@ +login(); + + $post = $this->create_topic(2, 'Test Topic 1', 'This is a test topic posted by the testing framework.'); + for ($post_id = 1; $post_id < 20; $post_id++) + { + $this->create_post(2, $post['topic_id'], 'Re: Test Topic 1', 'This is a test post no' . $post_id . ' posted by the testing framework.'); + } + $crawler = self::request('GET', "viewtopic.php?t={$post['topic_id']}&sid={$this->sid}"); + $link = $crawler->filter('#viewtopic > fieldset > a')->attr('href'); + $crawler = self::request('GET', $link); + + $crawler = self::request('GET', "viewtopic.php?t={$post['topic_id']}&sid={$this->sid}&start=10"); + $link = $crawler->filter('#viewtopic > fieldset > a')->attr('href'); + $crawler = self::request('GET', $link); + } +} From fe4bfd02a3f3b178130c7a8d8bcf66a4ab1c67d4 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sun, 23 Jun 2013 21:37:54 +0530 Subject: [PATCH 123/157] [ticket/10838] Updated RUNNING_TESTS.md PHPBB3-10838 --- tests/RUNNING_TESTS.md | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/tests/RUNNING_TESTS.md b/tests/RUNNING_TESTS.md index 26a93f0430..bde1455855 100644 --- a/tests/RUNNING_TESTS.md +++ b/tests/RUNNING_TESTS.md @@ -114,6 +114,42 @@ only want the slow tests, run: $ phpBB/vendor/bin/phpunit --group slow +Functional tests +----------------- + +Functional tests test software the way a user would. They simulate a user +browsing the website, but they do these steps in an automated way. +phpBB allows you to write such tests. This document will tell you how. + +Running +======= + +Running the tests requires your phpBB3 repository to be accessible through a +local web server. As of PHP 5.4 a builtin webserver is available. If you are +on PHP 5.3 you will also need to supply the URL to a webserver of your own in +the 'tests/test_config.php' file. This is as simple as defining the +'$phpbb_functional_url', which contains the URL for the directory containing +the board. Make sure you include the trailing slash. Testing makes use of a +seperate database defined in this config file and before running the tests +each time this database is deleted. Note that without extensive changes to the +test framework, you cannot use a board outside of the repository on which to +run tests. + + $phpbb_functional_url = 'http://localhost/phpBB3/'; + +On PHP 5.4 you do not need the $phpbb_functional_url parameter but you can +configure the port the builtin webserver runs on using + + $phpbb_functional_port = 8000; + +To then run the tests, you run PHPUnit, but use the phpunit.xml.functional +config file instead of the default one. Specify this through the "-c" option: + + phpunit -c phpunit.xml.functional + +This will change your board's config.php file, but it makes a backup at +config_dev.php, so you can restore it after the test run is complete. + More Information ================ From 8e575487ff73f3b9c05aceba7b71f06c6e0b032a Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 26 Jun 2013 19:51:52 -0400 Subject: [PATCH 124/157] [ticket/11618] Replace glob() with scandir() and string matching Removes glob from template tests as glob() does not work on all systems according to PHP documentation as has been noticed by users. PHPBB3-11618 --- tests/template/template_test.php | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/tests/template/template_test.php b/tests/template/template_test.php index e532de294c..fd68124c89 100644 --- a/tests/template/template_test.php +++ b/tests/template/template_test.php @@ -69,9 +69,14 @@ class phpbb_template_template_test extends phpbb_test_case $this->markTestSkipped("Template cache directory ({$template_cache_dir}) is not writable."); } - foreach (glob($this->template->cachepath . '*') as $file) + $file_array = scandir($template_cache_dir); + $file_prefix = basename($this->template->cachepath); + foreach ($file_array as $file) { - unlink($file); + if (strpos($file, $file_prefix) === 0) + { + unlink($template_cache_dir . '/' . $file); + } } $GLOBALS['config'] = array( @@ -84,9 +89,15 @@ class phpbb_template_template_test extends phpbb_test_case { if (is_object($this->template)) { - foreach (glob($this->template->cachepath . '*') as $file) + $template_cache_dir = dirname($this->template->cachepath); + $file_array = scandir($template_cache_dir); + $file_prefix = basename($this->template->cachepath); + foreach ($file_array as $file) { - unlink($file); + if (strpos($file, $file_prefix) === 0) + { + unlink($template_cache_dir . '/' . $file); + } } } } From 5af7d2b07f788f6795865225612175b65c596a4b Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 26 Jun 2013 21:45:16 -0400 Subject: [PATCH 125/157] [feature/auth-refactor] Change phpEx to php_ext in new classes PHPBB3-9734 --- phpBB/includes/auth/provider_apache.php | 8 ++++---- phpBB/includes/auth/provider_db.php | 10 +++++----- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/phpBB/includes/auth/provider_apache.php b/phpBB/includes/auth/provider_apache.php index adb1fb6cea..0a6811bbcb 100644 --- a/phpBB/includes/auth/provider_apache.php +++ b/phpBB/includes/auth/provider_apache.php @@ -30,16 +30,16 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface * @param phpbb_request $request * @param phpbb_user $user * @param string $phpbb_root_path - * @param string $phpEx + * @param string $php_ext */ - public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $phpbb_root_path, $phpEx) + public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $phpbb_root_path, $php_ext) { $this->db = $db; $this->config = $config; $this->request = $request; $this->user = $user; $this->phpbb_root_path = $phpbb_root_path; - $this->phpEx = $phpEx; + $this->php_ext = $php_ext; } /** @@ -183,7 +183,7 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface if (!function_exists('user_add')) { - include($this->phpbb_root_path . 'includes/functions_user.' . $this->phpEx); + include($this->phpbb_root_path . 'includes/functions_user.' . $this->php_ext); } // create the user if he does not exist yet diff --git a/phpBB/includes/auth/provider_db.php b/phpBB/includes/auth/provider_db.php index aaf9cda735..c8b0c44654 100644 --- a/phpBB/includes/auth/provider_db.php +++ b/phpBB/includes/auth/provider_db.php @@ -33,16 +33,16 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface * @param phpbb_request $request * @param phpbb_user $user * @param string $phpbb_root_path - * @param string $phpEx + * @param string $php_ext */ - public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $phpbb_root_path, $phpEx) + public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $phpbb_root_path, $php_ext) { $this->db = $db; $this->config = $config; $this->request = $request; $this->user = $user; $this->phpbb_root_path = $phpbb_root_path; - $this->phpEx = $phpEx; + $this->php_ext = $php_ext; } public function init() @@ -160,7 +160,7 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface // Visual Confirmation handling if (!class_exists('phpbb_captcha_factory', false)) { - include ($this->phpbb_root_path . 'includes/captcha/captcha_factory.' . $this->phpEx); + include ($this->phpbb_root_path . 'includes/captcha/captcha_factory.' . $this->php_ext); } $captcha = phpbb_captcha_factory::get_instance($this->config['captcha_plugin']); @@ -206,7 +206,7 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface { if (!function_exists('utf8_to_cp1252')) { - include($this->phpbb_root_path . 'includes/utf/data/recode_basic.' . $this->phpEx); + include($this->phpbb_root_path . 'includes/utf/data/recode_basic.' . $this->php_ext); } // cp1252 is phpBB2's default encoding, characters outside ASCII range might work when converted into that encoding From 69001902b98f66c8bf4c21df5920d2b070aa9a71 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Thu, 27 Jun 2013 20:47:03 +0530 Subject: [PATCH 126/157] [ticket/9341] remove PREV_PAGE tpl var used for backward compatability PHPBB3-9341 --- phpBB/includes/functions.php | 1 - 1 file changed, 1 deletion(-) diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 03a5b36a43..6a1b3fd4f8 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2346,7 +2346,6 @@ function phpbb_generate_template_pagination($template, $base_url, $block_var_nam 'A_' . $tpl_prefix . 'BASE_URL' => addslashes($base_url), $tpl_prefix . 'PER_PAGE' => $per_page, 'U_' . $tpl_prefix . 'PREVIOUS_PAGE' => $previous_page, - $tpl_prefix . 'PREV_PAGE' => $previous_page, 'U_' . $tpl_prefix . 'NEXT_PAGE' => ($on_page != $total_pages) ? $base_url . $url_delim . $start_name . '=' . ($on_page * $per_page) : '', $tpl_prefix . 'TOTAL_PAGES' => $total_pages, $tpl_prefix . 'CURRENT_PAGE' => $on_page, From 24e323d59353810293dea41d6b9b4114dd627543 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 27 Jun 2013 14:17:29 -0400 Subject: [PATCH 127/157] [feature/auth-refactor] Finish and clean up documentation PHPBB3-9734 --- phpBB/includes/auth/provider_apache.php | 26 +----------- phpBB/includes/auth/provider_db.php | 24 +++-------- phpBB/includes/auth/provider_interface.php | 46 ++++++++++++++-------- phpBB/includes/auth/provider_ldap.php | 21 +++------- 4 files changed, 43 insertions(+), 74 deletions(-) diff --git a/phpBB/includes/auth/provider_apache.php b/phpBB/includes/auth/provider_apache.php index 0a6811bbcb..054316db19 100644 --- a/phpBB/includes/auth/provider_apache.php +++ b/phpBB/includes/auth/provider_apache.php @@ -42,13 +42,6 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface $this->php_ext = $php_ext; } - /** - * Checks whether the user is identified to apache - * Only allow changing authentication to apache if the user is identified - * Called in acp_board while setting authentication plugins - * - * @return boolean|string false if the user is identified and else an error message - */ public function init() { if (!$this->request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER) || $this->user->data['username'] !== htmlspecialchars_decode($this->request->server('PHP_AUTH_USER'))) @@ -58,9 +51,6 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface return false; } - /** - * Login function - */ public function login($username, $password) { // do not allow empty password @@ -148,12 +138,6 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface ); } - /** - * Autologin function - * - * @return array containing the user row or empty if no auto login should - * take place - */ public function autologin() { if (!$this->request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) @@ -209,8 +193,8 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface * This function generates an array which can be passed to the user_add * function in order to create a user * - * @param str $username The username of the new user. - * @param str $password The password of the new user. + * @param string $username The username of the new user. + * @param string $password The password of the new user. * @return array Contains data that can be passed directly to * the user_add function. */ @@ -242,12 +226,6 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface ); } - /** - * The session validation function checks whether the user is still logged in - * - * @return boolean true if the given user is authenticated or false if - * the session should be closed - */ public function validate_session($user) { // Check if PHP_AUTH_USER is set and handle this case diff --git a/phpBB/includes/auth/provider_db.php b/phpBB/includes/auth/provider_db.php index c8b0c44654..e8fff26650 100644 --- a/phpBB/includes/auth/provider_db.php +++ b/phpBB/includes/auth/provider_db.php @@ -28,12 +28,12 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface /** * Database Authentication Constructor * - * @param phpbb_db_driver $db - * @param phpbb_config $config - * @param phpbb_request $request - * @param phpbb_user $user - * @param string $phpbb_root_path - * @param string $php_ext + * @param phpbb_db_driver $db + * @param phpbb_config $config + * @param phpbb_request $request + * @param phpbb_user $user + * @param string $phpbb_root_path + * @param string $php_ext */ public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $phpbb_root_path, $php_ext) { @@ -50,18 +50,6 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface return; } - /** - * Login function - * - * @param string $username - * @param string $password - * @return array A associative array of the format - * array( - * 'status' => status constant - * 'error_msg' => string - * 'user_row' => array - * ) - */ public function login($username, $password) { // Auth plugins get the password untrimmed. diff --git a/phpBB/includes/auth/provider_interface.php b/phpBB/includes/auth/provider_interface.php index 534f198c21..2d1935f8f0 100644 --- a/phpBB/includes/auth/provider_interface.php +++ b/phpBB/includes/auth/provider_interface.php @@ -26,31 +26,33 @@ interface phpbb_auth_provider_interface * Checks whether the user is currently identified to the authentication * provider. * Called in acp_board while setting authentication plugins. + * Changing to an authentication provider will not be permitted in acp_board + * if there is an error. * * @return boolean|string False if the user is identified, otherwise an - * error message. + * error message, or null if not implemented. */ public function init(); /** * Performs login. * - * @param $username string The name of the user being authenticated. - * @param $password string The password of the user. - * @return array An associative array of the format: - * array( - * 'status' => status constant - * 'error_msg' => string - * 'user_row' => array - * ) + * @param string $username The name of the user being authenticated. + * @param string $password The password of the user. + * @return array An associative array of the format: + * array( + * 'status' => status constant + * 'error_msg' => string + * 'user_row' => array + * ) */ public function login($username, $password); /** * Autologin function * - * @return array containing the user row or empty if no auto login should - * take place + * @return array|null containing the user row, empty if no auto login + * should take place, or null if not impletmented. */ public function autologin(); @@ -58,22 +60,32 @@ interface phpbb_auth_provider_interface * This function is used to output any required fields in the authentication * admin panel. It also defines any required configuration table fields. * - * @param type $new + * @param array $new Contains the new configuration values that have + * been set in acp_board. + * @return array|null Returns null if not implemented or an array of the + * form: + * array( + * 'tpl' => string + * 'config' => array + * ) */ public function acp($new); /** - * Special logout function. + * Performs additional actions during logout. * - * @param type $data - * @param type $new_session + * @param array $data An array corresponding to + * phpbb_session::data + * @param boolean $new_session True for a new session, false for no new + * session. */ public function logout($data, $new_session); /** - * The session validation function checks whether the user is still logged in. + * The session validation function checks whether the user is still logged + * into phpBB. * - * @param type $user + * @param array $user * @return boolean true if the given user is authenticated, false if the * session should be closed, or null if not implemented. */ diff --git a/phpBB/includes/auth/provider_ldap.php b/phpBB/includes/auth/provider_ldap.php index 67d8d8335f..2140e7dd63 100644 --- a/phpBB/includes/auth/provider_ldap.php +++ b/phpBB/includes/auth/provider_ldap.php @@ -27,9 +27,9 @@ class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface /** * LDAP Authentication Constructor * - * @param phpbb_db_driver $db - * @param phpbb_config $config - * @param phpbb_user $user + * @param phpbb_db_driver $db + * @param phpbb_config $config + * @param phpbb_user $user */ public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_user $user) { @@ -38,11 +38,6 @@ class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface $this->user = $user; } - /** - * Connect to ldap server - * Only allow changing authentication to ldap if we can connect to the ldap server - * Called in acp_board while setting authentication plugins - */ public function init() { if (!@extension_loaded('ldap')) @@ -111,9 +106,6 @@ class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface return false; } - /** - * Login function - */ public function login($username, $password) { // do not allow empty password @@ -290,10 +282,6 @@ class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface return; } - /** - * This function is used to output any required fields in the authentication - * admin panel. It also defines any required configuration table fields. - */ public function acp($new) { $tpl = ' @@ -359,6 +347,9 @@ class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface /** * Escapes an LDAP AttributeValue + * + * @param string $string The string to be escaped + * @return string The escaped string */ private function ldap_escape($string) { From 22998ee5ee2d3cb4b0e3e34083b2876ab1e9bfb1 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Fri, 28 Jun 2013 00:52:36 +0530 Subject: [PATCH 128/157] [ticket/9341] Follow the Next/Prev link in tests follow the next/prev link and then assert if the page contains its last post or not PHPBB3-9341 --- tests/functional/paging_test.php | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/tests/functional/paging_test.php b/tests/functional/paging_test.php index d2e52ccf09..d85ce49aa6 100644 --- a/tests/functional/paging_test.php +++ b/tests/functional/paging_test.php @@ -23,11 +23,15 @@ class phpbb_functional_paging_test extends phpbb_functional_test_case $this->create_post(2, $post['topic_id'], 'Re: Test Topic 1', 'This is a test post no' . $post_id . ' posted by the testing framework.'); } $crawler = self::request('GET', "viewtopic.php?t={$post['topic_id']}&sid={$this->sid}"); - $link = $crawler->filter('#viewtopic > fieldset > a')->attr('href'); - $crawler = self::request('GET', $link); + $this->assertContains('post no9', $crawler->text()); - $crawler = self::request('GET', "viewtopic.php?t={$post['topic_id']}&sid={$this->sid}&start=10"); - $link = $crawler->filter('#viewtopic > fieldset > a')->attr('href'); - $crawler = self::request('GET', $link); + $next_link = $crawler->filter('#viewtopic > fieldset > a.arrow-right')->attr('href'); + $crawler = self::request('GET', $next_link); + $this->assertContains('post no19', $crawler->text()); + + + $prev_link = $crawler->filter('#viewtopic > fieldset > a.arrow-left')->attr('href'); + $crawler = self::request('GET', $prev_link); + $this->assertContains('post no9', $crawler->text()); } } From 91e773a79538a8fa26bea1d56384379b8730ac70 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Fri, 28 Jun 2013 01:02:00 +0530 Subject: [PATCH 129/157] [ticket/9341] Assert that page doesnt contain next or prev page posts PHPBB3-9341 --- tests/functional/paging_test.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/functional/paging_test.php b/tests/functional/paging_test.php index d85ce49aa6..d5adc6ad0a 100644 --- a/tests/functional/paging_test.php +++ b/tests/functional/paging_test.php @@ -24,14 +24,16 @@ class phpbb_functional_paging_test extends phpbb_functional_test_case } $crawler = self::request('GET', "viewtopic.php?t={$post['topic_id']}&sid={$this->sid}"); $this->assertContains('post no9', $crawler->text()); + $this->assertNotContains('post no19', $crawler->text()); $next_link = $crawler->filter('#viewtopic > fieldset > a.arrow-right')->attr('href'); $crawler = self::request('GET', $next_link); $this->assertContains('post no19', $crawler->text()); - + $this->assertNotContains('post no9', $crawler->text()); $prev_link = $crawler->filter('#viewtopic > fieldset > a.arrow-left')->attr('href'); $crawler = self::request('GET', $prev_link); $this->assertContains('post no9', $crawler->text()); + $this->assertNotContains('post no19', $crawler->text()); } } From 27f0b9ff4359a60f98533aff2a87c1848d622d4c Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 28 Jun 2013 13:43:41 -0400 Subject: [PATCH 130/157] [feature/auth-refactor] Forgot @inheritdoc on methods PHPBB3-9734 --- phpBB/includes/auth/provider_apache.php | 18 ++++++++++++++++++ phpBB/includes/auth/provider_db.php | 18 ++++++++++++++++++ phpBB/includes/auth/provider_ldap.php | 18 ++++++++++++++++++ 3 files changed, 54 insertions(+) diff --git a/phpBB/includes/auth/provider_apache.php b/phpBB/includes/auth/provider_apache.php index 054316db19..5f6f2862b6 100644 --- a/phpBB/includes/auth/provider_apache.php +++ b/phpBB/includes/auth/provider_apache.php @@ -42,6 +42,9 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface $this->php_ext = $php_ext; } + /** + * {@inheritdoc} + */ public function init() { if (!$this->request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER) || $this->user->data['username'] !== htmlspecialchars_decode($this->request->server('PHP_AUTH_USER'))) @@ -51,6 +54,9 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface return false; } + /** + * {@inheritdoc} + */ public function login($username, $password) { // do not allow empty password @@ -138,6 +144,9 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface ); } + /** + * {@inheritdoc} + */ public function autologin() { if (!$this->request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) @@ -226,6 +235,9 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface ); } + /** + * {@inheritdoc} + */ public function validate_session($user) { // Check if PHP_AUTH_USER is set and handle this case @@ -245,11 +257,17 @@ class phpbb_auth_provider_apache implements phpbb_auth_provider_interface return false; } + /** + * {@inheritdoc} + */ public function acp($new) { return; } + /** + * {@inheritdoc} + */ public function logout($data, $new_session) { return; diff --git a/phpBB/includes/auth/provider_db.php b/phpBB/includes/auth/provider_db.php index e8fff26650..a79d031048 100644 --- a/phpBB/includes/auth/provider_db.php +++ b/phpBB/includes/auth/provider_db.php @@ -45,11 +45,17 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface $this->php_ext = $php_ext; } + /** + * {@inheritdoc} + */ public function init() { return; } + /** + * {@inheritdoc} + */ public function login($username, $password) { // Auth plugins get the password untrimmed. @@ -297,21 +303,33 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface ); } + /** + * {@inheritdoc} + */ public function autologin() { return; } + /** + * {@inheritdoc} + */ public function acp($new) { return; } + /** + * {@inheritdoc} + */ public function logout($data, $new_session) { return; } + /** + * {@inheritdoc} + */ public function validate_session($user) { return; diff --git a/phpBB/includes/auth/provider_ldap.php b/phpBB/includes/auth/provider_ldap.php index 2140e7dd63..f67c1e9247 100644 --- a/phpBB/includes/auth/provider_ldap.php +++ b/phpBB/includes/auth/provider_ldap.php @@ -38,6 +38,9 @@ class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface $this->user = $user; } + /** + * {@inheritdoc} + */ public function init() { if (!@extension_loaded('ldap')) @@ -106,6 +109,9 @@ class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface return false; } + /** + * {@inheritdoc} + */ public function login($username, $password) { // do not allow empty password @@ -277,11 +283,17 @@ class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface ); } + /** + * {@inheritdoc} + */ public function autologin() { return; } + /** + * {@inheritdoc} + */ public function acp($new) { $tpl = ' @@ -356,11 +368,17 @@ class phpbb_auth_provider_ldap implements phpbb_auth_provider_interface return str_replace(array('*', '\\', '(', ')'), array('\\*', '\\\\', '\\(', '\\)'), $string); } + /** + * {@inheritdoc} + */ public function logout($data, $new_session) { return; } + /** + * {@inheritdoc} + */ public function validate_session($user) { return; From 5182ec09a5ad30a40eb21e3a08fc8739e173128c Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sat, 29 Jun 2013 15:26:36 +0530 Subject: [PATCH 131/157] [ticket/11593] initialize $is_expr as null before being passed to get_varref PHPBB3-11593 --- phpBB/includes/template/filter.php | 1 + 1 file changed, 1 insertion(+) diff --git a/phpBB/includes/template/filter.php b/phpBB/includes/template/filter.php index f2bd442010..1c0a56c9f5 100644 --- a/phpBB/includes/template/filter.php +++ b/phpBB/includes/template/filter.php @@ -475,6 +475,7 @@ class phpbb_template_filter extends php_user_filter */ private function compile_var_tags(&$text_blocks) { + $is_expr = null; $text_blocks = $this->get_varref($text_blocks, $is_expr); $lang_replaced = $this->compile_language_tags($text_blocks); From 5701c753a7446acd72a3d55702db96e4a149f515 Mon Sep 17 00:00:00 2001 From: Matt Friedman Date: Sat, 29 Jun 2013 12:17:12 -0700 Subject: [PATCH 132/157] [ticket/11577] Readjust min-height to 35px Changing min-height to 35px in order to get pixel-for-pixel accurate height settings as before for topic-rows. PHPBB3-11577 --- phpBB/styles/prosilver/theme/content.css | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/styles/prosilver/theme/content.css b/phpBB/styles/prosilver/theme/content.css index 5f58addb54..4b8c972697 100644 --- a/phpBB/styles/prosilver/theme/content.css +++ b/phpBB/styles/prosilver/theme/content.css @@ -159,7 +159,7 @@ dl.icon dt .list-inner { } dl.icon dt, dl.icon dd { - min-height: 30px; + min-height: 35px; } dd.posts, dd.topics, dd.views, dd.extra, dd.mark { From 7a2e3b4354b495f7f46bc57dfde070ce7270bd25 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Mon, 3 Jun 2013 23:38:48 +0530 Subject: [PATCH 133/157] [ticket/11566] add interface for captcha Add basic captcha template while reporting post when the user is not a registered user. PHPBB3-11566 --- phpBB/report.php | 14 ++++++++++++++ phpBB/styles/prosilver/template/report_body.html | 3 +++ 2 files changed, 17 insertions(+) diff --git a/phpBB/report.php b/phpBB/report.php index c1172ec1d5..06fc086d4d 100644 --- a/phpBB/report.php +++ b/phpBB/report.php @@ -133,6 +133,13 @@ else } } +if ($config['enable_post_confirm'] && !$user->data['is_registered']) +{ + include($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx); + $captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']); + $captcha->init(CONFIRM_POST); +} + // Submit report? if ($submit && $reason_id) { @@ -224,6 +231,13 @@ display_reasons($reason_id); $page_title = ($pm_id) ? $user->lang['REPORT_MESSAGE'] : $user->lang['REPORT_POST']; +if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === false)) +{ + $template->assign_vars(array( + 'CAPTCHA_TEMPLATE' => $captcha->get_template(), + )); +} + $template->assign_vars(array( 'S_REPORT_POST' => ($pm_id) ? false : true, 'REPORT_TEXT' => $report_text, diff --git a/phpBB/styles/prosilver/template/report_body.html b/phpBB/styles/prosilver/template/report_body.html index b0c6e08049..8bf639791b 100644 --- a/phpBB/styles/prosilver/template/report_body.html +++ b/phpBB/styles/prosilver/template/report_body.html @@ -27,6 +27,9 @@

    {L_CAN_LEAVE_BLANK}
    + + +
    From eafd0ae29f649213cf71b7575131b7f5555c4e67 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Mon, 10 Jun 2013 23:52:41 +0530 Subject: [PATCH 134/157] [ticket/11566] add error functionality add $error which stores the captcha error when captcha validation fails PHPBB3-11566 --- phpBB/report.php | 149 ++++++++++++++++++++++++++--------------------- 1 file changed, 81 insertions(+), 68 deletions(-) diff --git a/phpBB/report.php b/phpBB/report.php index 06fc086d4d..7f6cd4a792 100644 --- a/phpBB/report.php +++ b/phpBB/report.php @@ -140,90 +140,101 @@ if ($config['enable_post_confirm'] && !$user->data['is_registered']) $captcha->init(CONFIRM_POST); } +$error = array(); + // Submit report? if ($submit && $reason_id) { - $sql = 'SELECT * - FROM ' . REPORTS_REASONS_TABLE . " - WHERE reason_id = $reason_id"; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - if (!$row || (!$report_text && strtolower($row['reason_title']) == 'other')) + $vc_response = $captcha->validate(); + if ($vc_response) { - trigger_error('EMPTY_REPORT'); + $error[] = $vc_response; } - $sql_ary = array( - 'reason_id' => (int) $reason_id, - 'post_id' => $post_id, - 'pm_id' => $pm_id, - 'user_id' => (int) $user->data['user_id'], - 'user_notify' => (int) $user_notify, - 'report_closed' => 0, - 'report_time' => (int) time(), - 'report_text' => (string) $report_text - ); - - $sql = 'INSERT INTO ' . REPORTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); - $db->sql_query($sql); - $report_id = $db->sql_nextid(); - - if ($post_id) + if (!sizeof($error)) { - $sql = 'UPDATE ' . POSTS_TABLE . ' - SET post_reported = 1 - WHERE post_id = ' . $post_id; - $db->sql_query($sql); + $sql = 'SELECT * + FROM ' . REPORTS_REASONS_TABLE . " + WHERE reason_id = $reason_id"; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); - if (!$report_data['topic_reported']) + if (!$row || (!$report_text && strtolower($row['reason_title']) == 'other')) { - $sql = 'UPDATE ' . TOPICS_TABLE . ' - SET topic_reported = 1 - WHERE topic_id = ' . $report_data['topic_id'] . ' - OR topic_moved_id = ' . $report_data['topic_id']; - $db->sql_query($sql); + trigger_error('EMPTY_REPORT'); } - $lang_return = $user->lang['RETURN_TOPIC']; - $lang_success = $user->lang['POST_REPORTED_SUCCESS']; - } - else - { - $sql = 'UPDATE ' . PRIVMSGS_TABLE . ' - SET message_reported = 1 - WHERE msg_id = ' . $pm_id; - $db->sql_query($sql); - $sql_ary = array( - 'msg_id' => $pm_id, - 'user_id' => ANONYMOUS, - 'author_id' => (int) $report_data['author_id'], - 'pm_deleted' => 0, - 'pm_new' => 0, - 'pm_unread' => 0, - 'pm_replied' => 0, - 'pm_marked' => 0, - 'pm_forwarded' => 0, - 'folder_id' => PRIVMSGS_INBOX, + 'reason_id' => (int) $reason_id, + 'post_id' => $post_id, + 'pm_id' => $pm_id, + 'user_id' => (int) $user->data['user_id'], + 'user_notify' => (int) $user_notify, + 'report_closed' => 0, + 'report_time' => (int) time(), + 'report_text' => (string) $report_text ); - $sql = 'INSERT INTO ' . PRIVMSGS_TO_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); + $sql = 'INSERT INTO ' . REPORTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); $db->sql_query($sql); + $report_id = $db->sql_nextid(); - $lang_return = $user->lang['RETURN_PM']; - $lang_success = $user->lang['PM_REPORTED_SUCCESS']; + if ($post_id) + { + $sql = 'UPDATE ' . POSTS_TABLE . ' + SET post_reported = 1 + WHERE post_id = ' . $post_id; + $db->sql_query($sql); + + if (!$report_data['topic_reported']) + { + $sql = 'UPDATE ' . TOPICS_TABLE . ' + SET topic_reported = 1 + WHERE topic_id = ' . $report_data['topic_id'] . ' + OR topic_moved_id = ' . $report_data['topic_id']; + $db->sql_query($sql); + } + + $lang_return = $user->lang['RETURN_TOPIC']; + $lang_success = $user->lang['POST_REPORTED_SUCCESS']; + } + else + { + $sql = 'UPDATE ' . PRIVMSGS_TABLE . ' + SET message_reported = 1 + WHERE msg_id = ' . $pm_id; + $db->sql_query($sql); + + $sql_ary = array( + 'msg_id' => $pm_id, + 'user_id' => ANONYMOUS, + 'author_id' => (int) $report_data['author_id'], + 'pm_deleted' => 0, + 'pm_new' => 0, + 'pm_unread' => 0, + 'pm_replied' => 0, + 'pm_marked' => 0, + 'pm_forwarded' => 0, + 'folder_id' => PRIVMSGS_INBOX, + ); + + $sql = 'INSERT INTO ' . PRIVMSGS_TO_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); + $db->sql_query($sql); + + $lang_return = $user->lang['RETURN_PM']; + $lang_success = $user->lang['PM_REPORTED_SUCCESS']; + } + + meta_refresh(3, $redirect_url); + + $message = $lang_success . '

    ' . sprintf($lang_return, '', ''); + if ($return_forum_url) + { + $message .= '

    ' . sprintf($user->lang['RETURN_FORUM'], '', ''); + } + trigger_error($message); } - - meta_refresh(3, $redirect_url); - - $message = $lang_success . '

    ' . sprintf($lang_return, '', ''); - if ($return_forum_url) - { - $message .= '

    ' . sprintf($user->lang['RETURN_FORUM'], '', ''); - } - trigger_error($message); } // Generate the reasons @@ -231,14 +242,16 @@ display_reasons($reason_id); $page_title = ($pm_id) ? $user->lang['REPORT_MESSAGE'] : $user->lang['REPORT_POST']; -if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === false)) +if ((isset($captcha) && $captcha->is_solved() === false)) { $template->assign_vars(array( + 'S_CONFIRM_CODE' => true, 'CAPTCHA_TEMPLATE' => $captcha->get_template(), )); } $template->assign_vars(array( + 'ERROR' => (sizeof($error)) ? implode('
    ', $error) : '', 'S_REPORT_POST' => ($pm_id) ? false : true, 'REPORT_TEXT' => $report_text, 'S_REPORT_ACTION' => append_sid("{$phpbb_root_path}report.$phpEx", 'f=' . $forum_id . '&p=' . $post_id . '&pm=' . $pm_id), From 7c9a1cbca9719eccbee11db418cb4e531f539a0c Mon Sep 17 00:00:00 2001 From: Dhruv Date: Mon, 10 Jun 2013 23:53:33 +0530 Subject: [PATCH 135/157] [ticket/11566] add error in template Check if error exists, then display it in the report post template. PHPBB3-11566 --- phpBB/styles/prosilver/template/report_body.html | 1 + 1 file changed, 1 insertion(+) diff --git a/phpBB/styles/prosilver/template/report_body.html b/phpBB/styles/prosilver/template/report_body.html index 8bf639791b..2d6a857afb 100644 --- a/phpBB/styles/prosilver/template/report_body.html +++ b/phpBB/styles/prosilver/template/report_body.html @@ -10,6 +10,7 @@

    {L_REPORT_POST_EXPLAIN}{L_REPORT_MESSAGE_EXPLAIN}

    +
    {ERROR}
    From 2c240f8a7b36feab129336b7e36273cdb9798364 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Tue, 11 Jun 2013 00:09:14 +0530 Subject: [PATCH 136/157] [ticket/11566] display error instead of trigger_error When the error report is empty display error in the template instead of trigger_error PHPBB3-11566 --- phpBB/report.php | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/phpBB/report.php b/phpBB/report.php index 7f6cd4a792..1ae0abcdc2 100644 --- a/phpBB/report.php +++ b/phpBB/report.php @@ -151,20 +151,20 @@ if ($submit && $reason_id) $error[] = $vc_response; } + $sql = 'SELECT * + FROM ' . REPORTS_REASONS_TABLE . " + WHERE reason_id = $reason_id"; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if (!$row || (!$report_text && strtolower($row['reason_title']) == 'other')) + { + $error[] = $user->lang('EMPTY_REPORT'); + } + if (!sizeof($error)) { - $sql = 'SELECT * - FROM ' . REPORTS_REASONS_TABLE . " - WHERE reason_id = $reason_id"; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - if (!$row || (!$report_text && strtolower($row['reason_title']) == 'other')) - { - trigger_error('EMPTY_REPORT'); - } - $sql_ary = array( 'reason_id' => (int) $reason_id, 'post_id' => $post_id, From c4fbed251db058d808823d2700c441383edc3e63 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Tue, 11 Jun 2013 00:20:26 +0530 Subject: [PATCH 137/157] [ticket/11566] add captcha reset and hidden fields If captcha is solved and some other error pops up, store the captcha in a hidden field. Reset captcha if reporting the post is successful PHPBB3-11566 --- phpBB/report.php | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/phpBB/report.php b/phpBB/report.php index 1ae0abcdc2..b876b5c94f 100644 --- a/phpBB/report.php +++ b/phpBB/report.php @@ -141,6 +141,7 @@ if ($config['enable_post_confirm'] && !$user->data['is_registered']) } $error = array(); +$s_hidden_fields = ''; // Submit report? if ($submit && $reason_id) @@ -165,6 +166,11 @@ if ($submit && $reason_id) if (!sizeof($error)) { + if (isset($captcha)) + { + $captcha->reset(); + } + $sql_ary = array( 'reason_id' => (int) $reason_id, 'post_id' => $post_id, @@ -235,6 +241,10 @@ if ($submit && $reason_id) } trigger_error($message); } + else if (isset($captcha) && $captcha->is_solved() !== false) + { + $s_hidden_fields .= build_hidden_fields($captcha->get_hidden_fields()); + } } // Generate the reasons @@ -255,6 +265,7 @@ $template->assign_vars(array( 'S_REPORT_POST' => ($pm_id) ? false : true, 'REPORT_TEXT' => $report_text, 'S_REPORT_ACTION' => append_sid("{$phpbb_root_path}report.$phpEx", 'f=' . $forum_id . '&p=' . $post_id . '&pm=' . $pm_id), + 'S_HIDDEN_FIELDS' => (sizeof($s_hidden_fields)) ? $s_hidden_fields : null, 'S_NOTIFY' => $user_notify, 'S_CAN_NOTIFY' => ($user->data['is_registered']) ? true : false) From 43053c541ac0f998a3925b7277cfb77f1ceafb11 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Wed, 12 Jun 2013 01:45:07 +0530 Subject: [PATCH 138/157] [ticket/11566] add tests for reporting post Functional test for reporting post and check if captcha validation is required for guests and not for registerted users PHPBB3-11566 --- tests/functional/report_post_captcha.php | 55 ++++++++++++++++++++++++ 1 file changed, 55 insertions(+) create mode 100644 tests/functional/report_post_captcha.php diff --git a/tests/functional/report_post_captcha.php b/tests/functional/report_post_captcha.php new file mode 100644 index 0000000000..6b112c3538 --- /dev/null +++ b/tests/functional/report_post_captcha.php @@ -0,0 +1,55 @@ +login(); + $crawler = self::request('GET', 'report.php?f=2&p=1'); + $this->assertNotContains($this->lang('CONFIRM_CODE'), $crawler->filter('html')->text()); + } + + public function test_guest_report_post() + { + $this->enable_reporting_guest(); + $crawler = self::request('GET', 'report.php?f=2&p=1'); + $this->assertContains($this->lang('CONFIRM_CODE'), $crawler->filter('html')->text()); + } + + protected function enable_reporting_guest() + { + $this->login(); + $this->admin_login(); + + $crawler = self::request('GET', 'adm/index.php?i=permissions&icat=12&mode=setting_group_local&sid=' . $this->sid); + $form = $crawler->selectButton('Submit')->form(); + $values = $form->getValues(); + $values["group_id[0]"] = 1; + $form->setValues($values); + $crawler = self::submit($form); + + $form = $crawler->selectButton('Submit')->form(); + $values = $form->getValues(); + $values["forum_id"] = 2; + $form->setValues($values); + $crawler = self::submit($form); + + $form = $crawler->selectButton('Apply all permissions')->form(); + $values = $form->getValues(); + $values["setting[1][2][f_report]"] = 1; + $form->setValues($values); + $crawler = self::submit($form); + + $crawler = self::request('GET', 'ucp.php?mode=logout&sid=' . $this->sid); + } +} From 1abc3d91d05919f20b31876dbafbb8edec83d724 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Wed, 12 Jun 2013 02:00:24 +0530 Subject: [PATCH 139/157] [ticket/11566] Use language variable instead of hardcode Add language variable in tests PHPBB3-11566 --- tests/functional/report_post_captcha.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/functional/report_post_captcha.php b/tests/functional/report_post_captcha.php index 6b112c3538..e0a67ab6fa 100644 --- a/tests/functional/report_post_captcha.php +++ b/tests/functional/report_post_captcha.php @@ -44,7 +44,8 @@ class phpbb_functional_report_post_captcha_test extends phpbb_functional_test_ca $form->setValues($values); $crawler = self::submit($form); - $form = $crawler->selectButton('Apply all permissions')->form(); + $this->add_lang('acp/permissions'); + $form = $crawler->selectButton($this->lang('APPLY_ALL_PERMISSIONS'))->form(); $values = $form->getValues(); $values["setting[1][2][f_report]"] = 1; $form->setValues($values); From 434d14e1d5c2341584c9d5cfd93840f3eb1a6941 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Wed, 12 Jun 2013 20:00:51 +0530 Subject: [PATCH 140/157] [ticket/11566] Revert forum permission changes Revert the f_report permission for guests in the functional tests PHPBB3-11566 --- tests/functional/report_post_captcha.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/tests/functional/report_post_captcha.php b/tests/functional/report_post_captcha.php index e0a67ab6fa..0585be1332 100644 --- a/tests/functional/report_post_captcha.php +++ b/tests/functional/report_post_captcha.php @@ -21,12 +21,13 @@ class phpbb_functional_report_post_captcha_test extends phpbb_functional_test_ca public function test_guest_report_post() { - $this->enable_reporting_guest(); + $this->set_reporting_guest(1); $crawler = self::request('GET', 'report.php?f=2&p=1'); $this->assertContains($this->lang('CONFIRM_CODE'), $crawler->filter('html')->text()); + $this->set_reporting_guest(-1); } - protected function enable_reporting_guest() + protected function set_reporting_guest($report_post_allowed) { $this->login(); $this->admin_login(); @@ -47,7 +48,7 @@ class phpbb_functional_report_post_captcha_test extends phpbb_functional_test_ca $this->add_lang('acp/permissions'); $form = $crawler->selectButton($this->lang('APPLY_ALL_PERMISSIONS'))->form(); $values = $form->getValues(); - $values["setting[1][2][f_report]"] = 1; + $values["setting[1][2][f_report]"] = $report_post_allowed; $form->setValues($values); $crawler = self::submit($form); From 88b5180aa11ba90f37d598737bb46a054382042f Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sat, 22 Jun 2013 03:54:21 +0530 Subject: [PATCH 141/157] [ticket/11566] Rename var to $visual_confirmation_response PHPBB3-11566 --- phpBB/report.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/phpBB/report.php b/phpBB/report.php index b876b5c94f..4fecaf4046 100644 --- a/phpBB/report.php +++ b/phpBB/report.php @@ -146,10 +146,10 @@ $s_hidden_fields = ''; // Submit report? if ($submit && $reason_id) { - $vc_response = $captcha->validate(); - if ($vc_response) + $visual_confirmation_response = $captcha->validate(); + if ($visual_confirmation_response) { - $error[] = $vc_response; + $error[] = $visual_confirmation_response; } $sql = 'SELECT * From 4ad1d9aa6530ebe1d554909a978b9ee124377625 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sat, 22 Jun 2013 04:07:21 +0530 Subject: [PATCH 142/157] [ticket/11566] Use the new constant CONFIRM_REPORT for captcha init PHPBB3-11566 --- phpBB/includes/constants.php | 1 + phpBB/report.php | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index 17c25ee3c6..ad5b43bc9a 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -157,6 +157,7 @@ define('PHYSICAL_LINK', 2); define('CONFIRM_REG', 1); define('CONFIRM_LOGIN', 2); define('CONFIRM_POST', 3); +define('CONFIRM_REPORT', 4); // Categories - Attachments define('ATTACHMENT_CATEGORY_NONE', 0); diff --git a/phpBB/report.php b/phpBB/report.php index 4fecaf4046..f89a18fa8e 100644 --- a/phpBB/report.php +++ b/phpBB/report.php @@ -137,7 +137,7 @@ if ($config['enable_post_confirm'] && !$user->data['is_registered']) { include($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx); $captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']); - $captcha->init(CONFIRM_POST); + $captcha->init(CONFIRM_REPORT); } $error = array(); From ea8a4abe66b7142fd8b16dc9732bac181031875a Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sun, 23 Jun 2013 21:47:42 +0530 Subject: [PATCH 143/157] [ticket/11566] Add captcha to report post template in subsilver PHPBB3-11566 --- phpBB/styles/subsilver2/template/report_body.html | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/phpBB/styles/subsilver2/template/report_body.html b/phpBB/styles/subsilver2/template/report_body.html index 7cd7d1040f..1653875799 100644 --- a/phpBB/styles/subsilver2/template/report_body.html +++ b/phpBB/styles/subsilver2/template/report_body.html @@ -3,6 +3,11 @@ + + + + + @@ -25,6 +30,9 @@ + + + From 84ec1f542365d38763b099e0cb9dcc78cc341258 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Mon, 1 Jul 2013 01:34:21 +0530 Subject: [PATCH 144/157] [ticket/11566] Check that guest doesn't have reporting permission by default PHPBB3-11566 --- tests/functional/report_post_captcha.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/functional/report_post_captcha.php b/tests/functional/report_post_captcha.php index 0585be1332..af713775c5 100644 --- a/tests/functional/report_post_captcha.php +++ b/tests/functional/report_post_captcha.php @@ -21,6 +21,10 @@ class phpbb_functional_report_post_captcha_test extends phpbb_functional_test_ca public function test_guest_report_post() { + $crawler = self::request('GET', 'report.php?f=2&p=1'); + $this->add_lang('mcp'); + $this->assertContains($this->lang('USER_CANNOT_REPORT'), $crawler->filter('html')->text()); + $this->set_reporting_guest(1); $crawler = self::request('GET', 'report.php?f=2&p=1'); $this->assertContains($this->lang('CONFIRM_CODE'), $crawler->filter('html')->text()); From d4645575fdf0b787721fb8c8a240d2bd01e784f2 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Mon, 1 Jul 2013 15:23:45 +0530 Subject: [PATCH 145/157] [ticket/11566] Remove extra pair of brackets from conditional statement PHPBB3-11566 --- phpBB/report.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/report.php b/phpBB/report.php index f89a18fa8e..c92ecdfdcc 100644 --- a/phpBB/report.php +++ b/phpBB/report.php @@ -252,7 +252,7 @@ display_reasons($reason_id); $page_title = ($pm_id) ? $user->lang['REPORT_MESSAGE'] : $user->lang['REPORT_POST']; -if ((isset($captcha) && $captcha->is_solved() === false)) +if (isset($captcha) && $captcha->is_solved() === false) { $template->assign_vars(array( 'S_CONFIRM_CODE' => true, From 045e04fb6fa55ae96ba82245010a684cd2d61e5d Mon Sep 17 00:00:00 2001 From: Dhruv Date: Mon, 1 Jul 2013 21:52:04 +0530 Subject: [PATCH 146/157] [ticket/11566] Subsilver template error displayed after table headers PHPBB3-11561 --- phpBB/styles/subsilver2/template/report_body.html | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/phpBB/styles/subsilver2/template/report_body.html b/phpBB/styles/subsilver2/template/report_body.html index 1653875799..57747ffac0 100644 --- a/phpBB/styles/subsilver2/template/report_body.html +++ b/phpBB/styles/subsilver2/template/report_body.html @@ -3,14 +3,14 @@
    {ERROR}
    {L_REPORT_POST}{L_REPORT_MESSAGE}
    {L_MORE_INFO}:
    {L_CAN_LEAVE_BLANK}
     
    - - - - - + + + + + From 66118ea49e2dc1a54ce1a76fa4856ff158df9511 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 1 Jul 2013 13:32:16 -0400 Subject: [PATCH 147/157] [feature/auth-refactor] A possible fix for the functional test failures I don't like this fix as it really shouldn't be needed. But it makes the functional tests pass. PHPBB3-9734 --- phpBB/includes/request/request.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/includes/request/request.php b/phpBB/includes/request/request.php index ae3c526d89..c0bb453c7c 100644 --- a/phpBB/includes/request/request.php +++ b/phpBB/includes/request/request.php @@ -79,7 +79,7 @@ class phpbb_request implements phpbb_request_interface // simulate request_order = GP $this->original_request = $this->input[phpbb_request_interface::REQUEST]; - $this->input[phpbb_request_interface::REQUEST] = $this->input[phpbb_request_interface::POST] + $this->input[phpbb_request_interface::GET]; + $this->input[phpbb_request_interface::REQUEST] = (array)$this->input[phpbb_request_interface::POST] + (array)$this->input[phpbb_request_interface::GET]; if ($disable_super_globals) { From 9e3d5420adeb93fd2d51ce6d8e5f5c91ae8f6382 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Tue, 2 Jul 2013 00:10:30 +0530 Subject: [PATCH 148/157] [ticket/11585] Make $auth_admin class property $auth_admin is class property and used via $this reference in all methods PHPBB3-11585 --- phpBB/includes/acp/acp_permission_roles.php | 25 ++++++++++----------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/phpBB/includes/acp/acp_permission_roles.php b/phpBB/includes/acp/acp_permission_roles.php index 004187af84..e830479389 100644 --- a/phpBB/includes/acp/acp_permission_roles.php +++ b/phpBB/includes/acp/acp_permission_roles.php @@ -21,6 +21,7 @@ if (!defined('IN_PHPBB')) class acp_permission_roles { var $u_action; + protected $auth_admin; function main($id, $mode) { @@ -30,7 +31,7 @@ class acp_permission_roles include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx); include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx); - $auth_admin = new auth_admin(); + $this->auth_admin = new auth_admin(); $user->add_lang('acp/permissions'); add_permission_language(); @@ -210,7 +211,7 @@ class acp_permission_roles } // Now add the auth settings - $auth_admin->acl_set_role($role_id, $auth_settings); + $this->auth_admin->acl_set_role($role_id, $auth_settings); $role_name = (!empty($user->lang[$role_name])) ? $user->lang[$role_name] : $role_name; add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_' . strtoupper($action), $role_name); @@ -343,7 +344,7 @@ class acp_permission_roles // Get users/groups/forums using this preset... if ($action == 'edit') { - $hold_ary = $auth_admin->get_role_mask($role_id); + $hold_ary = $this->auth_admin->get_role_mask($role_id); if (sizeof($hold_ary)) { @@ -354,7 +355,7 @@ class acp_permission_roles 'L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name)) ); - $auth_admin->display_role_mask($hold_ary); + $this->auth_admin->display_role_mask($hold_ary); } } @@ -445,8 +446,8 @@ class acp_permission_roles 'S_DISPLAY_ROLE_MASK' => true) ); - $hold_ary = $auth_admin->get_role_mask($display_item); - $auth_admin->display_role_mask($hold_ary); + $hold_ary = $this->auth_admin->get_role_mask($display_item); + $this->auth_admin->display_role_mask($hold_ary); } } @@ -462,7 +463,7 @@ class acp_permission_roles $auth_options = array(0 => $auth_options); // Making use of auth_admin method here (we do not really want to change two similar code fragments) - auth_admin::build_permission_array($auth_options, $content_array, $categories, $key_sort_array); + $this->auth_admin->build_permission_array($auth_options, $content_array, $categories, $key_sort_array); $content_array = $content_array[0]; @@ -500,8 +501,6 @@ class acp_permission_roles { global $db; - $auth_admin = new auth_admin(); - // Get complete auth array $sql = 'SELECT auth_option, auth_option_id FROM ' . ACL_OPTIONS_TABLE . " @@ -529,19 +528,19 @@ class acp_permission_roles $db->sql_freeresult($result); // Get role assignments - $hold_ary = $auth_admin->get_role_mask($role_id); + $hold_ary = $this->auth_admin->get_role_mask($role_id); // Re-assign permissions foreach ($hold_ary as $forum_id => $forum_ary) { if (isset($forum_ary['users'])) { - $auth_admin->acl_set('user', $forum_id, $forum_ary['users'], $auth_settings, 0, false); + $this->auth_admin->acl_set('user', $forum_id, $forum_ary['users'], $auth_settings, 0, false); } if (isset($forum_ary['groups'])) { - $auth_admin->acl_set('group', $forum_id, $forum_ary['groups'], $auth_settings, 0, false); + $this->auth_admin->acl_set('group', $forum_id, $forum_ary['groups'], $auth_settings, 0, false); } } @@ -563,6 +562,6 @@ class acp_permission_roles WHERE role_id = ' . $role_id; $db->sql_query($sql); - $auth_admin->acl_clear_prefetch(); + $this->auth_admin->acl_clear_prefetch(); } } From 5ed4dbb5b7aa4a0a00560eb7f3226d81ce54eca5 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sun, 23 Jun 2013 22:40:55 +0530 Subject: [PATCH 149/157] [ticket/10838] separate database used mentioned in unit tests Separate database used for tests which is deleted each time tests are run information is added to unit tests. PHPBB3-10838 --- tests/RUNNING_TESTS.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/RUNNING_TESTS.md b/tests/RUNNING_TESTS.md index bde1455855..49c59fd928 100644 --- a/tests/RUNNING_TESTS.md +++ b/tests/RUNNING_TESTS.md @@ -47,9 +47,11 @@ Database Tests By default all tests requiring a database connection will use sqlite. If you do not have sqlite installed the tests will be skipped. If you wish to run the tests on a different database you have to create a test_config.php file within -your tests directory following the same format as phpBB's config.php. An -example for mysqli can be found below. More information on configuration -options can be found on the wiki (see below). +your tests directory following the same format as phpBB's config.php. Testing +makes use of a seperate database defined in this config file and before running +the tests each time this database is deleted. An example for mysqli can be +found below. More information on configuration options can be found on the +wiki (see below). Date: Thu, 27 Jun 2013 18:38:44 +0530 Subject: [PATCH 150/157] [ticket/10838] Fix missing data PHPBB3-10838 --- tests/RUNNING_TESTS.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/RUNNING_TESTS.md b/tests/RUNNING_TESTS.md index 49c59fd928..d43e503e03 100644 --- a/tests/RUNNING_TESTS.md +++ b/tests/RUNNING_TESTS.md @@ -130,7 +130,7 @@ Running the tests requires your phpBB3 repository to be accessible through a local web server. As of PHP 5.4 a builtin webserver is available. If you are on PHP 5.3 you will also need to supply the URL to a webserver of your own in the 'tests/test_config.php' file. This is as simple as defining the -'$phpbb_functional_url', which contains the URL for the directory containing +'$phpbb_functional_url' variable, which contains the URL for the directory containing the board. Make sure you include the trailing slash. Note that without extensive changes to the test framework, you cannot use a board outside of the repository on which to run tests. @@ -145,7 +145,7 @@ configure the port the builtin webserver runs on using To then run the tests, you run PHPUnit, but use the phpunit.xml.functional config file instead of the default one. Specify this through the "-c" option: - phpunit -c phpunit.xml.functional + $ phpBB/vendor/bin/phpunit -c phpunit.xml.functional This will change your board's config.php file, but it makes a backup at config_dev.php, so you can restore it after the test run is complete. From 89393e11e8e10632520dc80dab638635d773e643 Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sat, 29 Jun 2013 18:42:17 +0530 Subject: [PATCH 151/157] [ticket/10838] Remove php 5.4 and builtin server references PHPBB3-10838 --- tests/RUNNING_TESTS.md | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/tests/RUNNING_TESTS.md b/tests/RUNNING_TESTS.md index d43e503e03..a6448c9b09 100644 --- a/tests/RUNNING_TESTS.md +++ b/tests/RUNNING_TESTS.md @@ -127,8 +127,7 @@ Running ======= Running the tests requires your phpBB3 repository to be accessible through a -local web server. As of PHP 5.4 a builtin webserver is available. If you are -on PHP 5.3 you will also need to supply the URL to a webserver of your own in +local web server. You will need to supply the URL to the webserver in the 'tests/test_config.php' file. This is as simple as defining the '$phpbb_functional_url' variable, which contains the URL for the directory containing the board. Make sure you include the trailing slash. Note that without extensive @@ -137,11 +136,6 @@ on which to run tests. $phpbb_functional_url = 'http://localhost/phpBB3/'; -On PHP 5.4 you do not need the $phpbb_functional_url parameter but you can -configure the port the builtin webserver runs on using - - $phpbb_functional_port = 8000; - To then run the tests, you run PHPUnit, but use the phpunit.xml.functional config file instead of the default one. Specify this through the "-c" option: From 440986dc3f941835febf75a30f41b69cb748a15a Mon Sep 17 00:00:00 2001 From: Dhruv Date: Sat, 29 Jun 2013 19:32:15 +0530 Subject: [PATCH 152/157] [ticket/10838] Fix URL for wiki and remove irrelevant line PHPBB3-10838 --- tests/RUNNING_TESTS.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/RUNNING_TESTS.md b/tests/RUNNING_TESTS.md index a6448c9b09..23c74f4411 100644 --- a/tests/RUNNING_TESTS.md +++ b/tests/RUNNING_TESTS.md @@ -121,7 +121,7 @@ Functional tests Functional tests test software the way a user would. They simulate a user browsing the website, but they do these steps in an automated way. -phpBB allows you to write such tests. This document will tell you how. +phpBB allows you to write such tests. Running ======= @@ -148,4 +148,4 @@ More Information ================ Further information is available on phpbb wiki: -http://wiki.phpbb.com/Unit_Tests +http://wiki.phpbb.com/Automated_Tests From f48effb00197a9ace8de82f3a961992215113257 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 1 Jul 2013 22:37:55 -0400 Subject: [PATCH 153/157] [feature/auth-refactor] Fix the actual cause of test failures Enables super globals before the new container is instantiated in the final step of installation to prevent issues caused by trying to create a phpbb_request object when super globals are disabled. PHPBB3-9734 --- phpBB/includes/request/request.php | 2 +- phpBB/install/install_install.php | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/phpBB/includes/request/request.php b/phpBB/includes/request/request.php index c0bb453c7c..ae3c526d89 100644 --- a/phpBB/includes/request/request.php +++ b/phpBB/includes/request/request.php @@ -79,7 +79,7 @@ class phpbb_request implements phpbb_request_interface // simulate request_order = GP $this->original_request = $this->input[phpbb_request_interface::REQUEST]; - $this->input[phpbb_request_interface::REQUEST] = (array)$this->input[phpbb_request_interface::POST] + (array)$this->input[phpbb_request_interface::GET]; + $this->input[phpbb_request_interface::REQUEST] = $this->input[phpbb_request_interface::POST] + $this->input[phpbb_request_interface::GET]; if ($disable_super_globals) { diff --git a/phpBB/install/install_install.php b/phpBB/install/install_install.php index 5bf3f572d9..3d7b6f7c88 100644 --- a/phpBB/install/install_install.php +++ b/phpBB/install/install_install.php @@ -53,7 +53,7 @@ class install_install extends module function main($mode, $sub) { global $lang, $template, $language, $phpbb_root_path, $phpEx; - global $phpbb_container, $cache, $phpbb_log; + global $phpbb_container, $cache, $phpbb_log, $request; switch ($sub) { @@ -102,6 +102,9 @@ class install_install extends module break; case 'final': + // Enable super globals to prevent issues with the new phpbb_request object + $request->enable_super_globals(); + // Create a normal container now $phpbb_container = phpbb_create_default_container($phpbb_root_path, $phpEx); From 274308148991a498eab875826d6c7615acdef108 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 2 Jul 2013 00:04:17 -0400 Subject: [PATCH 154/157] [feature/auth-refactor] Fix comment grammar PHPBB3-9734 --- phpBB/includes/auth/provider_db.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/includes/auth/provider_db.php b/phpBB/includes/auth/provider_db.php index a79d031048..894041c9cf 100644 --- a/phpBB/includes/auth/provider_db.php +++ b/phpBB/includes/auth/provider_db.php @@ -147,7 +147,7 @@ class phpbb_auth_provider_db implements phpbb_auth_provider_interface $show_captcha = ($this->config['max_login_attempts'] && $row['user_login_attempts'] >= $this->config['max_login_attempts']) || ($this->config['ip_login_limit_max'] && $attempts >= $this->config['ip_login_limit_max']); - // If there are too much login attempts, we need to check for an confirm image + // If there are too many login attempts, we need to check for a confirm image // Every auth module is able to define what to do by itself... if ($show_captcha) { From f9672e9b45a0f0d26702ca0f55a884a24e21bf77 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 2 Jul 2013 14:03:22 -0400 Subject: [PATCH 155/157] [feature/auth-refactor] Fix code style issue PHPBB3-9734 --- phpBB/includes/acp/acp_board.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 4d07f96c6f..24b913260b 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -660,8 +660,8 @@ class acp_board if ($fields['tpl']) { $template->assign_block_vars('auth_tpl', array( - 'TPL' => $fields['tpl']) - ); + 'TPL' => $fields['tpl'], + )); } unset($fields); } From fba3a9d600e9b79c8530b026fa781c99ea9ba833 Mon Sep 17 00:00:00 2001 From: Matt Friedman Date: Tue, 2 Jul 2013 16:52:15 -0700 Subject: [PATCH 156/157] [ticket/11617] Missing U_ACTION in acp_captcha.php http://tracker.phpbb.com/browse/PHPBB3-11617 PHPBB3-11617 --- phpBB/includes/acp/acp_captcha.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/phpBB/includes/acp/acp_captcha.php b/phpBB/includes/acp/acp_captcha.php index 469a367bba..5b553d6a0d 100644 --- a/phpBB/includes/acp/acp_captcha.php +++ b/phpBB/includes/acp/acp_captcha.php @@ -124,6 +124,8 @@ class acp_captcha 'CAPTCHA_PREVIEW_TPL' => $demo_captcha->get_demo_template($id), 'S_CAPTCHA_HAS_CONFIG' => $demo_captcha->has_config(), 'CAPTCHA_SELECT' => $captcha_select, + + 'U_ACTION' => $this->u_action, )); } } From 5ef4987ffe15fe1fbafc9d9eae005f29a028dd3e Mon Sep 17 00:00:00 2001 From: Matt Friedman Date: Tue, 2 Jul 2013 18:47:56 -0700 Subject: [PATCH 157/157] [ticket/11617] Remove spaces and tabs from empty lines PHPBB3-11617 --- phpBB/includes/acp/acp_captcha.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/includes/acp/acp_captcha.php b/phpBB/includes/acp/acp_captcha.php index 5b553d6a0d..bfec7c27d8 100644 --- a/phpBB/includes/acp/acp_captcha.php +++ b/phpBB/includes/acp/acp_captcha.php @@ -124,7 +124,7 @@ class acp_captcha 'CAPTCHA_PREVIEW_TPL' => $demo_captcha->get_demo_template($id), 'S_CAPTCHA_HAS_CONFIG' => $demo_captcha->has_config(), 'CAPTCHA_SELECT' => $captcha_select, - + 'U_ACTION' => $this->u_action, )); }
    {ERROR}
    {L_REPORT_POST}{L_REPORT_MESSAGE}
    {ERROR}
    {L_REPORT_POST_EXPLAIN}{L_REPORT_MESSAGE_EXPLAIN}