From 9b1c8531e36b9b88d676985a43e59bdf7e819516 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Wed, 26 Dec 2007 15:33:06 +0000 Subject: [PATCH 0016/1780] re-allow disabling of word censors (we somehow forgot to commit this, i really do not know why :/) git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8286 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/docs/CHANGELOG.html | 1 + phpBB/includes/functions_content.php | 15 ++++++++++++--- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index 00f54c0abf..3537cb5a0b 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -86,6 +86,7 @@

1.i. Changes since 3.0.RC8

diff --git a/phpBB/includes/functions_content.php b/phpBB/includes/functions_content.php index b072895226..c0acd2eb41 100644 --- a/phpBB/includes/functions_content.php +++ b/phpBB/includes/functions_content.php @@ -647,12 +647,21 @@ function make_clickable($text, $server_url = false, $class = 'postlink') function censor_text($text) { static $censors; - global $cache; + // We moved the word censor checks in here because we call this function quite often - and then only need to do the check once if (!isset($censors) || !is_array($censors)) { - // obtain_word_list is taking care of the users censor option and the board-wide option - $censors = $cache->obtain_word_list(); + global $config, $user, $auth, $cache; + + // We check here if the user is having viewing censors disabled (and also allowed to do so). + if (!$user->optionget('viewcensors') && $config['allow_nocensors'] && $auth->acl_get('u_chgcensors')) + { + $censors = array(); + } + else + { + $censors = $cache->obtain_word_list(); + } } if (sizeof($censors)) From 8ec08728a6fde09c180eb79bef060fe563852e58 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Thu, 27 Dec 2007 16:04:42 +0000 Subject: [PATCH 0017/1780] Ticket #17705 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8287 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/language/en/acp/posting.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/language/en/acp/posting.php b/phpBB/language/en/acp/posting.php index a9a3547338..2f390dfebd 100644 --- a/phpBB/language/en/acp/posting.php +++ b/phpBB/language/en/acp/posting.php @@ -54,7 +54,7 @@ $lang = array_merge($lang, array( 'BBCODE_TAG_TOO_LONG' => 'The tag name you selected is too long.', 'BBCODE_TAG_DEF_TOO_LONG' => 'The tag definition that you have entered is too long, please shorten your tag definition.', 'BBCODE_USAGE' => 'BBCode usage', - 'BBCODE_USAGE_EXAMPLE' => '[hilight={COLOR}]{TEXT}[/hilight]

[font={SIMPLETEXT1}]{SIMPLETEXT2}[/font]', + 'BBCODE_USAGE_EXAMPLE' => '[highlight={COLOR}]{TEXT}[/highlight]

[font={SIMPLETEXT1}]{SIMPLETEXT2}[/font]', 'BBCODE_USAGE_EXPLAIN' => 'Here you define how to use the BBCode. Replace any variable input by the corresponding token (%ssee below%s).', 'EXAMPLE' => 'Example:', From 12e59cf347268871713da078c2b86ea116409c61 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Thu, 27 Dec 2007 16:27:24 +0000 Subject: [PATCH 0018/1780] Ticket #16945 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8288 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/language/en/acp/permissions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/language/en/acp/permissions.php b/phpBB/language/en/acp/permissions.php index 8bddbebbd3..bba425d076 100644 --- a/phpBB/language/en/acp/permissions.php +++ b/phpBB/language/en/acp/permissions.php @@ -115,7 +115,7 @@ $lang = array_merge($lang, array( 'DEFAULT' => 'Default', 'DELETE_ROLE' => 'Delete role', - 'DELETE_ROLE_CONFIRM' => 'Are you sure you want to remove this role? Items having this role assigned will not loose their permission settings.', + 'DELETE_ROLE_CONFIRM' => 'Are you sure you want to remove this role? Items having this role assigned will not lose their permission settings.', 'DISPLAY_ROLE_ITEMS' => 'View items using this role', 'EDIT_PERMISSIONS' => 'Edit permissions', From d05cbff51b0ad185fd3425cd48c1f4525940e6c9 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Thu, 27 Dec 2007 16:36:24 +0000 Subject: [PATCH 0019/1780] Ticket #16825 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8289 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/styles/subsilver2/template/mcp_warn_post.html | 1 + 1 file changed, 1 insertion(+) diff --git a/phpBB/styles/subsilver2/template/mcp_warn_post.html b/phpBB/styles/subsilver2/template/mcp_warn_post.html index f12b1a4ba8..1ad5757f15 100644 --- a/phpBB/styles/subsilver2/template/mcp_warn_post.html +++ b/phpBB/styles/subsilver2/template/mcp_warn_post.html @@ -41,6 +41,7 @@ {L_ADD_WARNING_EXPLAIN} + From b870474810e7b513b70755c80e3eeb3105b4116b Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Thu, 27 Dec 2007 17:34:05 +0000 Subject: [PATCH 0020/1780] #16695 #s17235 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8290 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/docs/CHANGELOG.html | 2 ++ phpBB/install/install_convert.php | 7 +++--- phpBB/install/install_install.php | 39 +++++++++++++++++++------------ 3 files changed, 29 insertions(+), 19 deletions(-) diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index 3537cb5a0b..d2e8fb02ae 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -87,6 +87,8 @@
  • [Change] Validate birthdays (Bug #15004)
  • [Fix] Allow correct avatar caching for CGI installations. (thanks wildbill)
  • [Fix] Fix disabling of word censor, now possible again
    • +
  • [Fix] Allow single quotes in db password to be stored within config.php in installer
    • +
  • [Fix] Correctly quote db password for re-display in installer (Bug #16695 / thanks to m313 for reporting too - #s17235)

    • 1.i. Changes since 3.0.RC8

    diff --git a/phpBB/install/install_convert.php b/phpBB/install/install_convert.php index d1e36ec4a4..f1544c931a 100644 --- a/phpBB/install/install_convert.php +++ b/phpBB/install/install_convert.php @@ -422,8 +422,7 @@ class install_convert extends module } else { - $src_dbpasswd = htmlspecialchars_decode($src_dbpasswd); - $connect_test = connect_check_db(true, $error, $available_dbms[$src_dbms], $src_table_prefix, $src_dbhost, $src_dbuser, $src_dbpasswd, $src_dbname, $src_dbport, true, ($src_dbms == $dbms) ? false : true, false); + $connect_test = connect_check_db(true, $error, $available_dbms[$src_dbms], $src_table_prefix, $src_dbhost, $src_dbuser, htmlspecialchars_decode($src_dbpasswd), $src_dbname, $src_dbport, true, ($src_dbms == $dbms) ? false : true, false); } // The forum prefix of the old and the new forum can only be the same if two different databases are used. @@ -443,7 +442,7 @@ class install_convert extends module { $sql_db = 'dbal_' . $src_dbms; $src_db = new $sql_db(); - $src_db->sql_connect($src_dbhost, $src_dbuser, $src_dbpasswd, $src_dbname, $src_dbport, false, true); + $src_db->sql_connect($src_dbhost, $src_dbuser, htmlspecialchars_decode($src_dbpasswd), $src_dbname, $src_dbport, false, true); $same_db = false; } else @@ -666,7 +665,7 @@ class install_convert extends module } $sql_db = 'dbal_' . $convert->src_dbms; $src_db = new $sql_db(); - $src_db->sql_connect($convert->src_dbhost, $convert->src_dbuser, $convert->src_dbpasswd, $convert->src_dbname, $convert->src_dbport, false, true); + $src_db->sql_connect($convert->src_dbhost, $convert->src_dbuser, htmlspecialchars_decode($convert->src_dbpasswd), $convert->src_dbname, $convert->src_dbport, false, true); $same_db = false; } else diff --git a/phpBB/install/install_install.php b/phpBB/install/install_install.php index 3afdb66e1e..2c4d9a0fda 100755 --- a/phpBB/install/install_install.php +++ b/phpBB/install/install_install.php @@ -551,7 +551,7 @@ class install_install extends module } else { - $connect_test = connect_check_db(true, $error, $available_dbms[$data['dbms']], $data['table_prefix'], $data['dbhost'], $data['dbuser'], $data['dbpasswd'], $data['dbname'], $data['dbport']); + $connect_test = connect_check_db(true, $error, $available_dbms[$data['dbms']], $data['table_prefix'], $data['dbhost'], $data['dbuser'], htmlspecialchars_decode($data['dbpasswd']), $data['dbname'], $data['dbport']); } $template->assign_block_vars('checks', array( @@ -884,17 +884,26 @@ class install_install extends module // Time to convert the data provided into a config file $config_data = " $available_dbms[$data['dbms']]['DRIVER'], + 'dbhost' => $data['dbhost'], + 'dbport' => $data['dbport'], + 'dbname' => $data['dbname'], + 'dbuser' => $data['dbuser'], + 'dbpasswd' => htmlspecialchars_decode($data['dbpasswd']), + 'table_prefix' => $data['table_prefix'], + 'acm_type' => 'file', + 'load_extensions' => $load_extensions, + ); + + foreach ($config_data_array as $key => $value) + { + $config_data .= "\${$key} = '" . str_replace("'", "\\'", str_replace('\\', '\\\\', $value)) . "';\n"; + } + unset($config_data_array); + + $config_data .= "\n@define('PHPBB_INSTALLED', true);\n"; $config_data .= "// @define('DEBUG', true);\n"; $config_data .= "// @define('DEBUG_EXTRA', true);\n"; $config_data .= '?' . '>'; // Done this to prevent highlighting editors getting confused! @@ -1124,7 +1133,7 @@ class install_install extends module // Instantiate the database $db = new $sql_db(); - $db->sql_connect($data['dbhost'], $data['dbuser'], $data['dbpasswd'], $data['dbname'], $data['dbport'], false, false); + $db->sql_connect($data['dbhost'], $data['dbuser'], htmlspecialchars_decode($data['dbpasswd']), $data['dbname'], $data['dbport'], false, false); // NOTE: trigger_error does not work here. $db->sql_return_on_error(true); @@ -1408,7 +1417,7 @@ class install_install extends module // Instantiate the database $db = new $sql_db(); - $db->sql_connect($data['dbhost'], $data['dbuser'], $data['dbpasswd'], $data['dbname'], $data['dbport'], false, false); + $db->sql_connect($data['dbhost'], $data['dbuser'], htmlspecialchars_decode($data['dbpasswd']), $data['dbname'], $data['dbport'], false, false); // NOTE: trigger_error does not work here. $db->sql_return_on_error(true); @@ -1948,7 +1957,7 @@ class install_install extends module 'dbhost' => request_var('dbhost', ''), 'dbport' => request_var('dbport', ''), 'dbuser' => request_var('dbuser', ''), - 'dbpasswd' => htmlspecialchars_decode(request_var('dbpasswd', '', true)), + 'dbpasswd' => request_var('dbpasswd', '', true), 'dbname' => request_var('dbname', ''), 'table_prefix' => request_var('table_prefix', ''), 'default_lang' => basename(request_var('default_lang', '')), From 00f0159ea292aacf23a3c4cfcfb854689ee5a1c0 Mon Sep 17 00:00:00 2001 From: Henry Sudhof Date: Wed, 2 Jan 2008 15:34:33 +0000 Subject: [PATCH 0021/1780] Some issues with change_lang and VC / form tokens Small stuff. #18325 #17415 #17085 #16515 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8291 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/adm/index.php | 4 +-- phpBB/includes/functions_profile_fields.php | 2 +- phpBB/includes/ucp/ucp_register.php | 37 +++++++++++++++------ 3 files changed, 29 insertions(+), 14 deletions(-) diff --git a/phpBB/adm/index.php b/phpBB/adm/index.php index e69e83d041..52810646ec 100644 --- a/phpBB/adm/index.php +++ b/phpBB/adm/index.php @@ -45,8 +45,8 @@ define('IN_ADMIN', true); $phpbb_admin_path = (defined('PHPBB_ADMIN_PATH')) ? PHPBB_ADMIN_PATH : './'; // Some oft used variables -$safe_mode = (@ini_get('safe_mode') || @strtolower(ini_get('safe_mode')) == 'on') ? true : false; -$file_uploads = (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on') ? true : false; +$safe_mode = (@ini_get('safe_mode') === '1' || @strtolower(ini_get('safe_mode')) === 'on') ? true : false; +$file_uploads = (@ini_get('file_uploads') === '1' || strtolower(@ini_get('file_uploads')) === 'on') ? true : false; $module_id = request_var('i', ''); $mode = request_var('mode', ''); diff --git a/phpBB/includes/functions_profile_fields.php b/phpBB/includes/functions_profile_fields.php index 6cccd7ffe5..63b506c5b8 100644 --- a/phpBB/includes/functions_profile_fields.php +++ b/phpBB/includes/functions_profile_fields.php @@ -666,7 +666,7 @@ class custom_profile } $profile_row['s_year_options'] = ''; - for ($i = $now['year'] - 100; $i <= $now['year']; $i++) + for ($i = $now['year'] - 100; $i <= $now['year'] + 100; $i++) { $profile_row['s_year_options'] .= '"; } diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index 91660020e9..4c2129ee95 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -46,8 +46,8 @@ class ucp_register // not so fast, buddy - if (($submit && !check_form_key('ucp_register', false, '', false, $config['min_time_reg'])) - || (!$submit && !check_form_key('ucp_register_terms', false, '', false, $config['min_time_terms']))) + if (!check_form_key('ucp_register', false, '', false, $config['min_time_reg']) + && !check_form_key('ucp_register_terms', false, '', false, $config['min_time_terms'])) { $agreed = false; } @@ -103,12 +103,13 @@ class ucp_register // If we change the language, we want to pass on some more possible parameter. if ($change_lang) { - // We do not include the password! + // We do not include the password and not the captcha $s_hidden_fields = array_merge($s_hidden_fields, array( 'username' => utf8_normalize_nfc(request_var('username', '', true)), 'email' => strtolower(request_var('email', '')), 'email_confirm' => strtolower(request_var('email_confirm', '')), 'confirm_code' => request_var('confirm_code', ''), + 'confirm_id' => request_var('confirm_id', ''), 'lang' => $user->lang_name, 'tz' => request_var('tz', (float) $config['board_timezone']), )); @@ -451,13 +452,32 @@ class ucp_register $confirm_image = ''; // Visual Confirmation - Show images + if ($config['enable_confirm']) { - $str = ''; - if (!$change_lang) + if ($change_lang) + { + $str = '&change_lang=' . $change_lang; + $sql = 'SELECT code + FROM ' . CONFIRM_TABLE . " + WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "' + AND session_id = '" . $db->sql_escape($user->session_id) . "' + AND confirm_type = " . CONFIRM_REG; + $result = $db->sql_query($sql); + if (!$row = $db->sql_fetchrow($result)) + { + $confirm_id = ''; + } + $db->sql_freeresult($result); + } + else + { + $str = ''; + } + if (!$change_lang || !$confirm_id) { $user->confirm_gc(CONFIRM_REG); - + $sql = 'SELECT COUNT(session_id) AS attempts FROM ' . CONFIRM_TABLE . " WHERE session_id = '" . $db->sql_escape($user->session_id) . "' @@ -487,11 +507,6 @@ class ucp_register ); $db->sql_query($sql); } - else - { - $str .= '&change_lang=' . $change_lang; - } - $confirm_image = ''; $s_hidden_fields .= ''; } From 73e18dcd5afd641b876dd6c4adae405f364cea0f Mon Sep 17 00:00:00 2001 From: Henry Sudhof Date: Wed, 2 Jan 2008 15:56:43 +0000 Subject: [PATCH 0022/1780] A few very minor changes to avoid curveballs. git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8292 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/adm/index.php | 4 ++-- phpBB/includes/ucp/ucp_register.php | 2 +- phpBB/install/install_install.php | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/phpBB/adm/index.php b/phpBB/adm/index.php index 52810646ec..a3b173ac7a 100644 --- a/phpBB/adm/index.php +++ b/phpBB/adm/index.php @@ -45,8 +45,8 @@ define('IN_ADMIN', true); $phpbb_admin_path = (defined('PHPBB_ADMIN_PATH')) ? PHPBB_ADMIN_PATH : './'; // Some oft used variables -$safe_mode = (@ini_get('safe_mode') === '1' || @strtolower(ini_get('safe_mode')) === 'on') ? true : false; -$file_uploads = (@ini_get('file_uploads') === '1' || strtolower(@ini_get('file_uploads')) === 'on') ? true : false; +$safe_mode = (@ini_get('safe_mode') == '1' || @strtolower(ini_get('safe_mode')) === 'on') ? true : false; +$file_uploads = (@ini_get('file_uploads') == '1' || strtolower(@ini_get('file_uploads')) === 'on') ? true : false; $module_id = request_var('i', ''); $mode = request_var('mode', ''); diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index 4c2129ee95..09649ebe68 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -103,7 +103,7 @@ class ucp_register // If we change the language, we want to pass on some more possible parameter. if ($change_lang) { - // We do not include the password and not the captcha + // We do not include the password $s_hidden_fields = array_merge($s_hidden_fields, array( 'username' => utf8_normalize_nfc(request_var('username', '', true)), 'email' => strtolower(request_var('email', '')), diff --git a/phpBB/install/install_install.php b/phpBB/install/install_install.php index 2c4d9a0fda..bce3cec730 100755 --- a/phpBB/install/install_install.php +++ b/phpBB/install/install_install.php @@ -151,7 +151,7 @@ class install_install extends module // We also give feedback on whether we're running in safe mode $result = '' . $lang['YES']; - if (@ini_get('safe_mode') || strtolower(@ini_get('safe_mode')) == 'on') + if (@ini_get('safe_mode') == '1' || strtolower(@ini_get('safe_mode')) == 'on') { $result .= ', ' . $lang['PHP_SAFE_MODE']; } From 8b423ba3084fbe29ce83aef2a5f6ac5380ee006e Mon Sep 17 00:00:00 2001 From: Henry Sudhof Date: Thu, 3 Jan 2008 14:04:12 +0000 Subject: [PATCH 0023/1780] #16865 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8293 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/docs/CHANGELOG.html | 1 + phpBB/includes/session.php | 3 ++- phpBB/style.php | 1 + 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index d2e8fb02ae..d2e4ed52ee 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -89,6 +89,7 @@
  • [Fix] Fix disabling of word censor, now possible again
  • [Fix] Allow single quotes in db password to be stored within config.php in installer
  • [Fix] Correctly quote db password for re-display in installer (Bug #16695 / thanks to m313 for reporting too - #s17235)
    • +
  • [Fix] Correctly handle empty imageset entries (Bug #16865)

    • 1.i. Changes since 3.0.RC8

    diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 6149063dea..9411ec1ae6 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1477,6 +1477,7 @@ class user extends session $sql = 'SELECT image_name, image_filename, image_lang, image_height, image_width FROM ' . STYLES_IMAGESET_DATA_TABLE . ' WHERE imageset_id = ' . $this->theme['imageset_id'] . " + AND image_filename <> '' AND image_lang IN ('" . $db->sql_escape($this->img_lang) . "', '')"; $result = $db->sql_query($sql, 3600); @@ -1886,7 +1887,7 @@ class user extends session default: $use_width = ($width === false) ? $img_data['width'] : $width; - + return '' . $alt . ''; break; } diff --git a/phpBB/style.php b/phpBB/style.php index f177d30c03..75c440bb63 100644 --- a/phpBB/style.php +++ b/phpBB/style.php @@ -116,6 +116,7 @@ if ($id) $sql = 'SELECT * FROM ' . STYLES_IMAGESET_DATA_TABLE . ' WHERE imageset_id = ' . $theme['imageset_id'] . " + AND image_filename <> '' AND image_lang IN ('" . $db->sql_escape($user_image_lang) . "', '')"; $result = $db->sql_query($sql, 3600); From 1074925720e84bcb9f2b1b6908da805c132a1c8a Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sat, 5 Jan 2008 15:47:40 +0000 Subject: [PATCH 0024/1780] - backport viewforum performance change from 3.1.x to 3.0.x git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8305 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/docs/CHANGELOG.html | 5 +++ phpBB/includes/mcp/mcp_forum.php | 21 +++++++++-- phpBB/viewforum.php | 65 ++++++++++++++++++++------------ 3 files changed, 62 insertions(+), 29 deletions(-) diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index d2e4ed52ee..660e5abb19 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -90,6 +90,11 @@
  • [Fix] Allow single quotes in db password to be stored within config.php in installer
  • [Fix] Correctly quote db password for re-display in installer (Bug #16695 / thanks to m313 for reporting too - #s17235)
  • [Fix] Correctly handle empty imageset entries (Bug #16865)
    • +
  • [Fix] Correctly check empty subjects/messages (Bug #17915)
    • +
  • [Change] Do not check usernames against word censor list. Disallowed usernames is already checked and word censor belong to posts. (Bug #17745)
    • +
  • [Fix] Additionally include non-postable forums for moderators forums shown within the teams list. (Bug #17265)
    • +
  • [Change] Sped up viewforum considerably (also goes towards mcp_forum)
    • +

    1.i. Changes since 3.0.RC8

    diff --git a/phpBB/includes/mcp/mcp_forum.php b/phpBB/includes/mcp/mcp_forum.php index d97fbb7107..e1820aa7ce 100644 --- a/phpBB/includes/mcp/mcp_forum.php +++ b/phpBB/includes/mcp/mcp_forum.php @@ -146,8 +146,8 @@ function mcp_forum_view($id, $mode, $action, $forum_info) $read_tracking_join = $read_tracking_select = ''; } - $sql = "SELECT t.*$read_tracking_select - FROM " . TOPICS_TABLE . " t $read_tracking_join + $sql = "SELECT t.topic_id + FROM " . TOPICS_TABLE . " t WHERE t.forum_id IN($forum_id, 0) " . (($auth->acl_get('m_approve', $forum_id)) ? '' : 'AND t.topic_approved = 1') . " $limit_time_sql @@ -155,10 +155,21 @@ function mcp_forum_view($id, $mode, $action, $forum_info) $result = $db->sql_query_limit($sql, $topics_per_page, $start); $topic_list = $topic_tracking_info = array(); + + while ($row = $db->sql_fetchrow($result)) + { + $topic_list[] = $row['topic_id']; + } + $db->sql_freeresult($result); + + $sql = "SELECT t.*$read_tracking_select + FROM " . TOPICS_TABLE . " t $read_tracking_join + WHERE " . $db->sql_in_set('t.topic_id', $topic_list); + + $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $topic_rows[$row['topic_id']] = $row; - $topic_list[] = $row['topic_id']; } $db->sql_freeresult($result); @@ -181,10 +192,12 @@ function mcp_forum_view($id, $mode, $action, $forum_info) } } - foreach ($topic_rows as $topic_id => $row) + foreach ($topic_list as $topic_id) { $topic_title = ''; + $row = &$topic_rows[$topic_id]; + $replies = ($auth->acl_get('m_approve', $forum_id)) ? $row['topic_replies_real'] : $row['topic_replies']; if ($row['topic_status'] == ITEM_MOVED) diff --git a/phpBB/viewforum.php b/phpBB/viewforum.php index c0ea87fede..0b2af13d76 100644 --- a/phpBB/viewforum.php +++ b/phpBB/viewforum.php @@ -408,39 +408,54 @@ else $sql_where = (sizeof($get_forum_ids)) ? $db->sql_in_set('t.forum_id', $get_forum_ids) : 't.forum_id = ' . $forum_id; } -// SQL array for obtaining topics/stickies -$sql_array = array( - 'SELECT' => $sql_array['SELECT'], - 'FROM' => $sql_array['FROM'], - 'LEFT_JOIN' => $sql_array['LEFT_JOIN'], - - 'WHERE' => $sql_where . ' - AND t.topic_type IN (' . POST_NORMAL . ', ' . POST_STICKY . ") +// Grab just the sorted topic ids +$sql = 'SELECT t.topic_id + FROM ' . TOPICS_TABLE . " t + WHERE $sql_where + AND t.topic_type IN (" . POST_NORMAL . ', ' . POST_STICKY . ") $sql_approved - $sql_limit_time", - - 'ORDER_BY' => 't.topic_type ' . ((!$store_reverse) ? 'DESC' : 'ASC') . ', ' . $sql_sort_order, -); - -// If store_reverse, then first obtain topics, then stickies, else the other way around... -// Funnily enough you typically save one query if going from the last page to the middle (store_reverse) because -// the number of stickies are not known -$sql = $db->sql_build_query('SELECT', $sql_array); + $sql_limit_time + ORDER BY t.topic_type " . ((!$store_reverse) ? 'DESC' : 'ASC') . ', ' . $sql_sort_order; $result = $db->sql_query_limit($sql, $sql_limit, $sql_start); -$shadow_topic_list = array(); while ($row = $db->sql_fetchrow($result)) { - if ($row['topic_status'] == ITEM_MOVED) - { - $shadow_topic_list[$row['topic_moved_id']] = $row['topic_id']; - } - - $rowset[$row['topic_id']] = $row; - $topic_list[] = $row['topic_id']; + $topic_list[] = (int) $row['topic_id']; } $db->sql_freeresult($result); +// For storing shadow topics +$shadow_topic_list = array(); + +if (sizeof($topic_list)) +{ + // SQL array for obtaining topics/stickies + $sql_array = array( + 'SELECT' => $sql_array['SELECT'], + 'FROM' => $sql_array['FROM'], + 'LEFT_JOIN' => $sql_array['LEFT_JOIN'], + + 'WHERE' => $db->sql_in_set('t.topic_id', $topic_list), + ); + + // If store_reverse, then first obtain topics, then stickies, else the other way around... + // Funnily enough you typically save one query if going from the last page to the middle (store_reverse) because + // the number of stickies are not known + $sql = $db->sql_build_query('SELECT', $sql_array); + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + if ($row['topic_status'] == ITEM_MOVED) + { + $shadow_topic_list[$row['topic_moved_id']] = $row['topic_id']; + } + + $rowset[$row['topic_id']] = $row; + } + $db->sql_freeresult($result); +} + // If we have some shadow topics, update the rowset to reflect their topic information if (sizeof($shadow_topic_list)) { From a7984e660da4def80d28a4efeacb5ee861c4718c Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sat, 5 Jan 2008 16:10:10 +0000 Subject: [PATCH 0025/1780] Correctly check empty subjects/messages (Bug #17915) Do not check usernames against word censor list. Disallowed usernames is already checked and word censor belong to posts. (Bug #17745) Additionally include non-postable forums for moderators forums shown within the teams list. (Bug #17265) git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8306 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_jabber.php | 20 +++++++++++++++----- phpBB/includes/functions_user.php | 17 +++-------------- phpBB/includes/message_parser.php | 11 ++++++++--- phpBB/includes/ucp/ucp_pm_compose.php | 6 +++--- phpBB/language/en/install.php | 2 +- phpBB/memberlist.php | 5 ++--- phpBB/posting.php | 6 +++--- 7 files changed, 35 insertions(+), 32 deletions(-) diff --git a/phpBB/includes/functions_jabber.php b/phpBB/includes/functions_jabber.php index 8575f339c1..7633c10be9 100644 --- a/phpBB/includes/functions_jabber.php +++ b/phpBB/includes/functions_jabber.php @@ -20,11 +20,11 @@ if (!defined('IN_PHPBB')) * * Jabber class from Flyspray project * -* @version class.jabber2.php 1306 2007-06-21 +* @version class.jabber2.php 1488 2007-11-25 * @copyright 2006 Flyspray.org * @author Florian Schmitz (floele) * -* Modified by Acyd Burn +* Only slightly modified by Acyd Burn * * @package phpBB3 */ @@ -286,7 +286,7 @@ class jabber $read = trim(fread($this->connection, 4096)); $data .= $read; } - while (time() <= $start + $timeout && ($wait || $data == '' || $read != '' || (substr(rtrim($data), -1) != '>'))); + while (time() <= $start + $timeout && !feof($this->connection) && ($wait || $data == '' || $read != '' || (substr(rtrim($data), -1) != '>'))); if ($data != '') { @@ -385,7 +385,6 @@ class jabber { case 'stream:stream': // Connection initialised (or after authentication). Not much to do here... - $this->session['id'] = $xml['stream:stream'][0]['@']['id']; if (isset($xml['stream:stream'][0]['#']['stream:features'])) { @@ -397,6 +396,16 @@ class jabber $this->features = $this->listen(); } + $second_time = isset($this->session['id']); + $this->session['id'] = $xml['stream:stream'][0]['@']['id']; + + if ($second_time) + { + // If we are here for the second time after TLS, we need to continue logging in + $this->login(); + return; + } + // go on with authentication? if (isset($this->features['stream:features'][0]['#']['bind']) || !empty($this->session['tls'])) { @@ -519,9 +528,10 @@ class jabber 'response' => $this->encrypt_password(array_merge($decoded, array('nc' => '00000001'))), 'charset' => 'utf-8', 'nc' => '00000001', + 'qop' => 'auth', // only auth being supported ); - foreach (array('nonce', 'qop', 'digest-uri', 'realm', 'cnonce') as $key) + foreach (array('nonce', 'digest-uri', 'realm', 'cnonce') as $key) { if (isset($decoded[$key])) { diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index c9921cc6f0..af9e69d00c 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -137,6 +137,9 @@ function user_update_name($old_name, $new_name) { set_config('newest_username', $new_name, true); } + + // Because some tables/caches use username-specific data we need to purge this here. + $cache->destroy('sql', MODERATOR_CACHE_TABLE); } /** @@ -1472,20 +1475,6 @@ function validate_username($username, $allowed_username = false) } } - $sql = 'SELECT word - FROM ' . WORDS_TABLE; - $result = $db->sql_query($sql); - - while ($row = $db->sql_fetchrow($result)) - { - if (preg_match('#(' . str_replace('\*', '.*?', preg_quote($row['word'], '#')) . ')#i', $username)) - { - $db->sql_freeresult($result); - return 'USERNAME_DISALLOWED'; - } - } - $db->sql_freeresult($result); - return false; } diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 6e601e1499..eeaa6d9529 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -913,9 +913,14 @@ class bbcode_firstpass extends bbcode $url = ($var1) ? $var1 : $var2; - if (!$url || ($var1 && !$var2)) + if ($var1 && !$var2) { - return ''; + $var2 = $var1; + } + + if (!$url) + { + return '[url' . (($var1) ? '=' . $var1 : '') . ']' . $var2 . '[/url]'; } $valid = false; @@ -1088,7 +1093,7 @@ class parse_message extends bbcode_firstpass } // Check for "empty" message - if ($mode !== 'sig' && !utf8_clean_string($this->message)) + if ($mode !== 'sig' && utf8_clean_string($this->message) === '') { $this->warn_msg[] = $user->lang['TOO_FEW_CHARS']; return $this->warn_msg; diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php index 6b56b52a5d..b2e91d8dde 100644 --- a/phpBB/includes/ucp/ucp_pm_compose.php +++ b/phpBB/includes/ucp/ucp_pm_compose.php @@ -494,12 +494,12 @@ function compose_pm($id, $mode, $action) } else { - if (!$subject || !utf8_clean_string($subject)) + if (utf8_clean_string($subject) === '') { $error[] = $user->lang['EMPTY_MESSAGE_SUBJECT']; } - if (!$message) + if (utf8_clean_string($message) === '') { $error[] = $user->lang['TOO_FEW_CHARS']; } @@ -600,7 +600,7 @@ function compose_pm($id, $mode, $action) // Subject defined if ($submit) { - if (!$subject || !utf8_clean_string($subject)) + if (utf8_clean_string($subject) === '') { $error[] = $user->lang['EMPTY_MESSAGE_SUBJECT']; } diff --git a/phpBB/language/en/install.php b/phpBB/language/en/install.php index 15a5c6dca4..1481a88dc1 100755 --- a/phpBB/language/en/install.php +++ b/phpBB/language/en/install.php @@ -460,7 +460,7 @@ $lang = array_merge($lang, array( 'NO_VISIBLE_CHANGES' => 'No visible changes', 'NOTICE' => 'Notice', 'NUM_CONFLICTS' => 'Number of conflicts', - 'NUMBER_OF_FILES_COLLECTED' => 'Currently having differences about %1$d from %2$d files collected.
    Please wait until file collection finished.', + 'NUMBER_OF_FILES_COLLECTED' => 'Currently differences of %1$d of %2$d files have been checked.
    Please wait until all files are checked.', 'OLD_UPDATE_FILES' => 'Update files are out of date. The update files found are for updating from phpBB %1$s to phpBB %2$s but the latest version of phpBB is %3$s.', diff --git a/phpBB/memberlist.php b/phpBB/memberlist.php index e41728a3d0..f7c9d101a8 100644 --- a/phpBB/memberlist.php +++ b/phpBB/memberlist.php @@ -141,10 +141,9 @@ switch ($mode) unset($admin_memberships); $sql = 'SELECT forum_id, forum_name - FROM ' . FORUMS_TABLE . ' - WHERE forum_type = ' . FORUM_POST; + FROM ' . FORUMS_TABLE; $result = $db->sql_query($sql); - + $forums = array(); while ($row = $db->sql_fetchrow($result)) { diff --git a/phpBB/posting.php b/phpBB/posting.php index 1236361e18..9ddaf52acd 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -520,12 +520,12 @@ if ($save && $user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ( } else { - if (!$subject || !utf8_clean_string($subject)) + if (utf8_clean_string($subject) === '') { $error[] = $user->lang['EMPTY_SUBJECT']; } - if (!$message) + if (utf8_clean_string($message) === '') { $error[] = $user->lang['TOO_FEW_CHARS']; } @@ -769,7 +769,7 @@ if ($submit || $preview || $refresh) } // Parse subject - if (!$preview && !$refresh && !utf8_clean_string($post_data['post_subject']) && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id))) + if (!$preview && !$refresh && utf8_clean_string($post_data['post_subject']) === '' && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id))) { $error[] = $user->lang['EMPTY_SUBJECT']; } From 12a9e001837da139a9ea07b8dd52019ee071d9bd Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sun, 6 Jan 2008 17:00:09 +0000 Subject: [PATCH 0026/1780] - Do not split topic list for topics being promoted to announcements after been moved to another forum (Bug #18635) - Allow editing usernames within database_update on username cleanup (Bug #18415) - Fixing wrong sync() calls if moving all posts by a member in ACP (Bug #18385) - Check entered imagemagick path for trailing slash (Bug #18205) - Use proper title on index for new/unread posts (Bug #13101) - patch provided by Pyramide - Allow calls to $user->set_cookie() define no cookie time for setting session cookies (Bug #18025) git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8310 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/docs/CHANGELOG.html | 9 +++++++-- phpBB/includes/acp/acp_attachments.php | 15 +++++++++++++-- phpBB/includes/acp/acp_users.php | 2 +- phpBB/includes/acp/auth.php | 4 ++++ phpBB/includes/functions_display.php | 3 ++- phpBB/includes/functions_posting.php | 5 +++++ phpBB/includes/session.php | 8 ++++++-- phpBB/install/database_update.php | 3 +++ .../styles/prosilver/template/forumlist_body.html | 2 +- .../styles/prosilver/template/overall_header.html | 2 +- .../styles/prosilver/template/simple_header.html | 2 +- .../styles/prosilver/template/viewforum_body.html | 2 +- .../styles/prosilver/template/viewtopic_body.html | 2 +- .../prosilver/template/viewtopic_print.html | 2 +- .../subsilver2/template/overall_header.html | 2 +- .../styles/subsilver2/template/simple_header.html | 2 +- phpBB/viewforum.php | 5 +++-- phpBB/viewtopic.php | 2 +- 18 files changed, 53 insertions(+), 19 deletions(-) diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index 660e5abb19..a93f5106a8 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -94,9 +94,14 @@
  • [Change] Do not check usernames against word censor list. Disallowed usernames is already checked and word censor belong to posts. (Bug #17745)
  • [Fix] Additionally include non-postable forums for moderators forums shown within the teams list. (Bug #17265)
  • [Change] Sped up viewforum considerably (also goes towards mcp_forum)
    • - +
  • [Fix] Do not split topic list for topics being promoted to announcements after been moved to another forum (Bug #18635)
    • +
  • [Fix] Allow editing usernames within database_update on username cleanup (Bug #18415)
    • +
  • [Fix] Fixing wrong sync() calls if moving all posts by a member in ACP (Bug #18385)
    • +
  • [Fix] Check entered imagemagick path for trailing slash (Bug #18205)
    • +
  • [Fix] Use proper title on index for new/unread posts (Bug #13101) - patch provided by Pyramide
    • +
  • [Fix] Allow calls to $user->set_cookie() define no cookie time for setting session cookies (Bug #18025)
    • - +

    1.i. Changes since 3.0.RC8

      diff --git a/phpBB/includes/acp/acp_attachments.php b/phpBB/includes/acp/acp_attachments.php index 4ab47ec9d6..e2ee126479 100644 --- a/phpBB/includes/acp/acp_attachments.php +++ b/phpBB/includes/acp/acp_attachments.php @@ -184,7 +184,18 @@ class acp_attachments } // We strip eventually manual added convert program, we only want the patch - $this->new_config['img_imagick'] = str_replace(array('convert', '.exe'), array('', ''), $this->new_config['img_imagick']); + if ($this->new_config['img_imagick']) + { + // Change path separator + $this->new_config['img_magick'] = str_replace('\\', '/', $this->new_config['img_magick']); + $this->new_config['img_imagick'] = str_replace(array('convert', '.exe'), array('', ''), $this->new_config['img_imagick']); + + // Check for trailing slash + if (substr($this->new_config['img_magick'], -1) !== '/') + { + $this->new_config['img_magick'] .= '/'; + } + } $supported_types = get_supported_image_types(); @@ -1134,7 +1145,7 @@ class acp_attachments foreach ($locations as $location) { // The path might not end properly, fudge it - if (substr($location, -1, 1) !== '/') + if (substr($location, -1) !== '/') { $location .= '/'; } diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index 310759d38c..40230d0270 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -630,7 +630,7 @@ class acp_users } $forum_id_ary = array_unique($forum_id_ary); - $topic_id_ary = array_unique(array_merge($topic_id_ary, $new_topic_id_ary)); + $topic_id_ary = array_unique(array_merge(array_keys($topic_id_ary), $new_topic_id_ary)); if (sizeof($topic_id_ary)) { diff --git a/phpBB/includes/acp/auth.php b/phpBB/includes/acp/auth.php index b4ea0e46d0..177c42f581 100644 --- a/phpBB/includes/acp/auth.php +++ b/phpBB/includes/acp/auth.php @@ -778,6 +778,10 @@ class auth_admin extends auth $cache->destroy('_acl_options'); $this->acl_clear_prefetch(); + // Because we just changed the options and also purged the options cache, we instantly update/regenerate it for later calls to succeed. + $this->option_ids = $this->acl_options = array(); + $this->auth_admin(); + return true; } diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php index 05630342d1..f9cabaff29 100644 --- a/phpBB/includes/functions_display.php +++ b/phpBB/includes/functions_display.php @@ -371,7 +371,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod $s_subforums_list = array(); foreach ($subforums_list as $subforum) { - $s_subforums_list[] = '' . $subforum['name'] . ''; + $s_subforums_list[] = '' . $subforum['name'] . ''; } $s_subforums_list = (string) implode(', ', $s_subforums_list); $catless = ($row['parent_id'] == $root_data['forum_id']) ? true : false; @@ -409,6 +409,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod $l_post_click_count => $post_click_count, 'FORUM_FOLDER_IMG' => $user->img($folder_image, $folder_alt), 'FORUM_FOLDER_IMG_SRC' => $user->img($folder_image, $folder_alt, false, '', 'src'), + 'FORUM_FOLDER_IMG_ALT' => isset($user->lang[$folder_alt]) ? $user->lang[$folder_alt] : '', 'FORUM_IMAGE' => ($row['forum_image']) ? '' . $user->lang[$folder_alt] . '' : '', 'FORUM_IMAGE_SRC' => ($row['forum_image']) ? $phpbb_root_path . $row['forum_image'] : '', 'LAST_POST_SUBJECT' => censor_text($last_post_subject), diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index 9ed2d78cb7..4b7387115a 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -618,6 +618,11 @@ function create_thumbnail($source, $destination, $mimetype) // Only use imagemagick if defined and the passthru function not disabled if ($config['img_imagick'] && function_exists('passthru')) { + if (substr($config['img_magick'], -1) !== '/') + { + $config['img_magick'] .= '/'; + } + @passthru(escapeshellcmd($config['img_imagick']) . 'convert' . ((defined('PHP_OS') && preg_match('#^win#i', PHP_OS)) ? '.exe' : '') . ' -quality 85 -antialias -sample ' . $new_width . 'x' . $new_height . ' "' . str_replace('\\', '/', $source) . '" +profile "*" "' . str_replace('\\', '/', $destination) . '"'); if (file_exists($destination)) diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 9411ec1ae6..afc9e810e3 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -872,7 +872,11 @@ class session /** * Sets a cookie * - * Sets a cookie of the given name with the specified data for the given length of time. + * Sets a cookie of the given name with the specified data for the given length of time. If no time is specified, a session cookie will be set. + * + * @param string $name Name of the cookie, will be automatically prefixed with the phpBB cookie name. track becomes [cookie_name]_track then. + * @param string $cookiedata The data to hold within the cookie + * @param int $cookietime The expiration time as UNIX timestamp. If 0 is provided, a session cookie is set. */ function set_cookie($name, $cookiedata, $cookietime) { @@ -882,7 +886,7 @@ class session $expire = gmdate('D, d-M-Y H:i:s \\G\\M\\T', $cookietime); $domain = (!$config['cookie_domain'] || $config['cookie_domain'] == 'localhost' || $config['cookie_domain'] == '127.0.0.1') ? '' : '; domain=' . $config['cookie_domain']; - header('Set-Cookie: ' . $name_data . '; expires=' . $expire . '; path=' . $config['cookie_path'] . $domain . ((!$config['cookie_secure']) ? '' : '; secure') . '; HttpOnly', false); + header('Set-Cookie: ' . $name_data . (($cookietime) ? '; expires=' . $expire : '') . '; path=' . $config['cookie_path'] . $domain . ((!$config['cookie_secure']) ? '' : '; secure') . '; HttpOnly', false); } /** diff --git a/phpBB/install/database_update.php b/phpBB/install/database_update.php index fc9ce65dac..990591e8a4 100644 --- a/phpBB/install/database_update.php +++ b/phpBB/install/database_update.php @@ -616,6 +616,9 @@ if (version_compare($current_version, '3.0.RC8', '<=')) $modify_users = request_var('modify_users', array(0 => '')); $new_usernames = request_var('new_usernames', array(0 => ''), true); + // We need this file if someone wants to edit usernames. + include($phpbb_root_path . 'includes/utf/utf_normalizer.' . $phpEx); + if (!class_exists('utf_new_normalizer')) { if (!file_exists($phpbb_root_path . 'install/data/new_normalizer.' . $phpEx)) diff --git a/phpBB/styles/prosilver/template/forumlist_body.html b/phpBB/styles/prosilver/template/forumlist_body.html index 753d83995c..76e86ae1c2 100644 --- a/phpBB/styles/prosilver/template/forumlist_body.html +++ b/phpBB/styles/prosilver/template/forumlist_body.html @@ -26,7 +26,7 @@
    • -
      +
      {forumrow.FORUM_IMAGE} {forumrow.FORUM_NAME}
      {forumrow.FORUM_DESC} diff --git a/phpBB/styles/prosilver/template/overall_header.html b/phpBB/styles/prosilver/template/overall_header.html index 7c447afba5..a87dc671b7 100644 --- a/phpBB/styles/prosilver/template/overall_header.html +++ b/phpBB/styles/prosilver/template/overall_header.html @@ -8,7 +8,7 @@ - + {META} diff --git a/phpBB/styles/prosilver/template/simple_header.html b/phpBB/styles/prosilver/template/simple_header.html index 65538f5da9..5acf19f000 100644 --- a/phpBB/styles/prosilver/template/simple_header.html +++ b/phpBB/styles/prosilver/template/simple_header.html @@ -8,7 +8,7 @@ - + {META} diff --git a/phpBB/styles/prosilver/template/viewforum_body.html b/phpBB/styles/prosilver/template/viewforum_body.html index 1a731e0451..8bf9f98747 100644 --- a/phpBB/styles/prosilver/template/viewforum_body.html +++ b/phpBB/styles/prosilver/template/viewforum_body.html @@ -136,7 +136,7 @@
    • -
      {NEWEST_POST_IMG} {topicrow.TOPIC_TITLE} + style="background-image: url({T_ICONS_PATH}{topicrow.TOPIC_ICON_IMG}); background-repeat: no-repeat;" title="{topicrow.TOPIC_FOLDER_IMG_ALT}">{NEWEST_POST_IMG} {topicrow.TOPIC_TITLE} {topicrow.UNAPPROVED_IMG} {REPORTED_IMG}
      {topicrow.PAGINATION} diff --git a/phpBB/styles/prosilver/template/viewtopic_body.html b/phpBB/styles/prosilver/template/viewtopic_body.html index 2238f402aa..ee89b3b15f 100644 --- a/phpBB/styles/prosilver/template/viewtopic_body.html +++ b/phpBB/styles/prosilver/template/viewtopic_body.html @@ -257,7 +257,7 @@
      - {S_TOPIC_MOD} + {S_TOPIC_MOD} {S_FORM_TOKEN}
      diff --git a/phpBB/styles/prosilver/template/viewtopic_print.html b/phpBB/styles/prosilver/template/viewtopic_print.html index 669c58d547..45c7010867 100644 --- a/phpBB/styles/prosilver/template/viewtopic_print.html +++ b/phpBB/styles/prosilver/template/viewtopic_print.html @@ -8,7 +8,7 @@ - + diff --git a/phpBB/styles/subsilver2/template/overall_header.html b/phpBB/styles/subsilver2/template/overall_header.html index 3603d8a3e2..309e9a1ef1 100644 --- a/phpBB/styles/subsilver2/template/overall_header.html +++ b/phpBB/styles/subsilver2/template/overall_header.html @@ -8,7 +8,7 @@ - + {META} diff --git a/phpBB/styles/subsilver2/template/simple_header.html b/phpBB/styles/subsilver2/template/simple_header.html index f3e374fac0..bcef9a7059 100644 --- a/phpBB/styles/subsilver2/template/simple_header.html +++ b/phpBB/styles/subsilver2/template/simple_header.html @@ -8,7 +8,7 @@ - + {META} diff --git a/phpBB/viewforum.php b/phpBB/viewforum.php index 0b2af13d76..197f77065f 100644 --- a/phpBB/viewforum.php +++ b/phpBB/viewforum.php @@ -493,8 +493,9 @@ if (sizeof($shadow_topic_list)) // We want to retain some values $row = array_merge($row, array( 'topic_moved_id' => $rowset[$orig_topic_id]['topic_moved_id'], - 'topic_status' => $rowset[$orig_topic_id]['topic_status']) - ); + 'topic_status' => $rowset[$orig_topic_id]['topic_status'], + 'topic_type' => $rowset[$orig_topic_id]['topic_type'], + )); $rowset[$orig_topic_id] = $row; } diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index f24eebd1a7..4240c3da7a 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -578,7 +578,7 @@ $template->assign_vars(array( 'S_SELECT_SORT_DAYS' => $s_limit_days, 'S_SINGLE_MODERATOR' => (!empty($forum_moderators[$forum_id]) && sizeof($forum_moderators[$forum_id]) > 1) ? false : true, 'S_TOPIC_ACTION' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id&start=$start"), - 'S_TOPIC_MOD' => ($topic_mod != '') ? '' : '', + 'S_TOPIC_MOD' => ($topic_mod != '') ? '' : '', 'S_MOD_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", "f=$forum_id&t=$topic_id&quickmod=1&redirect=" . urlencode(str_replace('&', '&', $viewtopic_url)), true, $user->session_id), 'S_VIEWTOPIC' => true, From bbf09989b02dfaee9c3fa57b01c4a5766018a5b7 Mon Sep 17 00:00:00 2001 From: Vic D'Elfant Date: Mon, 7 Jan 2008 13:50:56 +0000 Subject: [PATCH 0027/1780] Same goes for the 3_0_0 branch... Fixed a problem caused by "-x-" variations of a translation, such as fr-x-strict and de-x-sie. We're now sending the main language code to the output so it will at least be a valid language code git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8312 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions.php | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index bf00beb2e1..6f11170172 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -3301,6 +3301,13 @@ function page_header($page_title = '', $display_online_list = true) // Which timezone? $tz = ($user->data['user_id'] != ANONYMOUS) ? strval(doubleval($user->data['user_timezone'])) : strval(doubleval($config['board_timezone'])); + // Send a proper content-language to the output + $user_lang = $user->lang['USER_LANG']; + if (strpos($user_lang, '-x-') !== false) + { + $user_lang = substr($user_lang, 0, strpos($user_lang, '-x-')); + } + // The following assigns all _common_ variables that may be used at any point in a template. $template->assign_vars(array( 'SITENAME' => $config['sitename'], @@ -3356,7 +3363,7 @@ function page_header($page_title = '', $display_online_list = true) 'S_REGISTERED_USER' => $user->data['is_registered'], 'S_IS_BOT' => $user->data['is_bot'], 'S_USER_PM_POPUP' => $user->optionget('popuppm'), - 'S_USER_LANG' => $user->lang['USER_LANG'], + 'S_USER_LANG' => $user_lang, 'S_USER_BROWSER' => (isset($user->data['session_browser'])) ? $user->data['session_browser'] : $user->lang['UNKNOWN_BROWSER'], 'S_USERNAME' => $user->data['username'], 'S_CONTENT_DIRECTION' => $user->lang['DIRECTION'], From b29ba5343d86aeeacdb59d44560c486e52f3ffa7 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Mon, 7 Jan 2008 19:29:50 +0000 Subject: [PATCH 0028/1780] grr git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8314 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/acp/acp_attachments.php | 6 +++--- phpBB/includes/functions_posting.php | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/phpBB/includes/acp/acp_attachments.php b/phpBB/includes/acp/acp_attachments.php index e2ee126479..08b5f863e0 100644 --- a/phpBB/includes/acp/acp_attachments.php +++ b/phpBB/includes/acp/acp_attachments.php @@ -187,13 +187,13 @@ class acp_attachments if ($this->new_config['img_imagick']) { // Change path separator - $this->new_config['img_magick'] = str_replace('\\', '/', $this->new_config['img_magick']); + $this->new_config['img_imagick'] = str_replace('\\', '/', $this->new_config['img_imagick']); $this->new_config['img_imagick'] = str_replace(array('convert', '.exe'), array('', ''), $this->new_config['img_imagick']); // Check for trailing slash - if (substr($this->new_config['img_magick'], -1) !== '/') + if (substr($this->new_config['img_imagick'], -1) !== '/') { - $this->new_config['img_magick'] .= '/'; + $this->new_config['img_imagick'] .= '/'; } } diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index 4b7387115a..04e56f3851 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -618,9 +618,9 @@ function create_thumbnail($source, $destination, $mimetype) // Only use imagemagick if defined and the passthru function not disabled if ($config['img_imagick'] && function_exists('passthru')) { - if (substr($config['img_magick'], -1) !== '/') + if (substr($config['img_imagick'], -1) !== '/') { - $config['img_magick'] .= '/'; + $config['img_imagick'] .= '/'; } @passthru(escapeshellcmd($config['img_imagick']) . 'convert' . ((defined('PHP_OS') && preg_match('#^win#i', PHP_OS)) ? '.exe' : '') . ' -quality 85 -antialias -sample ' . $new_width . 'x' . $new_height . ' "' . str_replace('\\', '/', $source) . '" +profile "*" "' . str_replace('\\', '/', $destination) . '"'); From c16d34f995647c763d894689deea6aac0439b6eb Mon Sep 17 00:00:00 2001 From: Henry Sudhof Date: Tue, 22 Jan 2008 15:29:58 +0000 Subject: [PATCH 0029/1780] #19675 and #19675 Language changes, so take care. I guess it's time to close up shop :) git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8326 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/docs/CHANGELOG.html | 2 ++ phpBB/includes/acp/acp_icons.php | 20 +++++++++++---- phpBB/includes/ucp/ucp_pm_compose.php | 35 ++++++++++++++++++--------- phpBB/language/en/acp/posting.php | 2 ++ 4 files changed, 43 insertions(+), 16 deletions(-) diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index a93f5106a8..5c60f6e1eb 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -100,6 +100,8 @@
    • [Fix] Check entered imagemagick path for trailing slash (Bug #18205)
    • [Fix] Use proper title on index for new/unread posts (Bug #13101) - patch provided by Pyramide
    • [Fix] Allow calls to $user->set_cookie() define no cookie time for setting session cookies (Bug #18025)
      • +
    • [Fix] Stricter checks on smilie packs (Bug #19675)
      • +
    • [Fix] Gracefully return from cancelling pm drafts (Bug #19675)

    1.i. Changes since 3.0.RC8

    diff --git a/phpBB/includes/acp/acp_icons.php b/phpBB/includes/acp/acp_icons.php index 537c0425a2..f66f45cd36 100644 --- a/phpBB/includes/acp/acp_icons.php +++ b/phpBB/includes/acp/acp_icons.php @@ -337,11 +337,16 @@ class acp_icons } $icons_updated = 0; + $errors = array(); foreach ($images as $image) { - if (($mode == 'smilies' && ($image_emotion[$image] == '' || $image_code[$image] == '')) || - ($action == 'create' && !isset($image_add[$image]))) + if ($mode == 'smilies' && ($image_emotion[$image] == '' || $image_code[$image] == '')) { + $errors[$image] = 'SMILIE_NO_' . (($image_emotion[$image] == '') ? 'EMOTION' : 'CODE'); + } + else if ($action == 'create' && !isset($image_add[$image])) + { + // skip images where add wasn't checked } else { @@ -431,13 +436,18 @@ class acp_icons default: $suc_lang = $lang; } + $errormsgs = '
    '; + foreach ($errors as $img => $error) + { + $errormsgs .= '
    ' . sprintf($user->lang[$error], $img); + } if ($action == 'modify') { - trigger_error($user->lang[$suc_lang . '_EDITED'] . adm_back_link($this->u_action), $level); + trigger_error($user->lang[$suc_lang . '_EDITED'] . $errormsgs . adm_back_link($this->u_action), $level); } else { - trigger_error($user->lang[$suc_lang . '_ADDED'] . adm_back_link($this->u_action), $level); + trigger_error($user->lang[$suc_lang . '_ADDED'] . $errormsgs .adm_back_link($this->u_action), $level); } break; @@ -462,7 +472,7 @@ class acp_icons if (preg_match_all("#'(.*?)', ?#", $pak_entry, $data)) { if ((sizeof($data[1]) != 4 && $mode == 'icons') || - (sizeof($data[1]) != 6 && $mode == 'smilies')) + ((sizeof($data[1]) != 6 || (empty($data[1][4]) || empty($data[1][5]))) && $mode == 'smilies' )) { trigger_error($user->lang['WRONG_PAK_TYPE'] . adm_back_link($this->u_action), E_USER_WARNING); } diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php index b2e91d8dde..af592e3612 100644 --- a/phpBB/includes/ucp/ucp_pm_compose.php +++ b/phpBB/includes/ucp/ucp_pm_compose.php @@ -465,7 +465,8 @@ function compose_pm($id, $mode, $action) 'forum_id' => 0, 'save_time' => $current_time, 'draft_subject' => $subject, - 'draft_message' => $message) + 'draft_message' => $message + ) ); $db->sql_query($sql); @@ -488,6 +489,8 @@ function compose_pm($id, $mode, $action) 'g' => $to_group_id, 'p' => $msg_id) ); + $s_hidden_fields .= build_address_field($address_list); + confirm_box(false, 'SAVE_DRAFT', $s_hidden_fields); } @@ -541,7 +544,7 @@ function compose_pm($id, $mode, $action) if ($submit || $preview || $refresh) { - if (!check_form_key('ucp_pm_compose')) + if (($submit || $preview) && !check_form_key('ucp_pm_compose')) { $error[] = $user->lang['FORM_INVALID']; } @@ -888,15 +891,9 @@ function compose_pm($id, $mode, $action) } // Build hidden address list - $s_hidden_address_field = ''; - foreach ($address_list as $type => $adr_ary) - { - foreach ($adr_ary as $id => $field) - { - $s_hidden_address_field .= ''; - } - } - + $s_hidden_address_field = build_address_field($address_list); + + $bbcode_checked = (isset($enable_bbcode)) ? !$enable_bbcode : (($config['allow_bbcode'] && $auth->acl_get('u_pm_bbcode')) ? !$user->optionget('bbcode') : 1); $smilies_checked = (isset($enable_smilies)) ? !$enable_smilies : (($config['allow_smilies'] && $auth->acl_get('u_pm_smilies')) ? !$user->optionget('smilies') : 1); $urls_checked = (isset($enable_urls)) ? !$enable_urls : 0; @@ -1117,6 +1114,22 @@ function handle_message_list_actions(&$address_list, &$error, $remove_u, $remove } } +/** +* Build the hidden field for the recipients. Needed, as the variable is not read via request_var. +*/ +function build_address_field($address_list) +{ + $s_hidden_address_field = ''; + foreach ($address_list as $type => $adr_ary) + { + foreach ($adr_ary as $id => $field) + { + $s_hidden_address_field .= ''; + } + } + return $s_hidden_address_field; +} + /** * Return number of private message recipients */ diff --git a/phpBB/language/en/acp/posting.php b/phpBB/language/en/acp/posting.php index 2f390dfebd..961ca2612c 100644 --- a/phpBB/language/en/acp/posting.php +++ b/phpBB/language/en/acp/posting.php @@ -162,6 +162,8 @@ $lang = array_merge($lang, array( 'SMILIES_CONFIG' => 'Smiley configuration', 'SMILIES_DELETED' => 'The smiley has been removed successfully.', 'SMILIES_EDIT' => 'Edit smiley', + 'SMILIE_NO_CODE' => 'The smilie “%s” was ignored, as there was no code entered.', + 'SMILIE_NO_EMOTION' => 'The smilie “%s” was ignored, as there was no emotion entered.', 'SMILIES_NONE_EDITED' => 'No smilies were updated.', 'SMILIES_ONE_EDITED' => 'The smiley has been updated successfully.', 'SMILIES_EDITED' => 'The smilies have been updated successfully.', From 48490ba4b102f8d73cd3e433b15667456298696c Mon Sep 17 00:00:00 2001 From: Henry Sudhof Date: Wed, 23 Jan 2008 14:05:17 +0000 Subject: [PATCH 0030/1780] #19975 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8332 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/styles/subsilver2/template/posting_body.html | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/phpBB/styles/subsilver2/template/posting_body.html b/phpBB/styles/subsilver2/template/posting_body.html index a1cd573768..a1515f9628 100644 --- a/phpBB/styles/subsilver2/template/posting_body.html +++ b/phpBB/styles/subsilver2/template/posting_body.html @@ -382,13 +382,14 @@     -   +   {S_FORM_TOKEN}
    - + + @@ -397,8 +398,7 @@ - {S_FORM_TOKEN} - +
    From cdf9a41ced305ea3a3e9da50d4653c1e9eb66d70 Mon Sep 17 00:00:00 2001 From: "Marek A. R" Date: Wed, 23 Jan 2008 22:08:06 +0000 Subject: [PATCH 0031/1780] Fix for bug #17855 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8334 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/acp/acp_main.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/includes/acp/acp_main.php b/phpBB/includes/acp/acp_main.php index d41e1f4a62..00ea2f1689 100644 --- a/phpBB/includes/acp/acp_main.php +++ b/phpBB/includes/acp/acp_main.php @@ -392,7 +392,7 @@ class acp_main 'DATABASE_INFO' => $db->sql_server_info(), 'BOARD_VERSION' => $config['version'], - 'U_ACTION' => append_sid("{$phpbb_admin_path}index.$phpEx"), + 'U_ACTION' => $this->u_action, 'U_ADMIN_LOG' => append_sid("{$phpbb_admin_path}index.$phpEx", 'i=logs&mode=admin'), 'U_INACTIVE_USERS' => append_sid("{$phpbb_admin_path}index.$phpEx", 'i=inactive&mode=list'), From e13488ab1c4d3a3074feb1fedabf868597ad59e6 Mon Sep 17 00:00:00 2001 From: Henry Sudhof Date: Thu, 24 Jan 2008 11:09:15 +0000 Subject: [PATCH 0032/1780] #20085 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8335 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/styles/subsilver2/template/posting_body.html | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/phpBB/styles/subsilver2/template/posting_body.html b/phpBB/styles/subsilver2/template/posting_body.html index a1515f9628..827b5df061 100644 --- a/phpBB/styles/subsilver2/template/posting_body.html +++ b/phpBB/styles/subsilver2/template/posting_body.html @@ -382,14 +382,16 @@     -   {S_FORM_TOKEN} +   - -
    - + + {S_FORM_TOKEN} + +
    + From 79b02d160a496a2441d62f8beabfc5ca95499863 Mon Sep 17 00:00:00 2001 From: Henry Sudhof Date: Mon, 28 Jan 2008 13:00:10 +0000 Subject: [PATCH 0033/1780] 20255 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8337 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index afc9e810e3..70ffd4ee08 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -653,7 +653,7 @@ class session $sql = 'SELECT COUNT(session_id) AS sessions FROM ' . SESSIONS_TABLE . ' WHERE session_user_id = ' . (int) $this->data['user_id'] . ' - AND session_time >= ' . ($this->time_now - $config['form_token_lifetime']); + AND session_time >= ' . (int)($this->time_now - (max($config['session_length'], $config['form_token_lifetime']))); $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); From 98e394987f04fad65ecf3c743e4af4c92b23e932 Mon Sep 17 00:00:00 2001 From: Henry Sudhof Date: Mon, 28 Jan 2008 15:20:47 +0000 Subject: [PATCH 0034/1780] nit rightfully picked git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8340 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 70ffd4ee08..17f6759cb8 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -653,7 +653,7 @@ class session $sql = 'SELECT COUNT(session_id) AS sessions FROM ' . SESSIONS_TABLE . ' WHERE session_user_id = ' . (int) $this->data['user_id'] . ' - AND session_time >= ' . (int)($this->time_now - (max($config['session_length'], $config['form_token_lifetime']))); + AND session_time >= ' . (int) ($this->time_now - (max($config['session_length'], $config['form_token_lifetime']))); $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); From 5efd4f2c00c8d3f12a881d4fce54bc92986902c5 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Tue, 29 Jan 2008 14:23:02 +0000 Subject: [PATCH 0035/1780] #20135 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8343 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/docs/CHANGELOG.html | 1 + phpBB/includes/session.php | 10 +++++----- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index 5c60f6e1eb..a8211ae925 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -102,6 +102,7 @@
  • [Fix] Allow calls to $user->set_cookie() define no cookie time for setting session cookies (Bug #18025)
  • [Fix] Stricter checks on smilie packs (Bug #19675)
  • [Fix] Gracefully return from cancelling pm drafts (Bug #19675)
    • +
  • [Fix] Possible login problems with IE7 if browser check is activated (Bug #20135)

    • 1.i. Changes since 3.0.RC8

    diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 17f6759cb8..738cbfa74d 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -256,8 +256,8 @@ class session $u_ip = implode('.', array_slice(explode('.', $this->ip), 0, $config['ip_check'])); } - $s_browser = ($config['browser_check']) ? strtolower(substr($this->data['session_browser'], 0, 149)) : ''; - $u_browser = ($config['browser_check']) ? strtolower(substr($this->browser, 0, 149)) : ''; + $s_browser = ($config['browser_check']) ? trim(strtolower(substr($this->data['session_browser'], 0, 149))) : ''; + $u_browser = ($config['browser_check']) ? trim(strtolower(substr($this->browser, 0, 149))) : ''; $s_forwarded_for = ($config['forwarded_for_check']) ? substr($this->data['session_forwarded_for'], 0, 254) : ''; $u_forwarded_for = ($config['forwarded_for_check']) ? substr($this->forwarded_for, 0, 254) : ''; @@ -526,8 +526,8 @@ class session $u_ip = implode('.', array_slice(explode('.', $this->ip), 0, $config['ip_check'])); } - $s_browser = ($config['browser_check']) ? strtolower(substr($this->data['session_browser'], 0, 149)) : ''; - $u_browser = ($config['browser_check']) ? strtolower(substr($this->browser, 0, 149)) : ''; + $s_browser = ($config['browser_check']) ? trim(strtolower(substr($this->data['session_browser'], 0, 149))) : ''; + $u_browser = ($config['browser_check']) ? trim(strtolower(substr($this->browser, 0, 149))) : ''; $s_forwarded_for = ($config['forwarded_for_check']) ? substr($this->data['session_forwarded_for'], 0, 254) : ''; $u_forwarded_for = ($config['forwarded_for_check']) ? substr($this->forwarded_for, 0, 254) : ''; @@ -579,7 +579,7 @@ class session 'session_start' => (int) $this->time_now, 'session_last_visit' => (int) $this->data['session_last_visit'], 'session_time' => (int) $this->time_now, - 'session_browser' => (string) substr($this->browser, 0, 149), + 'session_browser' => (string) trim(substr($this->browser, 0, 149)), 'session_forwarded_for' => (string) $this->forwarded_for, 'session_ip' => (string) $this->ip, 'session_autologin' => ($session_autologin) ? 1 : 0, From fb1c5e22f6ac1cad6ddf9b6421bf21c00a95ae0c Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Tue, 29 Jan 2008 15:00:41 +0000 Subject: [PATCH 0036/1780] #17025 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8346 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/docs/CHANGELOG.html | 1 + phpBB/includes/db/dbal.php | 7 +++++++ 2 files changed, 8 insertions(+) diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index a8211ae925..e7013e9bae 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -103,6 +103,7 @@
  • [Fix] Stricter checks on smilie packs (Bug #19675)
  • [Fix] Gracefully return from cancelling pm drafts (Bug #19675)
  • [Fix] Possible login problems with IE7 if browser check is activated (Bug #20135)
    • +
  • [Fix] Fix possible database transaction errors if code returns on error and rollback happened (Bug #17025)

    • 1.i. Changes since 3.0.RC8

    diff --git a/phpBB/includes/db/dbal.php b/phpBB/includes/db/dbal.php index e37ccda0db..4964ac87f7 100644 --- a/phpBB/includes/db/dbal.php +++ b/phpBB/includes/db/dbal.php @@ -262,6 +262,13 @@ class dbal return true; } + // Check if there is a transaction (no transaction can happen if there was an error, with a combined rollback and error returning enabled) + // This implies we have transaction always set for autocommit db's + if (!$this->transaction) + { + return false; + } + $result = $this->_sql_transaction('commit'); if (!$result) From 9451f7feab692d7418f48b3d699026b4f9f731ce Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Tue, 29 Jan 2008 15:15:10 +0000 Subject: [PATCH 0037/1780] #20125 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8347 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/docs/CHANGELOG.html | 1 + phpBB/includes/functions_module.php | 14 +++++++------- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index e7013e9bae..1196e2ce7f 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -104,6 +104,7 @@
  • [Fix] Gracefully return from cancelling pm drafts (Bug #19675)
  • [Fix] Possible login problems with IE7 if browser check is activated (Bug #20135)
  • [Fix] Fix possible database transaction errors if code returns on error and rollback happened (Bug #17025)
    • +
  • [Change] Allow numbers in permission names for modifications, as well as uppercase letters for the request_ part (Bug #20125)

    • 1.i. Changes since 3.0.RC8

    diff --git a/phpBB/includes/functions_module.php b/phpBB/includes/functions_module.php index b55c408b8c..b58993d878 100644 --- a/phpBB/includes/functions_module.php +++ b/phpBB/includes/functions_module.php @@ -59,7 +59,7 @@ class p_master WHERE module_class = '" . $db->sql_escape($this->p_class) . "' ORDER BY left_id ASC"; $result = $db->sql_query($sql); - + $rows = array(); while ($row = $db->sql_fetchrow($result)) { @@ -114,7 +114,7 @@ class p_master unset($this->module_cache['modules'][$key]); continue; } - + $right_id = false; } @@ -147,7 +147,7 @@ class p_master { continue; } - + $right_id = false; } @@ -194,7 +194,7 @@ class p_master $custom_func = '_module_' . $row['module_basename']; $names[$row['module_basename'] . '_' . $row['module_mode']][] = true; - + $module_row = array( 'depth' => $depth, @@ -209,7 +209,7 @@ class p_master 'display' => (int) $row['module_display'], 'url_extra' => (function_exists($url_func)) ? $url_func($row['module_mode'], $row) : '', - + 'lang' => ($row['module_basename'] && function_exists($lang_func)) ? $lang_func($row['module_mode'], $row['module_langname']) : ((!empty($user->lang[$row['module_langname']])) ? $user->lang[$row['module_langname']] : $row['module_langname']), 'langname' => $row['module_langname'], @@ -309,7 +309,7 @@ class p_master break; default: - if (!preg_match('#(?:acl_([a-z_]+)(,\$id)?)|(?:\$id)|(?:aclf_([a-z_]+))|(?:cfg_([a-z_]+))|(?:request_([a-z_]+))#', $token)) + if (!preg_match('#(?:acl_([a-z0-9_]+)(,\$id)?)|(?:\$id)|(?:aclf_([a-z0-9_]+))|(?:cfg_([a-z0-9_]+))|(?:request_([a-zA-Z0-9_]+))#', $token)) { $token = ''; } @@ -325,7 +325,7 @@ class p_master $forum_id = ($forum_id === false) ? $this->acl_forum_id : $forum_id; $is_auth = false; - eval('$is_auth = (int) (' . preg_replace(array('#acl_([a-z_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z_]+)#', '#cfg_([a-z_]+)#', '#request_([a-z_]+)#'), array('(int) $auth->acl_get(\'\\1\'\\2)', '(int) $forum_id', '(int) $auth->acl_getf_global(\'\\1\')', '(int) $config[\'\\1\']', '!empty($_REQUEST[\'\\1\'])'), $module_auth) . ');'); + eval('$is_auth = (int) (' . preg_replace(array('#acl_([a-z0-9_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z0-9_]+)#', '#cfg_([a-z0-9_]+)#', '#request_([a-zA-Z0-9_]+)#'), array('(int) $auth->acl_get(\'\\1\'\\2)', '(int) $forum_id', '(int) $auth->acl_getf_global(\'\\1\')', '(int) $config[\'\\1\']', '!empty($_REQUEST[\'\\1\'])'), $module_auth) . ');'); return $is_auth; } From c7821700dd36899a53b8afe9f859d7a40a23e7b4 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Tue, 29 Jan 2008 15:49:15 +0000 Subject: [PATCH 0038/1780] #19955 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8348 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/common.php | 8 +++- phpBB/docs/CHANGELOG.html | 1 + phpBB/download/file.php | 32 ++++++++-------- phpBB/includes/functions.php | 62 ++++++++++++++++--------------- phpBB/includes/message_parser.php | 8 ++-- phpBB/includes/session.php | 22 +++++------ phpBB/install/index.php | 13 +++++-- phpBB/install/install_install.php | 41 +++++++++++--------- 8 files changed, 103 insertions(+), 84 deletions(-) diff --git a/phpBB/common.php b/phpBB/common.php index ebffd46228..4fca1be2b4 100644 --- a/phpBB/common.php +++ b/phpBB/common.php @@ -131,7 +131,7 @@ if (!defined('PHPBB_INSTALLED')) // Redirect the user to the installer // We have to generate a full HTTP/1.1 header here since we can't guarantee to have any of the information // available as used by the redirect function - $server_name = (!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'); + $server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME')); $server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT'); $secure = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 1 : 0; @@ -150,7 +150,11 @@ if (!defined('PHPBB_INSTALLED')) if ($server_port && (($secure && $server_port <> 443) || (!$secure && $server_port <> 80))) { - $url .= ':' . $server_port; + // HTTP HOST can carry a port number... + if (strpos($server_name, ':') === false) + { + $url .= ':' . $server_port; + } } $url .= $script_path; diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index 1196e2ce7f..d778c0b41c 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -105,6 +105,7 @@
  • [Fix] Possible login problems with IE7 if browser check is activated (Bug #20135)
  • [Fix] Fix possible database transaction errors if code returns on error and rollback happened (Bug #17025)
  • [Change] Allow numbers in permission names for modifications, as well as uppercase letters for the request_ part (Bug #20125)
    • +
  • [Fix] Use HTTP_HOST in favor of SERVER_NAME for determining server url for redirection and installation (Bug #19955)

    • 1.i. Changes since 3.0.RC8

    diff --git a/phpBB/download/file.php b/phpBB/download/file.php index 552c43335e..503c57ee26 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -32,7 +32,7 @@ if (isset($_GET['avatar'])) exit; } unset($dbpasswd); - + // worst-case default $browser = (!empty($_SERVER['HTTP_USER_AGENT'])) ? htmlspecialchars((string) $_SERVER['HTTP_USER_AGENT']) : 'msie 6.0'; @@ -44,7 +44,7 @@ if (isset($_GET['avatar'])) $avatar_group = true; $filename = substr($filename, 1); } - + // '==' is not a bug - . as the first char is as bad as no dot at all if (strpos($filename, '.') == false) { @@ -56,22 +56,22 @@ if (isset($_GET['avatar'])) $db->sql_close(); exit; } - + $ext = substr(strrchr($filename, '.'), 1); $stamp = (int) substr(stristr($filename, '_'), 1); $filename = (int) $filename; - + // let's see if we have to send the file at all $last_load = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? strtotime(trim($_SERVER['HTTP_IF_MODIFIED_SINCE'])) : false; if (strpos(strtolower($browser), 'msie 6.0') === false) { if ($last_load !== false && $last_load <= $stamp) { - if (@php_sapi_name() === 'CGI') + if (@php_sapi_name() === 'CGI') { header('Status: 304 Not Modified', true, 304); - } - else + } + else { header('HTTP/1.0 304 Not Modified', true, 304); } @@ -79,13 +79,13 @@ if (isset($_GET['avatar'])) header('Pragma: public'); header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time() + 31536000)); exit(); - } + } else { header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $stamp) . ' GMT'); } } - + if (!in_array($ext, array('png', 'gif', 'jpg', 'jpeg'))) { // no way such an avatar could exist. They are not following the rules, stop the show. @@ -97,7 +97,7 @@ if (isset($_GET['avatar'])) $db->sql_close(); exit; } - + if (!$filename) { // no way such an avatar could exist. They are not following the rules, stop the show. @@ -280,7 +280,7 @@ else { trigger_error($user->lang['PHYSICAL_DOWNLOAD_NOT_POSSIBLE']); } - + redirect($phpbb_root_path . $config['upload_path'] . '/' . $attachment['physical_filename']); exit; } @@ -467,7 +467,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) { header('Content-Disposition: ' . ((strpos($attachment['mimetype'], 'image') === 0) ? 'inline' : 'attachment') . '; ' . header_filename(htmlspecialchars_decode($attachment['real_filename']))); } - + if ($size) { header("Content-Length: $size"); @@ -556,9 +556,9 @@ function download_allowed() } } } - + // Check for own server... - $server_name = (!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'); + $server_name = $user->host; // Forcing server vars is the only way to specify/override the protocol if ($config['force_server_vars'] || !$server_name) @@ -570,7 +570,7 @@ function download_allowed() { $allowed = true; } - + // Get IP's and Hostnames if (!$allowed) { @@ -620,7 +620,7 @@ function download_allowed() } $db->sql_freeresult($result); } - + return $allowed; } diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 6f11170172..017dfa5c68 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -287,7 +287,7 @@ function phpbb_hash($password) } $random = substr($random, 0, $count); } - + $hash = _hash_crypt_private($password, _hash_gensalt_private($random, $itoa64), $itoa64); if (strlen($hash) == 34) @@ -360,7 +360,7 @@ function _hash_encode64($input, $count, &$itoa64) } $output .= $itoa64[($value >> 12) & 0x3f]; - + if ($i++ >= $count) { break; @@ -836,7 +836,7 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $ unset($tracking_topics['t']); unset($tracking_topics['f']); $tracking_topics['l'] = base_convert(time() - $config['board_startdate'], 10, 36); - + $user->set_cookie('track', tracking_serialize($tracking_topics), time() + 31536000); $_COOKIE[$config['cookie_name'] . '_track'] = (STRIP) ? addslashes(tracking_serialize($tracking_topics)) : tracking_serialize($tracking_topics); @@ -1129,7 +1129,7 @@ function get_topic_tracking($forum_id, $topic_ids, &$rowset, $forum_mark_time, $ { $mark_time[$forum_id] = $forum_mark_time[$forum_id]; } - + $user_lastmark = (isset($mark_time[$forum_id])) ? $mark_time[$forum_id] : $user->data['user_lastmark']; foreach ($topic_ids as $topic_id) @@ -1177,7 +1177,7 @@ function get_complete_topic_tracking($forum_id, $topic_ids, $global_announce_lis $last_read[$row['topic_id']] = $row['mark_time']; } $db->sql_freeresult($result); - + $topic_ids = array_diff($topic_ids, array_keys($last_read)); if (sizeof($topic_ids)) @@ -1188,7 +1188,7 @@ function get_complete_topic_tracking($forum_id, $topic_ids, $global_announce_lis AND forum_id " . (($global_announce_list && sizeof($global_announce_list)) ? "IN (0, $forum_id)" : "= $forum_id"); $result = $db->sql_query($sql); - + $mark_time = array(); while ($row = $db->sql_fetchrow($result)) { @@ -1459,7 +1459,7 @@ function tracking_unserialize($string, $max_depth = 3) break; } break; - + case 2: switch ($string[$i]) { @@ -1477,7 +1477,7 @@ function tracking_unserialize($string, $max_depth = 3) break; } break; - + case 3: switch ($string[$i]) { @@ -1501,7 +1501,7 @@ function tracking_unserialize($string, $max_depth = 3) { die('Invalid data supplied'); } - + return $level; } @@ -1719,7 +1719,7 @@ function generate_board_url($without_script_path = false) { global $config, $user; - $server_name = (!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'); + $server_name = $user->host; $server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT'); // Forcing server vars is the only way to specify/override the protocol @@ -1743,7 +1743,11 @@ function generate_board_url($without_script_path = false) if ($server_port && (($config['cookie_secure'] && $server_port <> 443) || (!$config['cookie_secure'] && $server_port <> 80))) { - $url .= ':' . $server_port; + // HTTP HOST can carry a port number... + if (strpos($server_name, ':') === false) + { + $url .= ':' . $server_port; + } } if (!$without_script_path) @@ -1984,7 +1988,7 @@ function build_url($strip_vars = false) unset($query[$strip]); } } - + // Glue the remaining parts together... already urlencoded foreach ($query as $key => $value) { @@ -2056,7 +2060,7 @@ function check_form_key($form_name, $timespan = false, $return_page = '', $trigg { $minimum_time = (int) $config['form_token_mintime']; } - + if (isset($_POST['creation_time']) && isset($_POST['form_token'])) { $creation_time = abs(request_var('creation_time', 0)); @@ -2067,7 +2071,7 @@ function check_form_key($form_name, $timespan = false, $return_page = '', $trigg if (($diff >= $minimum_time) && (($diff <= $timespan) || $timespan == -1)) { $token_sid = ($user->data['user_id'] == ANONYMOUS && !empty($config['form_token_sid_guests'])) ? $user->session_id : ''; - + $key = sha1($creation_time . $user->data['user_form_salt'] . $form_name . $token_sid); if ($key === $token) { @@ -2365,7 +2369,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa { $err = (!$config['board_contact']) ? sprintf($user->lang[$result['error_msg']], '', '') : sprintf($user->lang[$result['error_msg']], '', ''); } - + break; } } @@ -2502,7 +2506,7 @@ function login_forum_box($forum_data) $template->set_filenames(array( 'body' => 'login_forum.html') ); - + page_footer(); } @@ -2601,10 +2605,10 @@ function parse_cfg_file($filename, $lines = false) { $value = substr($value, 1, sizeof($value)-2); } - + $parsed_items[$key] = $value; } - + return $parsed_items; } @@ -2631,13 +2635,13 @@ function add_log() 'log_operation' => $action, 'log_data' => $data, ); - + switch ($mode) { case 'admin': $sql_ary['log_type'] = LOG_ADMIN; break; - + case 'mod': $sql_ary += array( 'log_type' => LOG_MOD, @@ -2656,7 +2660,7 @@ function add_log() case 'critical': $sql_ary['log_type'] = LOG_CRITICAL; break; - + default: return false; } @@ -2981,9 +2985,9 @@ function msg_handler($errno, $msg_text, $errfile, $errline) echo '
    '; echo '
    '; echo '

    ' . $msg_title . '

    '; - + echo '
    ' . $msg_text . '
    '; - + echo $l_notify; echo '
    '; @@ -2995,7 +2999,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline) echo '
    '; echo ''; echo ''; - + exit_handler(); break; @@ -3045,7 +3049,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline) // We do not want the cron script to be called on error messages define('IN_CRON', true); - + if (defined('IN_ADMIN') && isset($user->data['session_admin']) && $user->data['session_admin']) { adm_page_footer(); @@ -3075,7 +3079,7 @@ function page_header($page_title = '', $display_online_list = true) { return; } - + define('HEADER_INC', true); // gzip_compression @@ -3300,14 +3304,14 @@ function page_header($page_title = '', $display_online_list = true) // Which timezone? $tz = ($user->data['user_id'] != ANONYMOUS) ? strval(doubleval($user->data['user_timezone'])) : strval(doubleval($config['board_timezone'])); - + // Send a proper content-language to the output $user_lang = $user->lang['USER_LANG']; if (strpos($user_lang, '-x-') !== false) { $user_lang = substr($user_lang, 0, strpos($user_lang, '-x-')); } - + // The following assigns all _common_ variables that may be used at any point in a template. $template->assign_vars(array( 'SITENAME' => $config['sitename'], @@ -3453,7 +3457,7 @@ function page_footer($run_cron = true) if (!defined('IN_CRON') && $run_cron && !$config['board_disable']) { $cron_type = ''; - + if (time() - $config['queue_interval'] > $config['last_queue_run'] && !defined('IN_ADMIN') && file_exists($phpbb_root_path . 'cache/queue.' . $phpEx)) { // Process email queue diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index eeaa6d9529..9e4b075818 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -983,7 +983,7 @@ class bbcode_firstpass extends bbcode // Is the user trying to link to a php file in this domain and script path? if (strpos($url, ".{$phpEx}") !== false && strpos($url, $check_path) !== false) { - $server_name = (!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'); + $server_name = $user->host; // Forcing server vars is the only way to specify/override the protocol if ($config['force_server_vars'] || !$server_name) @@ -1084,7 +1084,7 @@ class parse_message extends bbcode_firstpass if ($config['max_' . $mode . '_chars'] > 0) { $msg_len = ($mode == 'post') ? utf8_strlen($this->message) : utf8_strlen(preg_replace('#\[\/?[a-z\*\+\-]+(=[\S]+)?\]#ius', ' ', $this->message)); - + if ((!$msg_len && $mode !== 'sig') || $config['max_' . $mode . '_chars'] && $msg_len > $config['max_' . $mode . '_chars']) { $this->warn_msg[] = (!$msg_len) ? $user->lang['TOO_FEW_CHARS'] : sprintf($user->lang['TOO_MANY_CHARS_' . strtoupper($mode)], $msg_len, $config['max_' . $mode . '_chars']); @@ -1254,7 +1254,7 @@ class parse_message extends bbcode_firstpass $match = $replace = array(); // NOTE: obtain_* function? chaching the table contents? - + // For now setting the ttl to 10 minutes switch ($db->sql_layer) { @@ -1264,7 +1264,7 @@ class parse_message extends bbcode_firstpass FROM ' . SMILIES_TABLE . ' ORDER BY LEN(code) DESC'; break; - + case 'firebird': $sql = 'SELECT * FROM ' . SMILIES_TABLE . ' diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 738cbfa74d..0a80f32933 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -158,7 +158,7 @@ class session $this->update_session_page = $update_session_page; $this->browser = (!empty($_SERVER['HTTP_USER_AGENT'])) ? htmlspecialchars((string) $_SERVER['HTTP_USER_AGENT']) : ''; $this->forwarded_for = (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) ? (string) $_SERVER['HTTP_X_FORWARDED_FOR'] : ''; - $this->host = (!empty($_SERVER['HTTP_HOST'])) ? (string) $_SERVER['HTTP_HOST'] : 'localhost'; + $this->host = (!empty($_SERVER['HTTP_HOST'])) ? (string) strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME')); $this->page = $this->extract_current_page($phpbb_root_path); // if the forwarded for header shall be checked we have to validate its contents @@ -649,7 +649,7 @@ class session $this->set_cookie('sid', $this->session_id, $cookie_expire); unset($cookie_expire); - + $sql = 'SELECT COUNT(session_id) AS sessions FROM ' . SESSIONS_TABLE . ' WHERE session_user_id = ' . (int) $this->data['user_id'] . ' @@ -777,7 +777,7 @@ class session global $db, $config; $batch_size = 10; - + if (!$this->time_now) { $this->time_now = time(); @@ -825,7 +825,7 @@ class session // Less than 10 users, update gc timer ... else we want gc // called again to delete other sessions set_config('session_last_gc', $this->time_now, true); - + if ($config['max_autologin_time']) { $sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . ' @@ -834,14 +834,14 @@ class session } $this->confirm_gc(); } - + return; } - + function confirm_gc($type = 0) { global $db, $config; - + $sql = 'SELECT DISTINCT c.session_id FROM ' . CONFIRM_TABLE . ' c LEFT JOIN ' . SESSIONS_TABLE . ' s ON (c.session_id = s.session_id) @@ -867,8 +867,8 @@ class session } $db->sql_freeresult($result); } - - + + /** * Sets a cookie * @@ -1481,7 +1481,7 @@ class user extends session $sql = 'SELECT image_name, image_filename, image_lang, image_height, image_width FROM ' . STYLES_IMAGESET_DATA_TABLE . ' WHERE imageset_id = ' . $this->theme['imageset_id'] . " - AND image_filename <> '' + AND image_filename <> '' AND image_lang IN ('" . $db->sql_escape($this->img_lang) . "', '')"; $result = $db->sql_query($sql, 3600); @@ -1891,7 +1891,7 @@ class user extends session default: $use_width = ($width === false) ? $img_data['width'] : $width; - + return '' . $alt . ''; break; } diff --git a/phpBB/install/index.php b/phpBB/install/index.php index 60265d5a29..bbf7fe34d3 100755 --- a/phpBB/install/index.php +++ b/phpBB/install/index.php @@ -450,7 +450,7 @@ class module global $db, $template; $template->display('body'); - + // Close our DB connection. if (!empty($db) && is_object($db)) { @@ -493,7 +493,8 @@ class module */ function redirect($page) { - $server_name = (!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'); + // HTTP_HOST is having the correct browser url in most cases... + $server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME')); $server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT'); $secure = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 1 : 0; @@ -511,7 +512,11 @@ class module if ($server_port && (($secure && $server_port <> 443) || (!$secure && $server_port <> 80))) { - $url .= ':' . $server_port; + // HTTP HOST can carry a port number... + if (strpos($server_name, ':') === false) + { + $url .= ':' . $server_port; + } } $url .= $script_path . '/' . $page; @@ -535,7 +540,7 @@ class module $l_cat = (!empty($lang['CAT_' . $cat])) ? $lang['CAT_' . $cat] : preg_replace('#_#', ' ', $cat); $cat = strtolower($cat); $url = $this->module_url . "?mode=$cat&language=$language"; - + if ($this->mode == $cat) { $template->assign_block_vars('t_block1', array( diff --git a/phpBB/install/install_install.php b/phpBB/install/install_install.php index bce3cec730..b942f01b8c 100755 --- a/phpBB/install/install_install.php +++ b/phpBB/install/install_install.php @@ -77,7 +77,7 @@ class install_install extends module case 'database': $this->obtain_database_settings($mode, $sub); - + break; case 'administrator': @@ -87,7 +87,7 @@ class install_install extends module case 'config_file': $this->create_config_file($mode, $sub); - + break; case 'advanced': @@ -105,7 +105,7 @@ class install_install extends module $this->add_language($mode, $sub); $this->add_bots($mode, $sub); $this->email_admin($mode, $sub); - + // Remove the lock file @unlink($phpbb_root_path . 'cache/install_lock'); @@ -184,8 +184,8 @@ class install_install extends module 'S_EXPLAIN' => true, 'S_LEGEND' => false, )); - - + + // Check for url_fopen if (@ini_get('allow_url_fopen') == '1' || strtolower(@ini_get('allow_url_fopen')) == 'on') { @@ -204,8 +204,8 @@ class install_install extends module 'S_EXPLAIN' => true, 'S_LEGEND' => false, )); - - + + // Check for getimagesize if (@function_exists('getimagesize')) { @@ -802,7 +802,7 @@ class install_install extends module $s_hidden_fields .= ''; } } - + $s_hidden_fields .= ($data['img_imagick']) ? '' : ''; $s_hidden_fields .= ''; @@ -907,7 +907,7 @@ class install_install extends module $config_data .= "// @define('DEBUG', true);\n"; $config_data .= "// @define('DEBUG_EXTRA', true);\n"; $config_data .= '?' . '>'; // Done this to prevent highlighting editors getting confused! - + // Attempt to write out the config file directly. If it works, this is the easiest way to do it ... if ((file_exists($phpbb_root_path . 'config.' . $phpEx) && is_writable($phpbb_root_path . 'config.' . $phpEx)) || is_writable($phpbb_root_path)) { @@ -1018,8 +1018,11 @@ class install_install extends module $s_hidden_fields = ($data['img_imagick']) ? '' : ''; $s_hidden_fields .= ''; + // HTTP_HOST is having the correct browser url in most cases... + $server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME')); + $data['email_enable'] = ($data['email_enable'] !== '') ? $data['email_enable'] : true; - $data['server_name'] = ($data['server_name'] !== '') ? $data['server_name'] : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME')); + $data['server_name'] = ($data['server_name'] !== '') ? $data['server_name'] : $server_name; $data['server_port'] = ($data['server_port'] !== '') ? $data['server_port'] : ((!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT')); $data['server_protocol'] = ($data['server_protocol'] !== '') ? $data['server_protocol'] : ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 'https://' : 'http://'); $data['cookie_secure'] = ($data['cookie_secure'] !== '') ? $data['cookie_secure'] : ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? true : false); @@ -1109,7 +1112,9 @@ class install_install extends module $this->p_master->redirect("index.$phpEx?mode=install"); } - $cookie_domain = ($data['server_name'] != '') ? $data['server_name'] : (!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'); + // HTTP_HOST is having the correct browser url in most cases... + $server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME')); + $cookie_domain = ($data['server_name'] != '') ? $data['server_name'] : $server_name; // Try to come up with the best solution for cookie domain... if (strpos($cookie_domain, 'www.') === 0) @@ -1314,11 +1319,11 @@ class install_install extends module 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '" . $db->sql_escape($data['admin_name']) . "' WHERE config_name = 'newest_username'", - + 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '" . md5(mt_rand()) . "' WHERE config_name = 'avatar_salt'", - + 'UPDATE ' . $data['table_prefix'] . "users SET username = '" . $db->sql_escape($data['admin_name']) . "', user_password='" . $db->sql_escape(md5($data['admin_pass1'])) . "', user_ip = '" . $db->sql_escape($user_ip) . "', user_lang = '" . $db->sql_escape($data['default_lang']) . "', user_email='" . $db->sql_escape($data['board_email1']) . "', user_dateformat='" . $db->sql_escape($lang['default_dateformat']) . "', user_email_hash = " . (crc32($data['board_email1']) . strlen($data['board_email1'])) . ", username_clean = '" . $db->sql_escape(utf8_clean_string($data['admin_name'])) . "' WHERE username = 'Admin'", @@ -1577,7 +1582,7 @@ class install_install extends module $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); - + $_module->move_module_by($row, 'move_up', 4); // Move permissions intro screen module 4 up... @@ -1589,7 +1594,7 @@ class install_install extends module $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); - + $_module->move_module_by($row, 'move_up', 4); // Move manage users screen module 5 up... @@ -1601,7 +1606,7 @@ class install_install extends module $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); - + $_module->move_module_by($row, 'move_up', 5); } @@ -1616,7 +1621,7 @@ class install_install extends module $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); - + $_module->move_module_by($row, 'move_down', 4); } @@ -1841,7 +1846,7 @@ class install_install extends module 'user_dateformat' => $lang['default_dateformat'], 'user_allow_massemail' => 0, ); - + $user_id = user_add($user_row); if (!$user_id) From 325ff1fa1b0f75b7da6a6abbc9d6bbf032bcdedf Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Wed, 30 Jan 2008 16:01:15 +0000 Subject: [PATCH 0039/1780] One commit for those fixes having a very tiny impact (mostly only whitespaces or forgotten spans, etc.) Although i somehow mistakingly got #20445 and #15249 into it. :/ Removing s_watching_img from watch_topic_forum() function (Bug #20445) Changing order for post review if more than one post affected (Bug #15249) Language typos/fixes (Bug #20425, #15719, #15429, #14669, #13479) Style/Template fixes (Bug #20065, #19405, #19205, #15028, #14934, #14821, #14752, #14497, #13707, #14738) Tiny code fixes (Bug #20165, #20025, #19795, #14804) git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8350 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/adm/style/acp_language.html | 2 + phpBB/adm/style/colour_swatch.html | 4 +- phpBB/adm/style/install_update_diff.html | 4 +- phpBB/docs/CHANGELOG.html | 5 ++ phpBB/docs/hook_system.html | 4 +- phpBB/includes/acp/acp_attachments.php | 28 +++++----- phpBB/includes/acp/acp_board.php | 8 +-- phpBB/includes/acp/acp_search.php | 4 +- phpBB/includes/acp/acp_users.php | 56 +++++++++---------- phpBB/includes/diff/renderer.php | 10 ++-- phpBB/includes/functions.php | 12 ++-- phpBB/includes/functions_content.php | 16 +++--- phpBB/includes/functions_display.php | 6 +- phpBB/includes/functions_module.php | 6 +- phpBB/includes/functions_posting.php | 13 +++-- phpBB/includes/functions_privmsgs.php | 20 +++---- phpBB/includes/functions_user.php | 42 +++++++------- phpBB/includes/ucp/ucp_pm.php | 2 +- phpBB/includes/ucp/ucp_prefs.php | 2 +- phpBB/install/install_update.php | 6 +- phpBB/language/en/acp/common.php | 40 ++++++------- phpBB/language/en/acp/permissions_phpbb.php | 4 +- phpBB/language/en/acp/posting.php | 10 ++-- phpBB/language/en/help_faq.php | 2 +- phpBB/language/en/mcp.php | 6 +- phpBB/language/en/posting.php | 2 +- phpBB/posting.php | 10 ++-- .../styles/prosilver/template/index_body.html | 2 +- .../styles/prosilver/template/login_body.html | 2 +- .../prosilver/template/mcp_warn_list.html | 4 +- .../prosilver/template/overall_header.html | 4 +- .../prosilver/template/ucp_groups_manage.html | 2 +- .../prosilver/template/ucp_main_front.html | 4 +- .../template/ucp_pm_viewmessage_print.html | 4 +- .../prosilver/template/viewforum_body.html | 2 +- .../subsilver2/template/login_body.html | 4 +- .../subsilver2/template/overall_header.html | 2 +- .../subsilver2/template/posting_body.html | 2 +- .../subsilver2/template/ucp_resend.html | 2 +- .../subsilver2/template/viewtopic_body.html | 3 +- phpBB/viewforum.php | 12 ++-- phpBB/viewtopic.php | 14 +++-- 42 files changed, 199 insertions(+), 188 deletions(-) diff --git a/phpBB/adm/style/acp_language.html b/phpBB/adm/style/acp_language.html index 815ebb024a..95ac1d5852 100644 --- a/phpBB/adm/style/acp_language.html +++ b/phpBB/adm/style/acp_language.html @@ -121,9 +121,11 @@ diff --git a/phpBB/adm/style/colour_swatch.html b/phpBB/adm/style/colour_swatch.html index f3c5a812dc..c9e89980d8 100644 --- a/phpBB/adm/style/colour_swatch.html +++ b/phpBB/adm/style/colour_swatch.html @@ -8,7 +8,7 @@ {L_COLOUR_SWATCH} diff --git a/phpBB/adm/style/install_update_diff.html b/phpBB/adm/style/install_update_diff.html index b9ac19ae5d..efbe1d045c 100644 --- a/phpBB/adm/style/install_update_diff.html +++ b/phpBB/adm/style/install_update_diff.html @@ -32,7 +32,7 @@ function resize_panel() diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index d778c0b41c..77656accab 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -106,6 +106,11 @@
  • [Fix] Fix possible database transaction errors if code returns on error and rollback happened (Bug #17025)
  • [Change] Allow numbers in permission names for modifications, as well as uppercase letters for the request_ part (Bug #20125)
  • [Fix] Use HTTP_HOST in favor of SERVER_NAME for determining server url for redirection and installation (Bug #19955)
    • +
  • Removing s_watching_img from watch_topic_forum() function (Bug #20445)
    • +
  • Changing order for post review if more than one post affected (Bug #15249)
    • +
  • Language typos/fixes (Bug #20425, #15719, #15429, #14669, #13479)
    • +
  • Style/Template fixes (Bug #20065, #19405, #19205, #15028, #14934, #14821, #14752, #14497, #13707, #14738)
    • +
  • Tiny code fixes (Bug #20165, #20025, #19795, #14804)

    • 1.i. Changes since 3.0.RC8

    diff --git a/phpBB/docs/hook_system.html b/phpBB/docs/hook_system.html index b7fd702987..565e0096fc 100644 --- a/phpBB/docs/hook_system.html +++ b/phpBB/docs/hook_system.html @@ -14,7 +14,7 @@ phpBB3 • Hook System diff --git a/phpBB/includes/acp/acp_attachments.php b/phpBB/includes/acp/acp_attachments.php index 08b5f863e0..4d403df93b 100644 --- a/phpBB/includes/acp/acp_attachments.php +++ b/phpBB/includes/acp/acp_attachments.php @@ -23,7 +23,7 @@ class acp_attachments { var $u_action; var $new_config; - + function main($id, $mode) { global $db, $user, $auth, $template, $cache; @@ -56,7 +56,7 @@ class acp_attachments case 'ext_groups': $l_title = 'ACP_EXTENSION_GROUPS'; break; - + case 'orphan': $l_title = 'ACP_ORPHAN_ATTACHMENTS'; break; @@ -212,7 +212,7 @@ class acp_attachments // Secure Download Options - Same procedure as with banning $allow_deny = ($this->new_config['secure_allow_deny']) ? 'ALLOWED' : 'DISALLOWED'; - + $sql = 'SELECT * FROM ' . SITELIST_TABLE; $result = $db->sql_query($sql); @@ -282,7 +282,7 @@ class acp_attachments 'CONTENT' => build_cfg_template($type, $config_key, $this->new_config, $config_key, $vars), ) ); - + unset($display_vars['vars'][$config_key]); } @@ -334,7 +334,7 @@ class acp_attachments FROM ' . EXTENSIONS_TABLE . ' WHERE ' . $db->sql_in_set('extension_id', $extension_id_list); $result = $db->sql_query($sql); - + $extension_list = ''; while ($row = $db->sql_fetchrow($result)) { @@ -364,7 +364,7 @@ class acp_attachments FROM ' . EXTENSIONS_TABLE . " WHERE extension = '" . $db->sql_escape($add_extension) . "'"; $result = $db->sql_query($sql); - + if ($row = $db->sql_fetchrow($result)) { $error[] = sprintf($user->lang['EXTENSION_EXIST'], $add_extension); @@ -603,7 +603,7 @@ class acp_attachments SET group_id = 0 WHERE group_id = $group_id"; $db->sql_query($sql); - + add_log('admin', 'LOG_ATTACH_EXTGROUP_DEL', $group_name); $cache->destroy('_extensions'); @@ -900,7 +900,7 @@ class acp_attachments $upload_list = array(); foreach ($add_files as $attach_id) { - if (!in_array($attach_id, array_keys($delete_files)) && !empty($post_ids[$attach_id])) + if (!isset($delete_files[$attach_id]) && !empty($post_ids[$attach_id])) { $upload_list[$attach_id] = $post_ids[$attach_id]; } @@ -1050,7 +1050,7 @@ class acp_attachments ATTACHMENT_CATEGORY_FLASH => $user->lang['CAT_FLASH_FILES'], ATTACHMENT_CATEGORY_QUICKTIME => $user->lang['CAT_QUICKTIME_FILES'], ); - + if ($group_id) { $sql = 'SELECT cat_id @@ -1066,7 +1066,7 @@ class acp_attachments { $cat_type = ATTACHMENT_CATEGORY_NONE; } - + $group_select = ''; $sql = 'SELECT group_id, group_name @@ -1104,7 +1104,7 @@ class acp_attachments $row['group_id'] = 0; $row['group_name'] = $user->lang['NOT_ASSIGNED']; $group_name[] = $row; - + for ($i = 0; $i < sizeof($group_name); $i++) { if ($default_group === false) @@ -1138,7 +1138,7 @@ class acp_attachments if (empty($magic_home)) { $locations = array('C:/WINDOWS/', 'C:/WINNT/', 'C:/WINDOWS/SYSTEM/', 'C:/WINNT/SYSTEM/', 'C:/WINDOWS/SYSTEM32/', 'C:/WINNT/SYSTEM32/', '/usr/bin/', '/usr/sbin/', '/usr/local/bin/', '/usr/local/sbin/', '/opt/', '/usr/imagemagick/', '/usr/bin/imagemagick/'); - $path_locations = str_replace('\\', '/', (explode(($exe) ? ';' : ':', getenv('PATH')))); + $path_locations = str_replace('\\', '/', (explode(($exe) ? ';' : ':', getenv('PATH')))); $locations = array_merge($path_locations, $locations); @@ -1352,7 +1352,7 @@ class acp_attachments $db->sql_query($sql); } } - + if (!empty($ip_list_log)) { // Update log diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 4d467b6895..455719110e 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -127,7 +127,7 @@ class acp_board 'pm_max_msgs' => array('lang' => 'BOXES_LIMIT', 'validate' => 'int', 'type' => 'text:4:4', 'explain' => true), 'full_folder_action' => array('lang' => 'FULL_FOLDER_ACTION', 'validate' => 'int', 'type' => 'select', 'method' => 'full_folder_select', 'explain' => true), 'pm_edit_time' => array('lang' => 'PM_EDIT_TIME', 'validate' => 'int', 'type' => 'text:5:5', 'explain' => true, 'append' => ' ' . $user->lang['MINUTES']), - + 'legend2' => 'GENERAL_OPTIONS', 'allow_mass_pm' => array('lang' => 'ALLOW_MASS_PM', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), 'auth_bbcode_pm' => array('lang' => 'ALLOW_BBCODE_PM', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), @@ -269,7 +269,7 @@ class acp_board 'load_jumpbox' => array('lang' => 'YES_JUMPBOX', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), 'load_user_activity' => array('lang' => 'LOAD_USER_ACTIVITY', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'load_tplcompile' => array('lang' => 'RECOMPILE_STYLES', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), - + 'legend3' => 'CUSTOM_PROFILE_FIELDS', 'load_cpf_memberlist' => array('lang' => 'LOAD_CPF_MEMBERLIST', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), 'load_cpf_viewprofile' => array('lang' => 'LOAD_CPF_VIEWPROFILE', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), @@ -564,7 +564,7 @@ class acp_board 'CONTENT' => build_cfg_template($type, $config_key, $this->new_config, $config_key, $vars), ) ); - + unset($display_vars['vars'][$config_key]); } @@ -795,7 +795,7 @@ class acp_board } $dateformat_options .= '