diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index b94fe247dd..f6e63196ee 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -52,6 +52,7 @@
  • Changes since 3.2.0-a2
  • Changes since 3.2.0-a1
  • Changes since 3.1.x
    • +
  • Changes since 3.1.7-PL1
  • Changes since 3.1.7
  • Changes since 3.1.6
  • Changes since 3.1.5
    • @@ -116,7 +117,7 @@
    -
    +

    Changes since 3.2.0-a2

    Bug

    @@ -437,6 +438,42 @@
  • [PHPBB3-14265] - Make all tables available in the container
    • +

    Changes since 3.1.7-PL1

    + +

    Bug

    +
      +
    • [PHPBB3-12441] - Database-size in ACP missing after update MariaDB from 5.5 to 10.0
      • +
    • [PHPBB3-12618] - Extension Version Check does not support https
      • +
    • [PHPBB3-13180] - Increase the field size of date format to allow more syntax for other calendars
      • +
    • [PHPBB3-13908] - After clause in migration add_column schema tool not honored
      • +
    • [PHPBB3-14046] - Instant message (jabber) dialog says message sent on the creation screen
      • +
    • [PHPBB3-14303] - Some changes for UTF-8 variant on language pack?
      • +
    • [PHPBB3-14374] - Update dynamically generated jquery CDN script tag
      • +
    • [PHPBB3-14386] - open_basedir restriction in effect with remote upload avatar
      • +
    • [PHPBB3-14387] - Extend avatar-driver by extension in ACP not possible
      • +
    • [PHPBB3-14394] - Only purge cache in functional tests if necessary
      • +
    • [PHPBB3-14396] - Use VCHAR_UNI instead of VCHAR for user_dateformat
      • +
    • [PHPBB3-14397] - Fix @since tag in event 'core.ucp_prefs_view_after'
      • +
    • [PHPBB3-14403] - phpbb\log should still work even when no user data is given
      • +
    • [PHPBB3-14407] - Users not being removed from Newly Registered Users group
      • +
    • [PHPBB3-14409] - Update session page info before displaying online list
      • +
    • [PHPBB3-14411] - Delete permanently is not working as it should be
      • +
    • [PHPBB3-14423] - Display database size for Aria storage engine
      • +
    • [PHPBB3-14425] - Database tests do not allow using socket
      • +
    • [PHPBB3-14427] - Memberlist Display Wrong
      • +
    • [PHPBB3-14433] - Functional tests fail for extensions
      • +
    • [PHPBB3-14439] - Error page shown in Manage users -> Anonymous -> Select Form -> Avatar when board wide all avatar settings are disabled
      • +
    • [PHPBB3-14467] - Automatic resize of textarea calculates wrong height
      • +
    • [PHPBB3-14475] - Do not log removal of users from newly registered group
      • +
    +

    Improvement

    +
      +
    • [PHPBB3-14289] - Add events in navbar header
      • +
    • [PHPBB3-14356] - Add template events to viewtopic around back2top link
      • +
    • [PHPBB3-14412] - Comment fixes for PHPDoc in the events
      • +
    • [PHPBB3-14458] - Explicitly state RewriteBase into .htaccess root file
      • +
    +

    Changes since 3.1.7

    Security Issue

    diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 422faaa89e..54ff51dda5 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -4146,6 +4146,8 @@ function page_header($page_title = '', $display_online_list = false, $item_id = } } + $user->update_session_infos(); + // Generate logged in/logged out status if ($user->data['user_id'] != ANONYMOUS) { @@ -4577,8 +4579,6 @@ function page_footer($run_cron = true, $display_template = true, $exit_handler = return; } - $user->update_session_infos(); - phpbb_check_and_display_sql_report($request, $auth, $db); $template->assign_vars(array( diff --git a/phpBB/includes/functions_acp.php b/phpBB/includes/functions_acp.php index d710d984b7..dc43957933 100644 --- a/phpBB/includes/functions_acp.php +++ b/phpBB/includes/functions_acp.php @@ -55,6 +55,8 @@ function adm_page_header($page_title) return; } + $user->update_session_infos(); + // gzip_compression if ($config['gzip_compress']) { @@ -166,8 +168,6 @@ function adm_page_footer($copyright_html = true) return; } - $user->update_session_infos(); - phpbb_check_and_display_sql_report($request, $auth, $db); $template->assign_vars(array( diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index e1c687551b..bbf00735af 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -2764,7 +2764,7 @@ function group_user_add($group_id, $user_id_ary = false, $username_ary = false, * * @return false if no errors occurred, else the user lang string for the relevant error, for example 'NO_USER' */ -function group_user_del($group_id, $user_id_ary = false, $username_ary = false, $group_name = false) +function group_user_del($group_id, $user_id_ary = false, $username_ary = false, $group_name = false, $log_action = true) { global $db, $auth, $config, $user, $phpbb_dispatcher, $phpbb_container, $phpbb_log; @@ -2899,16 +2899,19 @@ function group_user_del($group_id, $user_id_ary = false, $username_ary = false, $vars = array('group_id', 'group_name', 'user_id_ary', 'username_ary'); extract($phpbb_dispatcher->trigger_event('core.group_delete_user_after', compact($vars))); - if (!$group_name) + if ($log_action) { - $group_name = get_group_name($group_id); - } + if (!$group_name) + { + $group_name = get_group_name($group_id); + } - $log = 'LOG_GROUP_REMOVE'; + $log = 'LOG_GROUP_REMOVE'; - if ($group_name) - { - $phpbb_log->add('admin', $user->data['user_id'], $user->ip, $log, false, array($group_name, implode(', ', $username_ary))); + if ($group_name) + { + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, $log, false, array($group_name, implode(', ', $username_ary))); + } } group_update_listings($group_id); @@ -3555,8 +3558,8 @@ function remove_newly_registered($user_id, $user_data = false) } // We need to call group_user_del here, because this function makes sure everything is correctly changed. - // A downside for a call within the session handler is that the language is not set up yet - so no log entry - group_user_del($group_id, $user_id); + // Force function to not log the removal of users from newly registered users group + group_user_del($group_id, $user_id, false, false, false); // Set user_new to 0 to let this not be triggered again $sql = 'UPDATE ' . USERS_TABLE . ' diff --git a/phpBB/phpbb/db/migration/data/v31x/v318rc1.php b/phpBB/phpbb/db/migration/data/v31x/v318rc1.php new file mode 100644 index 0000000000..8bae95c7d6 --- /dev/null +++ b/phpBB/phpbb/db/migration/data/v31x/v318rc1.php @@ -0,0 +1,32 @@ + +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb\db\migration\data\v31x; + +class v318rc1 extends \phpbb\db\migration\migration +{ + static public function depends_on() + { + return array( + '\phpbb\db\migration\data\v31x\increase_size_of_dateformat', + '\phpbb\db\migration\data\v31x\v317pl1', + ); + } + + public function update_data() + { + return array( + array('config.update', array('version', '3.1.8-RC1')), + ); + } +} diff --git a/phpBB/phpbb/session.php b/phpBB/phpbb/session.php index 3f7146c59b..12031bda03 100644 --- a/phpBB/phpbb/session.php +++ b/phpBB/phpbb/session.php @@ -1600,6 +1600,8 @@ class session $db->sql_return_on_error(false); + $this->data = array_merge($this->data, $sql_ary); + if ($this->data['user_id'] != ANONYMOUS && !empty($config['new_member_post_limit']) && $this->data['user_new'] && $config['new_member_post_limit'] <= $this->data['user_posts']) { $this->leave_newly_registered(); diff --git a/phpBB/viewonline.php b/phpBB/viewonline.php index 765599f165..e8698d9916 100644 --- a/phpBB/viewonline.php +++ b/phpBB/viewonline.php @@ -88,6 +88,8 @@ if ($mode == 'whois' && $auth->acl_get('a_') && $session_id) page_footer(); } +$user->update_session_infos(); + // Forum info $sql_ary = array( 'SELECT' => 'f.forum_id, f.forum_name, f.parent_id, f.forum_type, f.left_id, f.right_id',