Merge remote-tracking branch 'phpbb/develop' into ticket/11574

* phpbb/develop: (130 commits)
  [ticket/11638] Changed the layout to match the other similar commits
  [ticket/11640] removed the space that I wonder what it was doing there.
  [ticket/11749] Move event after all template data has been defined
  [ticket/10917] Variable used only once so delete it
  [ticket/10917] Revert use of phpbb wrapper
  [ticket/11749] Template events for topic_list_row_pre/append
  [ticket/11749] PHP Events for viewforum.php
  [ticket/11749] PHP Events for search.php
  [ticket/11740] Update FAQ to include Ideas Centre
  [ticket/11062] If user's language is english there is no further work needed
  [ticket/11062] Load new strings from user's language file if provided
  [ticket/10917] Using phpbb wrapper
  [ticket/10917] Fixed notice that files are out of date when updating to an unreleased version
  [ticket/11741] Fix empty brackets and remove bullet
  [ticket/11638] Removed the unneeded reset.
  [ticket/11638] Use the $parse_flags like the other commits
  [ticket/11638] Reverted to use the $parse tags way as the other ones
  [ticket/11638] Updated: bitwise $parse_flags use optionset()
  [ticket/11656] Made the check for the bitfield just like other PR's
  [ticket/11667] Use @inheritdoc
  ...

phpBB/adm/style/ajax.js

@@ -127,8 +127,10 @@ phpbb.addAjaxCallback('activate_deactivate', function(res) {
  * The removes the parent row of the link or form that triggered the callback,
  * and is good for stuff like the removal of forums.
  */
-phpbb.addAjaxCallback('row_delete', function() {
+phpbb.addAjaxCallback('row_delete', function(res) {
-	$(this).parents('tr').remove();
+	if (res.SUCCESS !== false) {
+		$(this).parents('tr').remove();
+	}
 });
 
 

phpBB/config/services.yml

@@ -8,6 +8,12 @@ imports:
     - { resource: auth_providers.yml }
 
 services:
+    acl.permissions:
+        class: phpbb_permissions
+        arguments:
+            - @dispatcher
+            - @user
+
     auth:
         class: phpbb_auth
 
@@ -239,6 +245,9 @@ services:
             - %tables.notifications%
             - %tables.user_notifications%
 
+    php_ini:
+        class: phpbb_php_ini
+
     request:
         class: phpbb_request
 

phpBB/docs/events.md

@@ -114,6 +114,24 @@ simple_footer_after
 * Location: styles/prosilver/template/simple_footer.html
 * Purpose: Add content directly prior to the `</body>` tag of the simple footer
 
+topiclist_row_prepend
+===
+* Locations:
+    + styles/prosilver/template/search_results.html
+    + styles/prosilver/template/viewforum_body.html
+    + styles/subsilver2/template/search_results.html
+    + styles/subsilver2/template/viewforum_body.html
+* Purpose: Add content into topic rows (inside the elements containing topic titles)
+
+topiclist_row_append
+===
+* Locations:
+    + styles/prosilver/template/search_results.html
+    + styles/prosilver/template/viewforum_body.html
+    + styles/subsilver2/template/search_results.html
+    + styles/subsilver2/template/viewforum_body.html
+* Purpose: Add content into topic rows (inside the elements containing topic titles)
+
 ucp_pm_viewmessage_print_head_append
 ===
 * Location: styles/prosilver/template/ucp_pm_viewmessage_print.html

phpBB/download/file.php

@@ -41,7 +41,7 @@ if (isset($_GET['avatar']))
 		exit;
 	}
 
-	require($phpbb_root_path . 'includes/class_loader.' . $phpEx);
+	require($phpbb_root_path . 'phpbb/class_loader.' . $phpEx);
 
 	require($phpbb_root_path . 'includes/constants.' . $phpEx);
 	require($phpbb_root_path . 'includes/functions.' . $phpEx);
@@ -50,7 +50,7 @@ if (isset($_GET['avatar']))
 	require($phpbb_root_path . 'includes/utf/utf_tools.' . $phpEx);
 
 	// Setup class loader first
-	$phpbb_class_loader = new phpbb_class_loader('phpbb_', "{$phpbb_root_path}includes/", $phpEx);
+	$phpbb_class_loader = new phpbb_class_loader('phpbb_', "{$phpbb_root_path}phpbb/", $phpEx);
 	$phpbb_class_loader->register();
 	$phpbb_class_loader_ext = new phpbb_class_loader('phpbb_ext_', "{$phpbb_root_path}ext/", $phpEx);
 	$phpbb_class_loader_ext->register();

phpBB/includes/acp/acp_modules.php

@@ -379,6 +379,7 @@ class acp_modules
 				$json_response->send(array(
 					'MESSAGE_TITLE'	=> $user->lang('ERROR'),
 					'MESSAGE_TEXT'	=> implode('<br />', $errors),
+					'SUCCESS'	=> false,
 				));
 			}
 

phpBB/includes/acp/acp_permission_roles.php

@@ -25,7 +25,7 @@ class acp_permission_roles
 
 	function main($id, $mode)
 	{
-		global $db, $user, $auth, $template, $cache;
+		global $db, $user, $auth, $template, $cache, $phpbb_container;
 		global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;
 
 		include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
@@ -306,6 +306,8 @@ class acp_permission_roles
 					trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
 				}
 
+				$phpbb_permissions = $phpbb_container->get('acl.permissions');
+
 				$template->assign_vars(array(
 					'S_EDIT'			=> true,
 
@@ -314,9 +316,8 @@ class acp_permission_roles
 
 					'ROLE_NAME'			=> $role_row['role_name'],
 					'ROLE_DESCRIPTION'	=> $role_row['role_description'],
-					'L_ACL_TYPE'		=> $user->lang['ACL_TYPE_' . strtoupper($permission_type)],
+					'L_ACL_TYPE'		=> $phpbb_permissions->get_type_lang($permission_type),
-					)
+				));
-				);
 
 				// We need to fill the auth options array with ACL_NO options ;)
 				$sql = 'SELECT auth_option_id, auth_option
@@ -456,7 +457,9 @@ class acp_permission_roles
 	*/
 	function display_auth_options($auth_options)
 	{
-		global $template, $user;
+		global $template, $user, $phpbb_container;
+
+		$phpbb_permissions = $phpbb_container->get('acl.permissions');
 
 		$content_array = $categories = array();
 		$key_sort_array = array(0);
@@ -473,7 +476,7 @@ class acp_permission_roles
 		foreach ($content_array as $cat => $cat_array)
 		{
 			$template->assign_block_vars('auth', array(
-				'CAT_NAME'	=> $user->lang['permission_cat'][$cat],
+				'CAT_NAME'	=> $phpbb_permissions->get_category_lang($cat),
 
 				'S_YES'		=> ($cat_array['S_YES'] && !$cat_array['S_NEVER'] && !$cat_array['S_NO']) ? true : false,
 				'S_NEVER'	=> ($cat_array['S_NEVER'] && !$cat_array['S_YES'] && !$cat_array['S_NO']) ? true : false,
@@ -488,8 +491,8 @@ class acp_permission_roles
 					'S_NO'		=> ($allowed == ACL_NO) ? true : false,
 
 					'FIELD_NAME'	=> $permission,
-					'PERMISSION'	=> $user->lang['acl_' . $permission]['lang'])
+					'PERMISSION'	=> $phpbb_permissions->get_permission_lang($permission),
-				);
+				));
 			}
 		}
 	}

phpBB/includes/acp/acp_permissions.php

@@ -22,15 +22,18 @@ class acp_permissions
 {
 	var $u_action;
 	var $permission_dropdown;
+	protected $permissions;
 
 	function main($id, $mode)
 	{
-		global $db, $user, $auth, $template, $cache;
+		global $db, $user, $auth, $template, $cache, $phpbb_container;
 		global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;
 
 		include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
 		include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
 
+		$this->permissions = $phpbb_container->get('acl.permissions');
+
 		$auth_admin = new auth_admin();
 
 		$user->add_lang('acp/permissions');
@@ -49,7 +52,7 @@ class acp_permissions
 
 			if ($user_id && isset($auth_admin->acl_options['id'][$permission]) && $auth->acl_get('a_viewauth'))
 			{
-				$this->page_title = sprintf($user->lang['TRACE_PERMISSION'], $user->lang['acl_' . $permission]['lang']);
+				$this->page_title = sprintf($user->lang['TRACE_PERMISSION'], $this->permissions->get_permission_lang($permission));
 				$this->permission_trace($user_id, $forum_id, $permission);
 				return;
 			}
@@ -512,7 +515,7 @@ class acp_permissions
 
 		$template->assign_vars(array(
 			'S_PERMISSION_DROPDOWN'		=> (sizeof($this->permission_dropdown) > 1) ? $this->build_permission_dropdown($this->permission_dropdown, $permission_type, $permission_scope) : false,
-			'L_PERMISSION_TYPE'			=> $user->lang['ACL_TYPE_' . strtoupper($permission_type)],
+			'L_PERMISSION_TYPE'			=> $this->permissions->get_type_lang($permission_type),
 
 			'U_ACTION'					=> $this->u_action,
 			'S_HIDDEN_FIELDS'			=> $s_hidden_fields)
@@ -587,7 +590,7 @@ class acp_permissions
 	*/
 	function build_permission_dropdown($options, $default_option, $permission_scope)
 	{
-		global $user, $auth;
+		global $auth;
 
 		$s_dropdown_options = '';
 		foreach ($options as $setting)
@@ -598,7 +601,7 @@ class acp_permissions
 			}
 
 			$selected = ($setting == $default_option) ? ' selected="selected"' : '';
-			$l_setting = (isset($user->lang['permission_type'][$permission_scope][$setting])) ? $user->lang['permission_type'][$permission_scope][$setting] : $user->lang['permission_type'][$setting];
+			$l_setting = $this->permissions->get_type_lang($setting, $permission_scope);
 			$s_dropdown_options .= '<option value="' . $setting . '"' . $selected . '>' . $l_setting . '</option>';
 		}
 
@@ -979,7 +982,7 @@ class acp_permissions
 		$back = request_var('back', 0);
 
 		$template->assign_vars(array(
-			'PERMISSION'			=> $user->lang['acl_' . $permission]['lang'],
+			'PERMISSION'			=> $this->permissions->get_permission_lang($permission),
 			'PERMISSION_USERNAME'	=> $userdata['username'],
 			'FORUM_NAME'			=> $forum_name,
 

phpBB/includes/acp/auth.php

@@ -261,7 +261,8 @@ class auth_admin extends phpbb_auth
 	*/
 	function display_mask($mode, $permission_type, &$hold_ary, $user_mode = 'user', $local = false, $group_display = true)
 	{
-		global $template, $user, $db, $phpbb_root_path, $phpEx;
+		global $template, $user, $db, $phpbb_root_path, $phpEx, $phpbb_container;
+		$phpbb_permissions = $phpbb_container->get('acl.permissions');
 
 		// Define names for template loops, might be able to be set
 		$tpl_pmask = 'p_mask';
@@ -269,7 +270,7 @@ class auth_admin extends phpbb_auth
 		$tpl_category = 'category';
 		$tpl_mask = 'mask';
 
-		$l_acl_type = (isset($user->lang['ACL_TYPE_' . (($local) ? 'LOCAL' : 'GLOBAL') . '_' . strtoupper($permission_type)])) ? $user->lang['ACL_TYPE_' . (($local) ? 'LOCAL' : 'GLOBAL') . '_' . strtoupper($permission_type)] : 'ACL_TYPE_' . (($local) ? 'LOCAL' : 'GLOBAL') . '_' . strtoupper($permission_type);
+		$l_acl_type = $phpbb_permissions->get_type_lang($permission_type, (($local) ? 'local' : 'global'));
 
 		// Allow trace for viewing permissions and in user mode
 		$show_trace = ($mode == 'view' && $user_mode == 'user') ? true : false;
@@ -1100,7 +1101,9 @@ class auth_admin extends phpbb_auth
 	*/
 	function assign_cat_array(&$category_array, $tpl_cat, $tpl_mask, $ug_id, $forum_id, $show_trace = false, $s_view)
 	{
-		global $template, $user, $phpbb_admin_path, $phpEx;
+		global $template, $user, $phpbb_admin_path, $phpEx, $phpbb_container;
+
+		$phpbb_permissions = $phpbb_container->get('acl.permissions');
 
 		@reset($category_array);
 		while (list($cat, $cat_array) = each($category_array))
@@ -1110,8 +1113,8 @@ class auth_admin extends phpbb_auth
 				'S_NEVER'	=> ($cat_array['S_NEVER'] && !$cat_array['S_YES'] && !$cat_array['S_NO']) ? true : false,
 				'S_NO'		=> ($cat_array['S_NO'] && !$cat_array['S_NEVER'] && !$cat_array['S_YES']) ? true : false,
 
-				'CAT_NAME'	=> $user->lang['permission_cat'][$cat])
+				'CAT_NAME'	=> $phpbb_permissions->get_category_lang($cat),
-			);
+			));
 
 			/*	Sort permissions by name (more naturaly and user friendly than sorting by a primary key)
 			*	Commented out due to it's memory consumption and time needed
@@ -1145,8 +1148,8 @@ class auth_admin extends phpbb_auth
 						'U_TRACE'		=> ($show_trace) ? append_sid("{$phpbb_admin_path}index.$phpEx", "i=permissions&mode=trace&u=$ug_id&f=$forum_id&auth=$permission") : '',
 						'UA_TRACE'		=> ($show_trace) ? append_sid("{$phpbb_admin_path}index.$phpEx", "i=permissions&mode=trace&u=$ug_id&f=$forum_id&auth=$permission", false) : '',
 
-						'PERMISSION'	=> $user->lang['acl_' . $permission]['lang'])
+						'PERMISSION'	=> $phpbb_permissions->get_permission_lang($permission),
-					);
+					));
 				}
 				else
 				{
@@ -1163,8 +1166,8 @@ class auth_admin extends phpbb_auth
 						'U_TRACE'		=> ($show_trace) ? append_sid("{$phpbb_admin_path}index.$phpEx", "i=permissions&mode=trace&u=$ug_id&f=$forum_id&auth=$permission") : '',
 						'UA_TRACE'		=> ($show_trace) ? append_sid("{$phpbb_admin_path}index.$phpEx", "i=permissions&mode=trace&u=$ug_id&f=$forum_id&auth=$permission", false) : '',
 
-						'PERMISSION'	=> $user->lang['acl_' . $permission]['lang'])
+						'PERMISSION'	=> $phpbb_permissions->get_permission_lang($permission),
-					);
+					));
 				}
 			}
 		}
@@ -1176,7 +1179,9 @@ class auth_admin extends phpbb_auth
 	*/
 	function build_permission_array(&$permission_row, &$content_array, &$categories, $key_sort_array)
 	{
-		global $user;
+		global $user, $phpbb_container;
+
+		$phpbb_permissions = $phpbb_container->get('acl.permissions');
 
 		foreach ($key_sort_array as $forum_id)
 		{
@@ -1191,20 +1196,12 @@ class auth_admin extends phpbb_auth
 			@reset($permissions);
 			while (list($permission, $auth_setting) = each($permissions))
 			{
-				if (!isset($user->lang['acl_' . $permission]))
+				$cat = $phpbb_permissions->get_permission_category($permission);
-				{
-					$user->lang['acl_' . $permission] = array(
-						'cat'	=> 'misc',
-						'lang'	=> '{ acl_' . $permission . ' }'
-					);
-				}
-
-				$cat = $user->lang['acl_' . $permission]['cat'];
 
 				// Build our categories array
 				if (!isset($categories[$cat]))
 				{
-					$categories[$cat] = $user->lang['permission_cat'][$cat];
+					$categories[$cat] = $phpbb_permissions->get_category_lang($cat);
 				}
 
 				// Build our content array

phpBB/includes/captcha/captcha_factory.php

@@ -50,7 +50,8 @@ class phpbb_captcha_factory
 		{
 			include($phpbb_root_path . "includes/captcha/plugins/{$name}_plugin." . $phpEx);
 		}
-		call_user_func(array($name, 'garbage_collect'), 0);
+		$captcha = self::get_instance($name);
+		$captcha->garbage_collect(0);
 	}
 
 	/**

phpBB/includes/functions_posting.php

@@ -1995,6 +1995,10 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
 		}
 	}
 
+	$first_post_has_topic_info = ($post_mode == 'edit_first_post' &&
+			(($post_visibility == ITEM_DELETED && $data['topic_posts_softdeleted'] == 1) ||
+			($post_visibility == ITEM_UNAPPROVED && $data['topic_posts_unapproved'] == 1) ||
+			($post_visibility == ITEM_APPROVED && $data['topic_posts_approved'] == 1)));
 	// Fix the post's and topic's visibility and first/last post information, when the post is edited
 	if (($post_mode != 'post' && $post_mode != 'reply') && $data['post_visibility'] != $post_visibility)
 	{
@@ -2007,7 +2011,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
 		$phpbb_content_visibility = $phpbb_container->get('content.visibility');
 		$phpbb_content_visibility->set_post_visibility($post_visibility, $data['post_id'], $data['topic_id'], $data['forum_id'], $user->data['user_id'], time(), '', $is_starter, $is_latest);
 	}
-	else if ($post_mode == 'edit_last_post' || $post_mode == 'edit_topic' || ($post_mode == 'edit_first_post' && !$data['topic_replies']))
+	else if ($post_mode == 'edit_last_post' || $post_mode == 'edit_topic' || $first_post_has_topic_info)
 	{
 		if ($post_visibility == ITEM_APPROVED || $data['topic_visibility'] == $post_visibility)
 		{

phpBB/includes/functions_privmsgs.php

@@ -2018,14 +2018,11 @@ function message_history($msg_id, $user_id, $message_row, $folder, $in_post_mode
 
 			$decoded_message = bbcode_nl2br($decoded_message);
 		}
-
+		
-		if ($row['bbcode_bitfield'])
+		$parse_flags = ($row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0);
-		{
+		$parse_flags |= ($row['enable_smilies'] ? OPTION_FLAG_SMILIES : 0);
-			$bbcode->bbcode_second_pass($message, $row['bbcode_uid'], $row['bbcode_bitfield']);
+		
-		}
+		$message = generate_text_for_display($message, $row['bbcode_uid'], $row['bbcode_bitfield'], $parse_flags, false);
-
-		$message = bbcode_nl2br($message);
-		$message = smiley_text($message, !$row['enable_smilies']);
 
 		$subject = censor_text($subject);
 

phpBB/includes/mcp/mcp_warn.php

@@ -289,19 +289,8 @@ class mcp_warn
 
 		// We want to make the message available here as a reminder
 		// Parse the message and subject
-		$message = censor_text($user_row['post_text']);
+		$parse_flags = OPTION_FLAG_SMILIES | ($row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0);
-
+		$message = generate_text_for_display($user_row['post_text'], $user_row['bbcode_uid'], $user_row['bbcode_bitfield'], $parse_flags, true);
-		// Second parse bbcode here
-		if ($user_row['bbcode_bitfield'])
-		{
-			include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx);
-
-			$bbcode = new bbcode($user_row['bbcode_bitfield']);
-			$bbcode->bbcode_second_pass($message, $user_row['bbcode_uid'], $user_row['bbcode_bitfield']);
-		}
-
-		$message = bbcode_nl2br($message);
-		$message = smiley_text($message);
 
 		// Generate the appropriate user information for the user we are looking at
 		if (!function_exists('phpbb_get_user_avatar'))

phpBB/includes/ucp/ucp_prefs.php

@@ -267,7 +267,7 @@ class ucp_prefs
 				$limit_topic_days = array(0 => $user->lang['ALL_TOPICS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
 
 				$sort_by_topic_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 'r' => $user->lang['REPLIES'], 's' => $user->lang['SUBJECT'], 'v' => $user->lang['VIEWS']);
-				$sort_by_topic_sql = array('a' => 't.topic_first_poster_name', 't' => 't.topic_last_post_time', 'r' => 't.topic_replies', 's' => 't.topic_title', 'v' => 't.topic_views');
+				$sort_by_topic_sql = array('a' => 't.topic_first_poster_name', 't' => 't.topic_last_post_time', 'r' => 't.topic_posts_approved', 's' => 't.topic_title', 'v' => 't.topic_views');
 
 				// Post ordering options
 				$limit_post_days = array(0 => $user->lang['ALL_POSTS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);

phpBB/includes/ucp/ucp_register.php

@@ -38,7 +38,7 @@ class ucp_register
 		include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
 
 		$coppa			= $request->is_set('coppa') ? (int) $request->variable('coppa', false) : false;
-		$agreed			= (int) $request->variable('agreed', false);
+		$agreed			= $request->variable('agreed', false);
 		$submit			= $request->is_set_post('submit');
 		$change_lang	= request_var('change_lang', '');
 		$user_lang		= request_var('lang', $user->lang_name);
@@ -63,7 +63,7 @@ class ucp_register
 					$submit = false;
 
 					// Setting back agreed to let the user view the agreement in his/her language
-					$agreed = ($request->variable('change_lang', false)) ? 0 : $agreed;
+					$agreed = false;
 				}
 
 				$user->lang_name = $user_lang = $use_lang;
@@ -89,7 +89,7 @@ class ucp_register
 			$add_coppa = ($coppa !== false) ? '&coppa=' . $coppa : '';
 
 			$s_hidden_fields = array(
-				'change_lang'	=> $change_lang,
+				'change_lang'	=> '',
 			);
 
 			// If we change the language, we want to pass on some more possible parameter.

phpBB/install/install_update.php

@@ -57,7 +57,6 @@ class install_update extends module
 	var $new_location;
 	var $latest_version;
 	var $current_version;
-	var $unequal_version;
 
 	var $update_to_version;
 
@@ -87,7 +86,6 @@ class install_update extends module
 
 		$this->tpl_name = 'install_update';
 		$this->page_title = 'UPDATE_INSTALLATION';
-		$this->unequal_version = false;
 
 		$this->old_location = $phpbb_root_path . 'install/update/old/';
 		$this->new_location = $phpbb_root_path . 'install/update/new/';
@@ -199,8 +197,6 @@ class install_update extends module
 		// Check if the update files are actually meant to update from the current version
 		if ($this->current_version != $this->update_info['version']['from'])
 		{
-			$this->unequal_version = true;
-
 			$template->assign_vars(array(
 				'S_ERROR'	=> true,
 				'ERROR_MSG'	=> sprintf($user->lang['INCOMPATIBLE_UPDATE_FILES'], $this->current_version, $this->update_info['version']['from'], $this->update_info['version']['to']),
@@ -208,10 +204,8 @@ class install_update extends module
 		}
 
 		// Check if the update files stored are for the latest version...
-		if ($this->latest_version != $this->update_info['version']['to'])
+		if (version_compare(strtolower($this->latest_version), strtolower($this->update_info['version']['to']), '>'))
 		{
-			$this->unequal_version = true;
-
 			$template->assign_vars(array(
 				'S_WARNING'		=> true,
 				'WARNING_MSG'	=> sprintf($user->lang['OLD_UPDATE_FILES'], $this->update_info['version']['from'], $this->update_info['version']['to'], $this->latest_version))
@@ -230,7 +224,14 @@ class install_update extends module
 		if ($this->test_update === false)
 		{
 			// What about the language file? Got it updated?
-			if (in_array('language/en/install.' . $phpEx, $this->update_info['files']))
+			if (in_array('language/' . $language . '/install.' . $phpEx, $this->update_info['files']))
+			{
+				$lang = array();
+				include($this->new_location . 'language/' . $language . '/install.' . $phpEx);
+				// this is the user's language.. just merge it
+				$user->lang = array_merge($user->lang, $lang);
+			}
+			if ($language != 'en' && in_array('language/en/install.' . $phpEx, $this->update_info['files']))
 			{
 				$lang = array();
 				include($this->new_location . 'language/en/install.' . $phpEx);
@@ -284,7 +285,7 @@ class install_update extends module
 				));
 
 				// Print out version the update package updates to
-				if ($this->unequal_version)
+				if ($this->latest_version != $this->update_info['version']['to'])
 				{
 					$template->assign_var('PACKAGE_VERSION', $this->update_info['version']['to']);
 				}

phpBB/language/en/acp/permissions_phpbb.php

@@ -33,209 +33,175 @@ if (empty($lang) || !is_array($lang))
 // in a url you again do not need to specify an order e.g., 'Click %sHERE%s' is fine
 
 /**
-*	MODDERS PLEASE NOTE
+*	EXTENSION-DEVELOPERS PLEASE NOTE
 *
-*	You are able to put your permission sets into a separate file too by
+*	You are able to put your permission sets into your extension.
-*	prefixing the new file with permissions_ and putting it into the acp
+*	The permissions logic should be added via the 'core.permissions' event.
-*	language folder.
+*	You can easily add new permission categories, types and permissions, by
-*
+*	simply merging them into the respective arrays.
-*	An example of how the file could look like:
+*	The respective language strings should be added into a language file, that
-*
+*	start with 'permissions_', so they are automatically loaded within the ACP.
-*	<code>
-*
-*	if (empty($lang) || !is_array($lang))
-*	{
-*		$lang = array();
-*	}
-*
-*	// Adding new category
-*	$lang['permission_cat']['bugs'] = 'Bugs';
-*
-*	// Adding new permission set
-*	$lang['permission_type']['bug_'] = 'Bug Permissions';
-*
-*	// Adding the permissions
-*	$lang = array_merge($lang, array(
-*		'acl_bug_view'		=> array('lang' => 'Can view bug reports', 'cat' => 'bugs'),
-*		'acl_bug_post'		=> array('lang' => 'Can post bugs', 'cat' => 'post'), // Using a phpBB category here
-*	));
-*
-*	</code>
 */
 
-// Define categories and permission types
 $lang = array_merge($lang, array(
-	'permission_cat'	=> array(
+	'ACL_CAT_ACTIONS'		=> 'Actions',
-		'actions'		=> 'Actions',
+	'ACL_CAT_CONTENT'		=> 'Content',
-		'content'		=> 'Content',
+	'ACL_CAT_FORUMS'		=> 'Forums',
-		'forums'		=> 'Forums',
+	'ACL_CAT_MISC'			=> 'Misc',
-		'misc'			=> 'Misc',
+	'ACL_CAT_PERMISSIONS'	=> 'Permissions',
-		'permissions'	=> 'Permissions',
+	'ACL_CAT_PM'			=> 'Private messages',
-		'pm'			=> 'Private messages',
+	'ACL_CAT_POLLS'			=> 'Polls',
-		'polls'			=> 'Polls',
+	'ACL_CAT_POST'			=> 'Post',
-		'post'			=> 'Post',
+	'ACL_CAT_POST_ACTIONS'	=> 'Post actions',
-		'post_actions'	=> 'Post actions',
+	'ACL_CAT_POSTING'		=> 'Posting',
-		'posting'		=> 'Posting',
+	'ACL_CAT_PROFILE'		=> 'Profile',
-		'profile'		=> 'Profile',
+	'ACL_CAT_SETTINGS'		=> 'Settings',
-		'settings'		=> 'Settings',
+	'ACL_CAT_TOPIC_ACTIONS'	=> 'Topic actions',
-		'topic_actions'	=> 'Topic actions',
+	'ACL_CAT_USER_GROUP'	=> 'Users &amp; Groups',
-		'user_group'	=> 'Users &amp; Groups',
-	),
-
-	// With defining 'global' here we are able to specify what is printed out if the permission is within the global scope.
-	'permission_type'	=> array(
-		'u_'			=> 'User permissions',
-		'a_'			=> 'Admin permissions',
-		'm_'			=> 'Moderator permissions',
-		'f_'			=> 'Forum permissions',
-		'global'		=> array(
-			'm_'			=> 'Global moderator permissions',
-		),
-	),
 ));
 
 // User Permissions
 $lang = array_merge($lang, array(
-	'acl_u_viewprofile'	=> array('lang' => 'Can view profiles, memberlist and online list', 'cat' => 'profile'),
+	'ACL_U_VIEWPROFILE'	=> 'Can view profiles, memberlist and online list',
-	'acl_u_chgname'		=> array('lang' => 'Can change username', 'cat' => 'profile'),
+	'ACL_U_CHGNAME'		=> 'Can change username',
-	'acl_u_chgpasswd'	=> array('lang' => 'Can change password', 'cat' => 'profile'),
+	'ACL_U_CHGPASSWD'	=> 'Can change password',
-	'acl_u_chgemail'	=> array('lang' => 'Can change email address', 'cat' => 'profile'),
+	'ACL_U_CHGEMAIL'	=> 'Can change email address',
-	'acl_u_chgavatar'	=> array('lang' => 'Can change avatar', 'cat' => 'profile'),
+	'ACL_U_CHGAVATAR'	=> 'Can change avatar',
-	'acl_u_chggrp'		=> array('lang' => 'Can change default usergroup', 'cat' => 'profile'),
+	'ACL_U_CHGGRP'		=> 'Can change default usergroup',
-	'acl_u_chgprofileinfo'	=> array('lang' => 'Can change profile field information', 'cat' => 'profile'),
+	'ACL_U_CHGPROFILEINFO'	=> 'Can change profile field information',
 
-	'acl_u_attach'		=> array('lang' => 'Can attach files', 'cat' => 'post'),
+	'ACL_U_ATTACH'		=> 'Can attach files',
-	'acl_u_download'	=> array('lang' => 'Can download files', 'cat' => 'post'),
+	'ACL_U_DOWNLOAD'	=> 'Can download files',
-	'acl_u_savedrafts'	=> array('lang' => 'Can save drafts', 'cat' => 'post'),
+	'ACL_U_SAVEDRAFTS'	=> 'Can save drafts',
-	'acl_u_chgcensors'	=> array('lang' => 'Can disable word censors', 'cat' => 'post'),
+	'ACL_U_CHGCENSORS'	=> 'Can disable word censors',
-	'acl_u_sig'			=> array('lang' => 'Can use signature', 'cat' => 'post'),
+	'ACL_U_SIG'			=> 'Can use signature',
 
-	'acl_u_sendpm'		=> array('lang' => 'Can send private messages', 'cat' => 'pm'),
+	'ACL_U_SENDPM'		=> 'Can send private messages',
-	'acl_u_masspm'		=> array('lang' => 'Can send messages to multiple users', 'cat' => 'pm'),
+	'ACL_U_MASSPM'		=> 'Can send messages to multiple users',
-	'acl_u_masspm_group'=> array('lang' => 'Can send messages to groups', 'cat' => 'pm'),
+	'ACL_U_MASSPM_GROUP'=> 'Can send messages to groups',
-	'acl_u_readpm'		=> array('lang' => 'Can read private messages', 'cat' => 'pm'),
+	'ACL_U_READPM'		=> 'Can read private messages',
-	'acl_u_pm_edit'		=> array('lang' => 'Can edit own private messages', 'cat' => 'pm'),
+	'ACL_U_PM_EDIT'		=> 'Can edit own private messages',
-	'acl_u_pm_delete'	=> array('lang' => 'Can remove private messages from own folder', 'cat' => 'pm'),
+	'ACL_U_PM_DELETE'	=> 'Can remove private messages from own folder',
-	'acl_u_pm_forward'	=> array('lang' => 'Can forward private messages', 'cat' => 'pm'),
+	'ACL_U_PM_FORWARD'	=> 'Can forward private messages',
-	'acl_u_pm_emailpm'	=> array('lang' => 'Can email private messages', 'cat' => 'pm'),
+	'ACL_U_PM_EMAILPM'	=> 'Can email private messages',
-	'acl_u_pm_printpm'	=> array('lang' => 'Can print private messages', 'cat' => 'pm'),
+	'ACL_U_PM_PRINTPM'	=> 'Can print private messages',
-	'acl_u_pm_attach'	=> array('lang' => 'Can attach files in private messages', 'cat' => 'pm'),
+	'ACL_U_PM_ATTACH'	=> 'Can attach files in private messages',
-	'acl_u_pm_download'	=> array('lang' => 'Can download files in private messages', 'cat' => 'pm'),
+	'ACL_U_PM_DOWNLOAD'	=> 'Can download files in private messages',
-	'acl_u_pm_bbcode'	=> array('lang' => 'Can use BBCode in private messages', 'cat' => 'pm'),
+	'ACL_U_PM_BBCODE'	=> 'Can use BBCode in private messages',
-	'acl_u_pm_smilies'	=> array('lang' => 'Can use smilies in private messages', 'cat' => 'pm'),
+	'ACL_U_PM_SMILIES'	=> 'Can use smilies in private messages',
-	'acl_u_pm_img'		=> array('lang' => 'Can use [img] BBCode tag in private messages', 'cat' => 'pm'),
+	'ACL_U_PM_IMG'		=> 'Can use [img] BBCode tag in private messages',
-	'acl_u_pm_flash'	=> array('lang' => 'Can use [flash] BBCode tag in private messages', 'cat' => 'pm'),
+	'ACL_U_PM_FLASH'	=> 'Can use [flash] BBCode tag in private messages',
 
-	'acl_u_sendemail'	=> array('lang' => 'Can send emails', 'cat' => 'misc'),
+	'ACL_U_SENDEMAIL'	=> 'Can send emails',
-	'acl_u_sendim'		=> array('lang' => 'Can send instant messages', 'cat' => 'misc'),
+	'ACL_U_SENDIM'		=> 'Can send instant messages',
-	'acl_u_ignoreflood'	=> array('lang' => 'Can ignore flood limit', 'cat' => 'misc'),
+	'ACL_U_IGNOREFLOOD'	=> 'Can ignore flood limit',
-	'acl_u_hideonline'	=> array('lang' => 'Can hide online status', 'cat' => 'misc'),
+	'ACL_U_HIDEONLINE'	=> 'Can hide online status',
-	'acl_u_viewonline'	=> array('lang' => 'Can view hidden online users', 'cat' => 'misc'),
+	'ACL_U_VIEWONLINE'	=> 'Can view hidden online users',
-	'acl_u_search'		=> array('lang' => 'Can search board', 'cat' => 'misc'),
+	'ACL_U_SEARCH'		=> 'Can search board',
 ));
 
 // Forum Permissions
 $lang = array_merge($lang, array(
-	'acl_f_list'		=> array('lang' => 'Can see forum', 'cat' => 'actions'),
+	'ACL_F_LIST'		=> 'Can see forum',
-	'acl_f_read'		=> array('lang' => 'Can read forum', 'cat' => 'actions'),	
+	'ACL_F_READ'		=> 'Can read forum',
-	'acl_f_search'		=> array('lang' => 'Can search the forum', 'cat' => 'actions'),
+	'ACL_F_SEARCH'		=> 'Can search the forum',
-	'acl_f_subscribe'	=> array('lang' => 'Can subscribe forum', 'cat' => 'actions'),
+	'ACL_F_SUBSCRIBE'	=> 'Can subscribe forum',
-	'acl_f_print'		=> array('lang' => 'Can print topics', 'cat' => 'actions'),	
+	'ACL_F_PRINT'		=> 'Can print topics',
-	'acl_f_email'		=> array('lang' => 'Can email topics', 'cat' => 'actions'),	
+	'ACL_F_EMAIL'		=> 'Can email topics',
-	'acl_f_bump'		=> array('lang' => 'Can bump topics', 'cat' => 'actions'),
+	'ACL_F_BUMP'		=> 'Can bump topics',
-	'acl_f_user_lock'	=> array('lang' => 'Can lock own topics', 'cat' => 'actions'),
+	'ACL_F_USER_LOCK'	=> 'Can lock own topics',
-	'acl_f_download'	=> array('lang' => 'Can download files', 'cat' => 'actions'),	
+	'ACL_F_DOWNLOAD'	=> 'Can download files',
-	'acl_f_report'		=> array('lang' => 'Can report posts', 'cat' => 'actions'),
+	'ACL_F_REPORT'		=> 'Can report posts',
 
-	'acl_f_post'		=> array('lang' => 'Can start new topics', 'cat' => 'post'),
+	'ACL_F_POST'		=> 'Can start new topics',
-	'acl_f_sticky'		=> array('lang' => 'Can post stickies', 'cat' => 'post'),
+	'ACL_F_STICKY'		=> 'Can post stickies',
-	'acl_f_announce'	=> array('lang' => 'Can post announcements', 'cat' => 'post'),
+	'ACL_F_ANNOUNCE'	=> 'Can post announcements',
-	'acl_f_reply'		=> array('lang' => 'Can reply to topics', 'cat' => 'post'),
+	'ACL_F_REPLY'		=> 'Can reply to topics',
-	'acl_f_edit'		=> array('lang' => 'Can edit own posts', 'cat' => 'post'),
+	'ACL_F_EDIT'		=> 'Can edit own posts',
-	'acl_f_delete'		=> array('lang' => 'Can permanently delete own posts', 'cat' => 'post'),
+	'ACL_F_DELETE'		=> 'Can permanently delete own posts',
-	'acl_f_softdelete'  => array('lang' => 'Can soft delete own posts<br /><em>Moderators, who have the approve posts permission, can restore soft deleted posts.</em>', 'cat' => 'post'),
+	'ACL_F_SOFTDELETE'	=> 'Can soft delete own posts<br /><em>Moderators, who have the approve posts permission, can restore soft deleted posts.</em>',
-	'acl_f_ignoreflood' => array('lang' => 'Can ignore flood limit', 'cat' => 'post'),
+	'ACL_F_IGNOREFLOOD' => 'Can ignore flood limit',
-	'acl_f_postcount'	=> array('lang' => 'Increment post counter<br /><em>Please note that this setting only affects new posts.</em>', 'cat' => 'post'),
+	'ACL_F_POSTCOUNT'	=> 'Increment post counter<br /><em>Please note that this setting only affects new posts.</em>',
-	'acl_f_noapprove'	=> array('lang' => 'Can post without approval', 'cat' => 'post'),	
+	'ACL_F_NOAPPROVE'	=> 'Can post without approval',
 
-	'acl_f_attach'		=> array('lang' => 'Can attach files', 'cat' => 'content'),	
+	'ACL_F_ATTACH'		=> 'Can attach files',
-	'acl_f_icons'		=> array('lang' => 'Can use topic/post icons', 'cat' => 'content'),
+	'ACL_F_ICONS'		=> 'Can use topic/post icons',
-	'acl_f_bbcode'		=> array('lang' => 'Can use BBCode', 'cat' => 'content'),	
+	'ACL_F_BBCODE'		=> 'Can use BBCode',
-	'acl_f_flash'		=> array('lang' => 'Can use [flash] BBCode tag', 'cat' => 'content'),
+	'ACL_F_FLASH'		=> 'Can use [flash] BBCode tag',
-	'acl_f_img'			=> array('lang' => 'Can use [img] BBCode tag', 'cat' => 'content'),
+	'ACL_F_IMG'			=> 'Can use [img] BBCode tag',
-	'acl_f_sigs'		=> array('lang' => 'Can use signatures', 'cat' => 'content'),
+	'ACL_F_SIGS'		=> 'Can use signatures',
-	'acl_f_smilies'		=> array('lang' => 'Can use smilies', 'cat' => 'content'),
+	'ACL_F_SMILIES'		=> 'Can use smilies',
 
-	'acl_f_poll'		=> array('lang' => 'Can create polls', 'cat' => 'polls'),
+	'ACL_F_POLL'		=> 'Can create polls',
-	'acl_f_vote'		=> array('lang' => 'Can vote in polls', 'cat' => 'polls'),
+	'ACL_F_VOTE'		=> 'Can vote in polls',
-	'acl_f_votechg'		=> array('lang' => 'Can change existing vote', 'cat' => 'polls'),
+	'ACL_F_VOTECHG'		=> 'Can change existing vote',
 ));
 
 // Moderator Permissions
 $lang = array_merge($lang, array(
-	'acl_m_edit'		=> array('lang' => 'Can edit posts', 'cat' => 'post_actions'),
+	'ACL_M_EDIT'		=> 'Can edit posts',
-	'acl_m_delete'		=> array('lang' => 'Can permanently delete posts', 'cat' => 'post_actions'),
+	'ACL_M_DELETE'		=> 'Can permanently delete posts',
-	'acl_m_softdelete'	=> array('lang' => 'Can soft delete posts<br /><em>Moderators, who have the approve posts permission, can restore soft deleted posts.</em>', 'cat' => 'post_actions'),
+	'ACL_M_SOFTDELETE'	=> 'Can soft delete posts<br /><em>Moderators, who have the approve posts permission, can restore soft deleted posts.</em>',
-	'acl_m_approve'		=> array('lang' => 'Can approve and restore posts', 'cat' => 'post_actions'),
+	'ACL_M_APPROVE'		=> 'Can approve posts',
-	'acl_m_report'		=> array('lang' => 'Can close and delete reports', 'cat' => 'post_actions'),
+	'ACL_M_REPORT'		=> 'Can close and delete reports',
-	'acl_m_chgposter'	=> array('lang' => 'Can change post author', 'cat' => 'post_actions'),
+	'ACL_M_CHGPOSTER'	=> 'Can change post author',
 
-	'acl_m_move'	=> array('lang' => 'Can move topics', 'cat' => 'topic_actions'),
+	'ACL_M_MOVE'	=> 'Can move topics',
-	'acl_m_lock'	=> array('lang' => 'Can lock topics', 'cat' => 'topic_actions'),
+	'ACL_M_LOCK'	=> 'Can lock topics',
-	'acl_m_split'	=> array('lang' => 'Can split topics', 'cat' => 'topic_actions'),
+	'ACL_M_SPLIT'	=> 'Can split topics',
-	'acl_m_merge'	=> array('lang' => 'Can merge topics', 'cat' => 'topic_actions'),
+	'ACL_M_MERGE'	=> 'Can merge topics',
 
-	'acl_m_info'	=> array('lang' => 'Can view post details', 'cat' => 'misc'),
+	'ACL_M_INFO'	=> 'Can view post details',
-	'acl_m_warn'	=> array('lang' => 'Can issue warnings<br /><em>This setting is only assigned globally. It is not forum based.</em>', 'cat' => 'misc'), // This moderator setting is only global (and not local)
+	'ACL_M_WARN'	=> 'Can issue warnings<br /><em>This setting is only assigned globally. It is not forum based.</em>', // This moderator setting is only global (and not local)
-	'acl_m_ban'		=> array('lang' => 'Can manage bans<br /><em>This setting is only assigned globally. It is not forum based.</em>', 'cat' => 'misc'), // This moderator setting is only global (and not local)
+	'ACL_M_BAN'		=> 'Can manage bans<br /><em>This setting is only assigned globally. It is not forum based.</em>', // This moderator setting is only global (and not local)
 ));
 
 // Admin Permissions
 $lang = array_merge($lang, array(
-	'acl_a_board'		=> array('lang' => 'Can alter board settings/check for updates', 'cat' => 'settings'),
+	'ACL_A_BOARD'		=> 'Can alter board settings/check for updates',
-	'acl_a_server'		=> array('lang' => 'Can alter server/communication settings', 'cat' => 'settings'),
+	'ACL_A_SERVER'		=> 'Can alter server/communication settings',
-	'acl_a_jabber'		=> array('lang' => 'Can alter Jabber settings', 'cat' => 'settings'),
+	'ACL_A_JABBER'		=> 'Can alter Jabber settings',
-	'acl_a_phpinfo'		=> array('lang' => 'Can view php settings', 'cat' => 'settings'),
+	'ACL_A_PHPINFO'		=> 'Can view php settings',
 
-	'acl_a_forum'		=> array('lang' => 'Can manage forums', 'cat' => 'forums'),
+	'ACL_A_FORUM'		=> 'Can manage forums',
-	'acl_a_forumadd'	=> array('lang' => 'Can add new forums', 'cat' => 'forums'),
+	'ACL_A_FORUMADD'	=> 'Can add new forums',
-	'acl_a_forumdel'	=> array('lang' => 'Can delete forums', 'cat' => 'forums'),
+	'ACL_A_FORUMDEL'	=> 'Can delete forums',
-	'acl_a_prune'		=> array('lang' => 'Can prune forums', 'cat' => 'forums'),
+	'ACL_A_PRUNE'		=> 'Can prune forums',
 
-	'acl_a_icons'		=> array('lang' => 'Can alter topic/post icons and smilies', 'cat' => 'posting'),
+	'ACL_A_ICONS'		=> 'Can alter topic/post icons and smilies',
-	'acl_a_words'		=> array('lang' => 'Can alter word censors', 'cat' => 'posting'),
+	'ACL_A_WORDS'		=> 'Can alter word censors',
-	'acl_a_bbcode'		=> array('lang' => 'Can define BBCode tags', 'cat' => 'posting'),
+	'ACL_A_BBCODE'		=> 'Can define BBCode tags',
-	'acl_a_attach'		=> array('lang' => 'Can alter attachment related settings', 'cat' => 'posting'),
+	'ACL_A_ATTACH'		=> 'Can alter attachment related settings',
 
-	'acl_a_user'		=> array('lang' => 'Can manage users<br /><em>This also includes seeing the users browser agent within the viewonline list.</em>', 'cat' => 'user_group'),
+	'ACL_A_USER'		=> 'Can manage users<br /><em>This also includes seeing the users browser agent within the viewonline list.</em>',
-	'acl_a_userdel'		=> array('lang' => 'Can delete/prune users', 'cat' => 'user_group'),
+	'ACL_A_USERDEL'		=> 'Can delete/prune users',
-	'acl_a_group'		=> array('lang' => 'Can manage groups', 'cat' => 'user_group'),
+	'ACL_A_GROUP'		=> 'Can manage groups',
-	'acl_a_groupadd'	=> array('lang' => 'Can add new groups', 'cat' => 'user_group'),
+	'ACL_A_GROUPADD'	=> 'Can add new groups',
-	'acl_a_groupdel'	=> array('lang' => 'Can delete groups', 'cat' => 'user_group'),
+	'ACL_A_GROUPDEL'	=> 'Can delete groups',
-	'acl_a_ranks'		=> array('lang' => 'Can manage ranks', 'cat' => 'user_group'),
+	'ACL_A_RANKS'		=> 'Can manage ranks',
-	'acl_a_profile'		=> array('lang' => 'Can manage custom profile fields', 'cat' => 'user_group'),
+	'ACL_A_PROFILE'		=> 'Can manage custom profile fields',
-	'acl_a_names'		=> array('lang' => 'Can manage disallowed names', 'cat' => 'user_group'),
+	'ACL_A_NAMES'		=> 'Can manage disallowed names',
-	'acl_a_ban'			=> array('lang' => 'Can manage bans', 'cat' => 'user_group'),
+	'ACL_A_BAN'			=> 'Can manage bans',
 
-	'acl_a_viewauth'	=> array('lang' => 'Can view permission masks', 'cat' => 'permissions'),
+	'ACL_A_VIEWAUTH'	=> 'Can view permission masks',
-	'acl_a_authgroups'	=> array('lang' => 'Can alter permissions for individual groups', 'cat' => 'permissions'),
+	'ACL_A_AUTHGROUPS'	=> 'Can alter permissions for individual groups',
-	'acl_a_authusers'	=> array('lang' => 'Can alter permissions for individual users', 'cat' => 'permissions'),
+	'ACL_A_AUTHUSERS'	=> 'Can alter permissions for individual users',
-	'acl_a_fauth'		=> array('lang' => 'Can alter forum permission class', 'cat' => 'permissions'),
+	'ACL_A_FAUTH'		=> 'Can alter forum permission class',
-	'acl_a_mauth'		=> array('lang' => 'Can alter moderator permission class', 'cat' => 'permissions'),
+	'ACL_A_MAUTH'		=> 'Can alter moderator permission class',
-	'acl_a_aauth'		=> array('lang' => 'Can alter admin permission class', 'cat' => 'permissions'),
+	'ACL_A_AAUTH'		=> 'Can alter admin permission class',
-	'acl_a_uauth'		=> array('lang' => 'Can alter user permission class', 'cat' => 'permissions'),
+	'ACL_A_UAUTH'		=> 'Can alter user permission class',
-	'acl_a_roles'		=> array('lang' => 'Can manage roles', 'cat' => 'permissions'),
+	'ACL_A_ROLES'		=> 'Can manage roles',
-	'acl_a_switchperm'	=> array('lang' => 'Can use others permissions', 'cat' => 'permissions'),
+	'ACL_A_SWITCHPERM'	=> 'Can use others permissions',
 
-	'acl_a_styles'		=> array('lang' => 'Can manage styles', 'cat' => 'misc'),
+	'ACL_A_STYLES'		=> 'Can manage styles',
-	'acl_a_extensions'	=> array('lang' => 'Can manage extensions', 'cat' => 'misc'),
+	'ACL_A_EXTENSIONS'	=> 'Can manage extensions',
-	'acl_a_viewlogs'	=> array('lang' => 'Can view logs', 'cat' => 'misc'),
+	'ACL_A_VIEWLOGS'	=> 'Can view logs',
-	'acl_a_clearlogs'	=> array('lang' => 'Can clear logs', 'cat' => 'misc'),
+	'ACL_A_CLEARLOGS'	=> 'Can clear logs',
-	'acl_a_modules'		=> array('lang' => 'Can manage modules', 'cat' => 'misc'),
+	'ACL_A_MODULES'		=> 'Can manage modules',
-	'acl_a_language'	=> array('lang' => 'Can manage language packs', 'cat' => 'misc'),
+	'ACL_A_LANGUAGE'	=> 'Can manage language packs',
-	'acl_a_email'		=> array('lang' => 'Can send mass email', 'cat' => 'misc'),
+	'ACL_A_EMAIL'		=> 'Can send mass email',
-	'acl_a_bots'		=> array('lang' => 'Can manage bots', 'cat' => 'misc'),
+	'ACL_A_BOTS'		=> 'Can manage bots',
-	'acl_a_reasons'		=> array('lang' => 'Can manage report/denial reasons', 'cat' => 'misc'),
+	'ACL_A_REASONS'		=> 'Can manage report/denial reasons',
-	'acl_a_backup'		=> array('lang' => 'Can backup/restore database', 'cat' => 'misc'),
+	'ACL_A_BACKUP'		=> 'Can backup/restore database',
-	'acl_a_search'		=> array('lang' => 'Can manage search backends and settings', 'cat' => 'misc'),
+	'ACL_A_SEARCH'		=> 'Can manage search backends and settings',
 ));

phpBB/language/en/help_faq.php

@@ -332,7 +332,7 @@ $help = array(
 	),
 	array(
 		0 => 'Why isn’t X feature available?',
-		1 => 'This software was written by and licensed through phpBB Group. If you believe a feature needs to be added, or you want to report a bug, please visit the phpBB <a href="http://area51.phpbb.com/">Area51</a> website, where you will find resources to do so.'
+		1 => 'This software was written by and licensed through phpBB Group. If you believe a feature needs to be added please visit the <a href="https://www.phpbb.com/ideas/">phpBB Ideas Centre</a>, where you can upvote existing ideas or suggest new features.'
 	),
 	array(
 		0 => 'Who do I contact about abusive and/or legal matters related to this board?',

phpBB/memberlist.php

@@ -561,17 +561,8 @@ switch ($mode)
 
 		if ($member['user_sig'])
 		{
-			$member['user_sig'] = censor_text($member['user_sig']);
+			$parse_flags = ($member['user_sig_bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES;
-
+			$member['user_sig'] = generate_text_for_display($member['user_sig'], $member['user_sig_bbcode_uid'], $member['user_sig_bbcode_bitfield'], $parse_flags, true);
-			if ($member['user_sig_bbcode_bitfield'])
-			{
-				include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx);
-				$bbcode = new bbcode();
-				$bbcode->bbcode_second_pass($member['user_sig'], $member['user_sig_bbcode_uid'], $member['user_sig_bbcode_bitfield']);
-			}
-
-			$member['user_sig'] = bbcode_nl2br($member['user_sig']);
-			$member['user_sig'] = smiley_text($member['user_sig']);
 		}
 
 		$poster_avatar = phpbb_get_user_avatar($member);

phpBB/phpbb/avatar/driver/remote.php

@@ -93,7 +93,7 @@ class phpbb_avatar_driver_remote extends phpbb_avatar_driver
 		// Make sure getimagesize works...
 		if (function_exists('getimagesize'))
 		{
-			if (($width <= 0 || $height <= 0) && (($image_data = getimagesize($url)) === false))
+			if (($width <= 0 || $height <= 0) && (($image_data = @getimagesize($url)) === false))
 			{
 				$error[] = 'UNABLE_GET_IMAGE_SIZE';
 				return false;

phpBB/phpbb/feed/overall.php

@@ -72,7 +72,7 @@ class phpbb_feed_overall extends phpbb_feed_post_base
 				),
 			),
 			'WHERE'		=> $this->db->sql_in_set('p.topic_id', $topic_ids) . '
-							AND ' . $this->content_visibility->get_visibility_sql('post', array(), 'p.') . '
+							AND ' . $this->content_visibility->get_forums_visibility_sql('post', $forum_ids, 'p.') . '
 							AND p.post_time >= ' . $min_post_time . '
 							AND u.user_id = p.poster_id',
 			'ORDER_BY'	=> 'p.post_time DESC',

phpBB/phpbb/feed/topic.php

@@ -43,7 +43,7 @@ class phpbb_feed_topic extends phpbb_feed_post_base
 
 	function open()
 	{
-		$sql = 'SELECT f.forum_options, f.forum_password, t.topic_id, t.forum_id, t.topic_visibility, t.topic_title, t.topic_time, t.topic_views, t.topic_replies, t.topic_type
+		$sql = 'SELECT f.forum_options, f.forum_password, t.topic_id, t.forum_id, t.topic_visibility, t.topic_title, t.topic_time, t.topic_views, t.topic_posts_approved, t.topic_type
 			FROM ' . TOPICS_TABLE . ' t
 			LEFT JOIN ' . FORUMS_TABLE . ' f
 				ON (f.forum_id = t.forum_id)
@@ -60,7 +60,7 @@ class phpbb_feed_topic extends phpbb_feed_post_base
 		$this->forum_id = (int) $this->topic_data['forum_id'];
 
 		// Make sure topic is either approved or user authed
-		if (!$this->topic_data['topic_approved'] && !$this->auth->acl_get('m_approve', $this->forum_id))
+		if ($this->topic_data['topic_visibility'] != ITEM_APPROVED && !$this->auth->acl_get('m_approve', $this->forum_id))
 		{
 			trigger_error('SORRY_AUTH_READ');
 		}

phpBB/phpbb/permissions.php

@@ -0,0 +1,340 @@
+<?php
+/**
+*
+* @package phpBB3
+* @copyright (c) 2013 phpBB Group
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+*
+*/
+
+/**
+* DO NOT CHANGE
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
+class phpbb_permissions
+{
+	/**
+	* Event dispatcher object
+	* @var phpbb_event_dispatcher
+	*/
+	protected $dispatcher;
+
+	/**
+	* User object
+	* @var phpbb_user
+	*/
+	protected $user;
+
+	/**
+	* Constructor
+	*
+	* @param	phpbb_event_dispatcher	$phpbb_dispatcher	Event dispatcher
+	* @param	phpbb_user				$user				User Object
+	* @return	null
+	*/
+	public function __construct(phpbb_event_dispatcher $phpbb_dispatcher, phpbb_user $user)
+	{
+		$this->dispatcher = $phpbb_dispatcher;
+		$this->user = $user;
+
+		$categories = $this->categories;
+		$types = $this->types;
+		$permissions = $this->permissions;
+
+		/**
+		* Allows to specify additional permission categories, types and permissions
+		*
+		* @event core.permissions
+		* @var	array	types			Array with permission types (a_, u_, m_, etc.)
+		* @var	array	categories		Array with permission categories (pm, post, settings, misc, etc.)
+		* @var	array	permissions		Array with permissions. Each Permission has the following layout:
+		*		'<type><permission>' => array(
+		*			'lang'	=> 'Language Key with a Short description', // Optional, if not set,
+		*						// the permissions identifier '<type><permission>' is used with
+		*						// all uppercase.
+		*			'cat'	=> 'Identifier of the category, the permission should be displayed in',
+		*		),
+		*		Example:
+		*		'u_viewprofile' => array(
+		*			'lang'	=> 'ACL_U_VIEWPROFILE',
+		*			'cat'	=> 'profile',
+		*		),
+		* @since 3.1-A1
+		*/
+		$vars = array('types', 'categories', 'permissions');
+		extract($phpbb_dispatcher->trigger_event('core.permissions', compact($vars)));
+
+		$this->categories = $categories;
+		$this->types = $types;
+		$this->permissions = $permissions;
+	}
+
+	/**
+	* Returns an array with all the permission categories (pm, post, settings, misc, etc.)
+	*
+	* @return	array	Layout: cat-identifier => Language key
+	*/
+	public function get_categories()
+	{
+		return $this->categories;
+	}
+
+	/**
+	* Returns the language string of a permission category
+	*
+	* @param	string	$category	Identifier of the category
+	* @return	string		Language string
+	*/
+	public function get_category_lang($category)
+	{
+		return $this->user->lang($this->categories[$category]);
+	}
+
+	/**
+	* Returns an array with all the permission types (a_, u_, m_, etc.)
+	*
+	* @return	array	Layout: type-identifier => Language key
+	*/
+	public function get_types()
+	{
+		return $this->types;
+	}
+
+	/**
+	* Returns the language string of a permission type
+	*
+	* @param	string	$type	Identifier of the type
+	* @param	mixed	$scope	Scope of the type (should be 'global', 'local' or false)
+	* @return	string	Language string
+	*/
+	public function get_type_lang($type, $scope = false)
+	{
+		if ($scope && isset($this->types[$scope][$type]))
+		{
+			$lang_key = $this->types[$scope][$type];
+		}
+		else if (isset($this->types[$type]))
+		{
+			$lang_key = $this->types[$type];
+		}
+		else
+		{
+			$lang_key = 'ACL_TYPE_' . strtoupper(($scope) ? $scope . '_' . $type : $type);
+		}
+
+		return $this->user->lang($lang_key);
+	}
+
+	/**
+	* Returns an array with all the permissions.
+	* Each Permission has the following layout:
+	*	'<type><permission>' => array(
+	*		'lang'	=> 'Language Key with a Short description', // Optional, if not set,
+	*					// the permissions identifier '<type><permission>' is used with
+	*					// all uppercase.
+	*		'cat'	=> 'Identifier of the category, the permission should be displayed in',
+	*	),
+	*	Example:
+	*	'u_viewprofile' => array(
+	*		'lang'	=> 'ACL_U_VIEWPROFILE',
+	*		'cat'	=> 'profile',
+	*	),
+	*
+	* @return	array
+	*/
+	public function get_permissions()
+	{
+		return $this->permissions;
+	}
+
+	/**
+	* Returns the category of a permission
+	*
+	* @param	string	$permission	Identifier of the permission
+	* @return	string		Returns the category identifier of the permission
+	*/
+	public function get_permission_category($permission)
+	{
+		return (isset($this->permissions[$permission]['cat'])) ? $this->permissions[$permission]['cat'] : 'misc';
+	}
+
+	/**
+	* Returns the language string of a permission
+	*
+	* @param	string	$permission	Identifier of the permission
+	* @return	string	Language string
+	*/
+	public function get_permission_lang($permission)
+	{
+		return (isset($this->permissions[$permission]['lang'])) ? $this->user->lang($this->permissions[$permission]['lang']) : $this->user->lang('ACL_' . strtoupper($permission));
+	}
+
+	protected $types = array(
+		'u_'			=> 'ACL_TYPE_U_',
+		'a_'			=> 'ACL_TYPE_A_',
+		'm_'			=> 'ACL_TYPE_M_',
+		'f_'			=> 'ACL_TYPE_F_',
+		'global'		=> array(
+			'm_'			=> 'ACL_TYPE_GLOBAL_M_',
+		),
+	);
+
+	protected $categories = array(
+		'actions'		=> 'ACL_CAT_ACTIONS',
+		'content'		=> 'ACL_CAT_CONTENT',
+		'forums'		=> 'ACL_CAT_FORUMS',
+		'misc'			=> 'ACL_CAT_MISC',
+		'permissions'	=> 'ACL_CAT_PERMISSIONS',
+		'pm'			=> 'ACL_CAT_PM',
+		'polls'			=> 'ACL_CAT_POLLS',
+		'post'			=> 'ACL_CAT_POST',
+		'post_actions'	=> 'ACL_CAT_POST_ACTIONS',
+		'posting'		=> 'ACL_CAT_POSTING',
+		'profile'		=> 'ACL_CAT_PROFILE',
+		'settings'		=> 'ACL_CAT_SETTINGS',
+		'topic_actions'	=> 'ACL_CAT_TOPIC_ACTIONS',
+		'user_group'	=> 'ACL_CAT_USER_GROUP',
+	);
+
+	protected $permissions = array(
+		// User Permissions
+		'u_viewprofile'	=> array('lang' => 'ACL_U_VIEWPROFILE', 'cat' => 'profile'),
+		'u_chgname'		=> array('lang' => 'ACL_U_CHGNAME', 'cat' => 'profile'),
+		'u_chgpasswd'	=> array('lang' => 'ACL_U_CHGPASSWD', 'cat' => 'profile'),
+		'u_chgemail'	=> array('lang' => 'ACL_U_CHGEMAIL', 'cat' => 'profile'),
+		'u_chgavatar'	=> array('lang' => 'ACL_U_CHGAVATAR', 'cat' => 'profile'),
+		'u_chggrp'		=> array('lang' => 'ACL_U_CHGGRP', 'cat' => 'profile'),
+		'u_chgprofileinfo'	=> array('lang' => 'ACL_U_CHGPROFILEINFO', 'cat' => 'profile'),
+
+		'u_attach'		=> array('lang' => 'ACL_U_ATTACH', 'cat' => 'post'),
+		'u_download'	=> array('lang' => 'ACL_U_DOWNLOAD', 'cat' => 'post'),
+		'u_savedrafts'	=> array('lang' => 'ACL_U_SAVEDRAFTS', 'cat' => 'post'),
+		'u_chgcensors'	=> array('lang' => 'ACL_U_CHGCENSORS', 'cat' => 'post'),
+		'u_sig'			=> array('lang' => 'ACL_U_SIG', 'cat' => 'post'),
+
+		'u_sendpm'		=> array('lang' => 'ACL_U_SENDPM', 'cat' => 'pm'),
+		'u_masspm'		=> array('lang' => 'ACL_U_MASSPM', 'cat' => 'pm'),
+		'u_masspm_group'=> array('lang' => 'ACL_U_MASSPM_GROUP', 'cat' => 'pm'),
+		'u_readpm'		=> array('lang' => 'ACL_U_READPM', 'cat' => 'pm'),
+		'u_pm_edit'		=> array('lang' => 'ACL_U_PM_EDIT', 'cat' => 'pm'),
+		'u_pm_delete'	=> array('lang' => 'ACL_U_PM_DELETE', 'cat' => 'pm'),
+		'u_pm_forward'	=> array('lang' => 'ACL_U_PM_FORWARD', 'cat' => 'pm'),
+		'u_pm_emailpm'	=> array('lang' => 'ACL_U_PM_EMAILPM', 'cat' => 'pm'),
+		'u_pm_printpm'	=> array('lang' => 'ACL_U_PM_PRINTPM', 'cat' => 'pm'),
+		'u_pm_attach'	=> array('lang' => 'ACL_U_PM_ATTACH', 'cat' => 'pm'),
+		'u_pm_download'	=> array('lang' => 'ACL_U_PM_DOWNLOAD', 'cat' => 'pm'),
+		'u_pm_bbcode'	=> array('lang' => 'ACL_U_PM_BBCODE', 'cat' => 'pm'),
+		'u_pm_smilies'	=> array('lang' => 'ACL_U_PM_SMILIES', 'cat' => 'pm'),
+		'u_pm_img'		=> array('lang' => 'ACL_U_PM_IMG', 'cat' => 'pm'),
+		'u_pm_flash'	=> array('lang' => 'ACL_U_PM_FLASH', 'cat' => 'pm'),
+
+		'u_sendemail'	=> array('lang' => 'ACL_U_SENDEMAIL', 'cat' => 'misc'),
+		'u_sendim'		=> array('lang' => 'ACL_U_SENDIM', 'cat' => 'misc'),
+		'u_ignoreflood'	=> array('lang' => 'ACL_U_IGNOREFLOOD', 'cat' => 'misc'),
+		'u_hideonline'	=> array('lang' => 'ACL_U_HIDEONLINE', 'cat' => 'misc'),
+		'u_viewonline'	=> array('lang' => 'ACL_U_VIEWONLINE', 'cat' => 'misc'),
+		'u_search'		=> array('lang' => 'ACL_U_SEARCH', 'cat' => 'misc'),
+
+		// Forum Permissions
+		'f_list'		=> array('lang' => 'ACL_F_LIST', 'cat' => 'actions'),
+		'f_read'		=> array('lang' => 'ACL_F_READ', 'cat' => 'actions'),	
+		'f_search'		=> array('lang' => 'ACL_F_SEARCH', 'cat' => 'actions'),
+		'f_subscribe'	=> array('lang' => 'ACL_F_SUBSCRIBE', 'cat' => 'actions'),
+		'f_print'		=> array('lang' => 'ACL_F_PRINT', 'cat' => 'actions'),	
+		'f_email'		=> array('lang' => 'ACL_F_EMAIL', 'cat' => 'actions'),	
+		'f_bump'		=> array('lang' => 'ACL_F_BUMP', 'cat' => 'actions'),
+		'f_user_lock'	=> array('lang' => 'ACL_F_USER_LOCK', 'cat' => 'actions'),
+		'f_download'	=> array('lang' => 'ACL_F_DOWNLOAD', 'cat' => 'actions'),	
+		'f_report'		=> array('lang' => 'ACL_F_REPORT', 'cat' => 'actions'),
+
+		'f_post'		=> array('lang' => 'ACL_F_POST', 'cat' => 'post'),
+		'f_sticky'		=> array('lang' => 'ACL_F_STICKY', 'cat' => 'post'),
+		'f_announce'	=> array('lang' => 'ACL_F_ANNOUNCE', 'cat' => 'post'),
+		'f_reply'		=> array('lang' => 'ACL_F_REPLY', 'cat' => 'post'),
+		'f_edit'		=> array('lang' => 'ACL_F_EDIT', 'cat' => 'post'),
+		'f_delete'		=> array('lang' => 'ACL_F_DELETE', 'cat' => 'post'),
+		'f_ignoreflood' => array('lang' => 'ACL_F_IGNOREFLOOD', 'cat' => 'post'),
+		'f_postcount'	=> array('lang' => 'ACL_F_POSTCOUNT', 'cat' => 'post'),
+		'f_noapprove'	=> array('lang' => 'ACL_F_NOAPPROVE', 'cat' => 'post'),	
+
+		'f_attach'		=> array('lang' => 'ACL_F_ATTACH', 'cat' => 'content'),	
+		'f_icons'		=> array('lang' => 'ACL_F_ICONS', 'cat' => 'content'),
+		'f_bbcode'		=> array('lang' => 'ACL_F_BBCODE', 'cat' => 'content'),	
+		'f_flash'		=> array('lang' => 'ACL_F_FLASH', 'cat' => 'content'),
+		'f_img'			=> array('lang' => 'ACL_F_IMG', 'cat' => 'content'),
+		'f_sigs'		=> array('lang' => 'ACL_F_SIGS', 'cat' => 'content'),
+		'f_smilies'		=> array('lang' => 'ACL_F_SMILIES', 'cat' => 'content'),
+
+		'f_poll'		=> array('lang' => 'ACL_F_POLL', 'cat' => 'polls'),
+		'f_vote'		=> array('lang' => 'ACL_F_VOTE', 'cat' => 'polls'),
+		'f_votechg'		=> array('lang' => 'ACL_F_VOTECHG', 'cat' => 'polls'),
+
+		// Moderator Permissions
+		'm_edit'		=> array('lang' => 'ACL_M_EDIT', 'cat' => 'post_actions'),
+		'm_delete'		=> array('lang' => 'ACL_M_DELETE', 'cat' => 'post_actions'),
+		'm_approve'		=> array('lang' => 'ACL_M_APPROVE', 'cat' => 'post_actions'),
+		'm_report'		=> array('lang' => 'ACL_M_REPORT', 'cat' => 'post_actions'),
+		'm_chgposter'	=> array('lang' => 'ACL_M_CHGPOSTER', 'cat' => 'post_actions'),
+
+		'm_move'	=> array('lang' => 'ACL_M_MOVE', 'cat' => 'topic_actions'),
+		'm_lock'	=> array('lang' => 'ACL_M_LOCK', 'cat' => 'topic_actions'),
+		'm_split'	=> array('lang' => 'ACL_M_SPLIT', 'cat' => 'topic_actions'),
+		'm_merge'	=> array('lang' => 'ACL_M_MERGE', 'cat' => 'topic_actions'),
+
+		'm_info'	=> array('lang' => 'ACL_M_INFO', 'cat' => 'misc'),
+		'm_warn'	=> array('lang' => 'ACL_M_WARN', 'cat' => 'misc'),
+		'm_ban'		=> array('lang' => 'ACL_M_BAN', 'cat' => 'misc'),
+
+		// Admin Permissions
+		'a_board'		=> array('lang' => 'ACL_A_BOARD', 'cat' => 'settings'),
+		'a_server'		=> array('lang' => 'ACL_A_SERVER', 'cat' => 'settings'),
+		'a_jabber'		=> array('lang' => 'ACL_A_JABBER', 'cat' => 'settings'),
+		'a_phpinfo'		=> array('lang' => 'ACL_A_PHPINFO', 'cat' => 'settings'),
+
+		'a_forum'		=> array('lang' => 'ACL_A_FORUM', 'cat' => 'forums'),
+		'a_forumadd'	=> array('lang' => 'ACL_A_FORUMADD', 'cat' => 'forums'),
+		'a_forumdel'	=> array('lang' => 'ACL_A_FORUMDEL', 'cat' => 'forums'),
+		'a_prune'		=> array('lang' => 'ACL_A_PRUNE', 'cat' => 'forums'),
+
+		'a_icons'		=> array('lang' => 'ACL_A_ICONS', 'cat' => 'posting'),
+		'a_words'		=> array('lang' => 'ACL_A_WORDS', 'cat' => 'posting'),
+		'a_bbcode'		=> array('lang' => 'ACL_A_BBCODE', 'cat' => 'posting'),
+		'a_attach'		=> array('lang' => 'ACL_A_ATTACH', 'cat' => 'posting'),
+
+		'a_user'		=> array('lang' => 'ACL_A_USER', 'cat' => 'user_group'),
+		'a_userdel'		=> array('lang' => 'ACL_A_USERDEL', 'cat' => 'user_group'),
+		'a_group'		=> array('lang' => 'ACL_A_GROUP', 'cat' => 'user_group'),
+		'a_groupadd'	=> array('lang' => 'ACL_A_GROUPADD', 'cat' => 'user_group'),
+		'a_groupdel'	=> array('lang' => 'ACL_A_GROUPDEL', 'cat' => 'user_group'),
+		'a_ranks'		=> array('lang' => 'ACL_A_RANKS', 'cat' => 'user_group'),
+		'a_profile'		=> array('lang' => 'ACL_A_PROFILE', 'cat' => 'user_group'),
+		'a_names'		=> array('lang' => 'ACL_A_NAMES', 'cat' => 'user_group'),
+		'a_ban'			=> array('lang' => 'ACL_A_BAN', 'cat' => 'user_group'),
+
+		'a_viewauth'	=> array('lang' => 'ACL_A_VIEWAUTH', 'cat' => 'permissions'),
+		'a_authgroups'	=> array('lang' => 'ACL_A_AUTHGROUPS', 'cat' => 'permissions'),
+		'a_authusers'	=> array('lang' => 'ACL_A_AUTHUSERS', 'cat' => 'permissions'),
+		'a_fauth'		=> array('lang' => 'ACL_A_FAUTH', 'cat' => 'permissions'),
+		'a_mauth'		=> array('lang' => 'ACL_A_MAUTH', 'cat' => 'permissions'),
+		'a_aauth'		=> array('lang' => 'ACL_A_AAUTH', 'cat' => 'permissions'),
+		'a_uauth'		=> array('lang' => 'ACL_A_UAUTH', 'cat' => 'permissions'),
+		'a_roles'		=> array('lang' => 'ACL_A_ROLES', 'cat' => 'permissions'),
+		'a_switchperm'	=> array('lang' => 'ACL_A_SWITCHPERM', 'cat' => 'permissions'),
+
+		'a_styles'		=> array('lang' => 'ACL_A_STYLES', 'cat' => 'misc'),
+		'a_extensions'	=> array('lang' => 'ACL_A_EXTENSIONS', 'cat' => 'misc'),
+		'a_viewlogs'	=> array('lang' => 'ACL_A_VIEWLOGS', 'cat' => 'misc'),
+		'a_clearlogs'	=> array('lang' => 'ACL_A_CLEARLOGS', 'cat' => 'misc'),
+		'a_modules'		=> array('lang' => 'ACL_A_MODULES', 'cat' => 'misc'),
+		'a_language'	=> array('lang' => 'ACL_A_LANGUAGE', 'cat' => 'misc'),
+		'a_email'		=> array('lang' => 'ACL_A_EMAIL', 'cat' => 'misc'),
+		'a_bots'		=> array('lang' => 'ACL_A_BOTS', 'cat' => 'misc'),
+		'a_reasons'		=> array('lang' => 'ACL_A_REASONS', 'cat' => 'misc'),
+		'a_backup'		=> array('lang' => 'ACL_A_BACKUP', 'cat' => 'misc'),
+		'a_search'		=> array('lang' => 'ACL_A_SEARCH', 'cat' => 'misc'),
+	);
+}

phpBB/phpbb/session.php

@@ -1022,7 +1022,8 @@ class phpbb_session
 			{
 				include($phpbb_root_path . "includes/captcha/captcha_factory." . $phpEx);
 			}
-			phpbb_captcha_factory::garbage_collect($config['captcha_plugin']);
+			$captcha_factory = new phpbb_captcha_factory();
+			$captcha_factory->garbage_collect($config['captcha_plugin']);
 
 			$sql = 'DELETE FROM ' . LOGIN_ATTEMPT_TABLE . '
 				WHERE attempt_time < ' . (time() - (int) $config['ip_login_limit_time']);

phpBB/phpbb/template/twig/lexer.php

@@ -126,10 +126,14 @@ class phpbb_template_twig_lexer extends Twig_Lexer
 	{
 		$callback = function($matches)
 		{
-			// Remove any quotes that may have been used in different implementations
+			// Remove matching quotes at the beginning/end if a statement;
-			// E.g. DEFINE $TEST = 'blah' vs INCLUDE foo
+			// E.g. 'asdf'"' -> asdf'"
-			// Replace {} with start/end to parse variables (' ~ TEST ~ '.html)
+			// E.g. "asdf'"" -> asdf'"
-			$matches[2] = str_replace(array('"', "'", '{', '}'), array('', '', "' ~ ", " ~ '"), $matches[2]);
+			// E.g. 'asdf'" -> 'asdf'"
+			$matches[2] = preg_replace('#^([\'"])?(.+?)\1$#', '$2', $matches[2]);
+
+			// Replace template variables with start/end to parse variables (' ~ TEST ~ '.html)
+			$matches[2] = preg_replace('#{([a-zA-Z0-9_\.$]+)}#', "'~ \$1 ~'", $matches[2]);
 
 			// Surround the matches in single quotes ('' ~ TEST ~ '.html')
 			return "<!-- {$matches[1]} '{$matches[2]}' -->";
@@ -219,19 +223,20 @@ class phpbb_template_twig_lexer extends Twig_Lexer
 	{
 		$callback = function($matches)
 		{
+			$inner = $matches[2];
 			// Replace $TEST with definition.TEST
-			$matches[1] = preg_replace('#\s\$([a-zA-Z_0-9]+)#', ' definition.$1', $matches[1]);
+			$inner = preg_replace('#\s\$([a-zA-Z_0-9]+)#', ' definition.$1', $inner);
 
 			// Replace .test with test|length
-			$matches[1] = preg_replace('#\s\.([a-zA-Z_0-9\.]+)#', ' $1|length', $matches[1]);
+			$inner = preg_replace('#\s\.([a-zA-Z_0-9\.]+)#', ' $1|length', $inner);
 
-			return '<!-- IF' . $matches[1] . '-->';
+			return "<!-- {$matches[1]}IF{$inner}-->";
 		};
 
 		// Replace our "div by" with Twig's divisibleby (Twig does not like test names with spaces)
 		$code = preg_replace('# div by ([0-9]+)#', ' divisibleby($1)', $code);
 
-		return preg_replace_callback('#<!-- IF((.*)[\s][\$|\.|!]([^\s]+)(.*))-->#', $callback, $code);
+		return preg_replace_callback('#<!-- (ELSE)?IF((.*)[\s][\$|\.|!]([^\s]+)(.*))-->#', $callback, $code);
 	}
 
 	/**

phpBB/phpbb/template/twig/node/includeasset.php

@@ -7,7 +7,7 @@
 *
 */
 
-class phpbb_template_twig_node_includeasset extends Twig_Node
+abstract class phpbb_template_twig_node_includeasset extends Twig_Node
 {
 	/** @var Twig_Environment */
 	protected $environment;
@@ -57,4 +57,19 @@ class phpbb_template_twig_node_includeasset extends Twig_Node
 			->raw("\n');\n")
 		;
 	}
+
+	/**
+	* Get the definition name
+	*
+	* @return string (e.g. 'SCRIPTS')
+	*/
+	abstract public function get_definition_name();
+
+	/**
+	* Append the output code for the asset
+	*
+	* @param Twig_Compiler A Twig_Compiler instance
+	* @return null
+	*/
+	abstract protected function append_asset(Twig_Compiler $compiler);
 }

phpBB/phpbb/template/twig/node/includecss.php

@@ -9,16 +9,17 @@
 
 class phpbb_template_twig_node_includecss extends phpbb_template_twig_node_includeasset
 {
+	/**
+	* {@inheritdoc}
+	*/
 	public function get_definition_name()
 	{
 		return 'STYLESHEETS';
 	}
 
 	/**
-	 * Compiles the node to PHP.
+	* {@inheritdoc}
-	 *
+	*/
-	 * @param Twig_Compiler A Twig_Compiler instance
-	 */
 	public function append_asset(Twig_Compiler $compiler)
 	{
 		$compiler

phpBB/phpbb/template/twig/node/includejs.php

@@ -9,16 +9,17 @@
 
 class phpbb_template_twig_node_includejs extends phpbb_template_twig_node_includeasset
 {
+	/**
+	* {@inheritdoc}
+	*/
 	public function get_definition_name()
 	{
 		return 'SCRIPTS';
 	}
 
 	/**
-	 * Compiles the node to PHP.
+	* {@inheritdoc}
-	 *
+	*/
-	 * @param Twig_Compiler A Twig_Compiler instance
-	 */
 	protected function append_asset(Twig_Compiler $compiler)
 	{
 		$config = $this->environment->get_phpbb_config();

phpBB/report.php

@@ -147,7 +147,7 @@ else
 if ($config['enable_post_confirm'] && !$user->data['is_registered'])
 {
 	include($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx);
-	$captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']);
+	$captcha = phpbb_captcha_factory::get_instance($config['captcha_plugin']);
 	$captcha->init(CONFIRM_REPORT);
 }
 
@@ -157,10 +157,13 @@ $s_hidden_fields = '';
 // Submit report?
 if ($submit && $reason_id)
 {
-	$visual_confirmation_response = $captcha->validate();
+	if (isset($captcha))
-	if ($visual_confirmation_response)
 	{
-		$error[] = $visual_confirmation_response;
+		$visual_confirmation_response = $captcha->validate();
+		if ($visual_confirmation_response)
+		{
+			$error[] = $visual_confirmation_response;
+		}
 	}
 
 	$sql = 'SELECT *

phpBB/search.php

@@ -366,7 +366,7 @@ if ($keywords || $author || $author_id || $search_id || $submit)
 				{
 					$sql = "SELECT p.post_id
 						FROM $sort_join" . POSTS_TABLE . ' p, ' . TOPICS_TABLE . " t
-						WHERE t.topic_replies = 0
+						WHERE t.topic_posts_approved = 1
 							AND p.topic_id = t.topic_id
 							$last_post_time
 							AND $m_approve_posts_fid_sql
@@ -378,7 +378,7 @@ if ($keywords || $author || $author_id || $search_id || $submit)
 				{
 					$sql = 'SELECT DISTINCT ' . $sort_by_sql[$sort_key] . ", p.topic_id
 						FROM $sort_join" . POSTS_TABLE . ' p, ' . TOPICS_TABLE . " t
-						WHERE t.topic_replies = 0
+						WHERE t.topic_posts_approved = 1
 							AND t.topic_moved_id = 0
 							AND p.topic_id = t.topic_id
 							$last_post_time
@@ -687,6 +687,18 @@ if ($keywords || $author || $author_id || $search_id || $submit)
 				$tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array();
 			}
 
+			/**
+			* Event to modify the SQL query before the topic data is retrieved
+			*
+			* @event core.search_get_topic_data
+			* @var	string	sql_select		The SQL SELECT string used by search to get topic data
+			* @var	string	sql_from		The SQL FROM string used by search to get topic data
+			* @var	string	sql_where		The SQL WHERE string used by search to get topic data
+			* @since 3.1-A1
+			*/
+			$vars = array('sql_select', 'sql_from', 'sql_where');
+			extract($phpbb_dispatcher->trigger_event('core.search_get_topic_data', compact($vars)));
+
 			$sql = "SELECT $sql_select
 				FROM $sql_from
 				WHERE $sql_where";
@@ -989,7 +1001,7 @@ if ($keywords || $author || $author_id || $search_id || $submit)
 				);
 			}
 
-			$template->assign_block_vars('searchresults', array_merge($tpl_ary, array(
+			$tpl_ary = array_merge($tpl_ary, array(
 				'FORUM_ID'			=> $forum_id,
 				'TOPIC_ID'			=> $result_topic_id,
 				'POST_ID'			=> ($show_results == 'posts') ? $row['post_id'] : false,
@@ -1001,9 +1013,22 @@ if ($keywords || $author || $author_id || $search_id || $submit)
 
 				'U_VIEW_TOPIC'		=> $view_topic_url,
 				'U_VIEW_FORUM'		=> append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id),
-				'U_VIEW_POST'		=> (!empty($row['post_id'])) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=" . $row['topic_id'] . '&p=' . $row['post_id'] . (($u_hilit) ? '&hilit=' . $u_hilit : '')) . '#p' . $row['post_id'] : '')
+				'U_VIEW_POST'		=> (!empty($row['post_id'])) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=" . $row['topic_id'] . '&p=' . $row['post_id'] . (($u_hilit) ? '&hilit=' . $u_hilit : '')) . '#p' . $row['post_id'] : '',
 			));
 
+			/**
+			* Modify the topic data before it is assigned to the template
+			*
+			* @event core.search_modify_tpl_ary
+			* @var	array	row			Array with topic data
+			* @var	array	tpl_ary		Template block array with topic data
+			* @since 3.1-A1
+			*/
+			$vars = array('row', 'tpl_ary');
+			extract($phpbb_dispatcher->trigger_event('core.search_modify_tpl_ary', compact($vars)));
+
+			$template->assign_block_vars('searchresults', $tpl_ary);
+
 			if ($show_results == 'topics')
 			{
 				phpbb_generate_template_pagination($template, $view_topic_url, 'searchresults.pagination', 'start', $replies + 1, $config['posts_per_page'], 1, true, true);

phpBB/styles/prosilver/template/editor.js

@@ -301,7 +301,7 @@ function colorPalette(dir, width, height) {
 	var r = 0, 
 		g = 0, 
 		b = 0,
-		numberList = new Array(6);
+		numberList = new Array(6),
 		color = '',
 		html = '';
 

phpBB/styles/prosilver/template/search_results.html

@@ -63,6 +63,7 @@
 					<dt <!-- IF searchresults.TOPIC_ICON_IMG -->style="background-image: url({T_ICONS_PATH}{searchresults.TOPIC_ICON_IMG}); background-repeat: no-repeat;"<!-- ENDIF --> title="{searchresults.TOPIC_FOLDER_IMG_ALT}">
 						<div class="list-inner">
 
+							<!-- EVENT topiclist_row_prepend -->
 							<!-- IF searchresults.S_UNREAD_TOPIC --><a href="{searchresults.U_NEWEST_POST}">{NEWEST_POST_IMG}</a> <!-- ENDIF -->
 							<a href="{searchresults.U_VIEW_TOPIC}" class="topictitle">{searchresults.TOPIC_TITLE}</a> {searchresults.ATTACH_ICON_IMG}
 							<!-- IF searchresults.S_TOPIC_UNAPPROVED or searchresults.S_POSTS_UNAPPROVED --><a href="{searchresults.U_MCP_QUEUE}">{searchresults.UNAPPROVED_IMG}</a> <!-- ENDIF -->
@@ -83,6 +84,7 @@
 							</div>
 							<!-- ENDIF -->
 							{L_POST_BY_AUTHOR} {searchresults.TOPIC_AUTHOR_FULL} &raquo; {searchresults.FIRST_POST_TIME} &raquo; {L_IN} <a href="{searchresults.U_VIEW_FORUM}">{searchresults.FORUM_TITLE}</a>
+							<!-- EVENT topiclist_row_append -->
 
 						</div>
 					</dt>

phpBB/styles/prosilver/template/viewforum_body.html

@@ -144,6 +144,7 @@
 			<dl class="icon {topicrow.TOPIC_IMG_STYLE}">
 				<dt<!-- IF topicrow.TOPIC_ICON_IMG and S_TOPIC_ICONS --> style="background-image: url({T_ICONS_PATH}{topicrow.TOPIC_ICON_IMG}); background-repeat: no-repeat;"<!-- ENDIF --> title="{topicrow.TOPIC_FOLDER_IMG_ALT}">
 					<div class="list-inner">
+						<!-- EVENT topiclist_row_prepend -->
 						<!-- IF topicrow.S_UNREAD_TOPIC --><a href="{topicrow.U_NEWEST_POST}">{NEWEST_POST_IMG}</a> <!-- ENDIF --><a href="{topicrow.U_VIEW_TOPIC}" class="topictitle">{topicrow.TOPIC_TITLE}</a>
 						<!-- IF topicrow.S_TOPIC_UNAPPROVED or topicrow.S_POSTS_UNAPPROVED --><a href="{topicrow.U_MCP_QUEUE}">{topicrow.UNAPPROVED_IMG}</a> <!-- ENDIF -->
 						<!-- IF topicrow.S_TOPIC_DELETED --><a href="{topicrow.U_MCP_QUEUE}">{DELETED_IMG}</a> <!-- ENDIF -->
@@ -164,6 +165,7 @@
 						<!-- ENDIF -->
 						<!-- IF topicrow.ATTACH_ICON_IMG -->{topicrow.ATTACH_ICON_IMG} <!-- ENDIF -->{L_POST_BY_AUTHOR} {topicrow.TOPIC_AUTHOR_FULL} &raquo; {topicrow.FIRST_POST_TIME}
 						<!-- IF topicrow.S_POST_GLOBAL and FORUM_ID != topicrow.FORUM_ID --> &raquo; {L_IN} <a href="{topicrow.U_VIEW_FORUM}">{topicrow.FORUM_NAME}</a><!-- ENDIF -->
+						<!-- EVENT topiclist_row_append -->
 					</div>
 				</dt>
 				<dd class="posts">{topicrow.REPLIES} <dfn>{L_REPLIES}</dfn></dd>

phpBB/styles/prosilver/theme/common.css

@@ -758,6 +758,10 @@ p.rules a {
 	clear: both;
 }
 
+#notification_list ul li:before, #notification_list ul li:after {
+	display: none;
+}
+
 #notification_list > .header {
 	padding: 0 10px;
 	font-family: Arial, "Helvetica Neue", Helvetica, Arial, sans-serif;

phpBB/styles/subsilver2/template/overall_header.html

@@ -154,8 +154,8 @@ function marklist(id, name, state)
 		<table width="100%" cellspacing="0">
 		<tr>
 			<td class="genmed">
-				<!-- IF S_NOTIFICATIONS_DISPLAY -->
+				<!-- IF S_NOTIFICATIONS_DISPLAY and not S_IS_BOT and S_USER_LOGGED_IN -->
-					[ <a href="{U_VIEW_ALL_NOTIFICATIONS}" id="notification_list_button">{NOTIFICATIONS_COUNT}</a> ] &bull;
+					[ <a href="{U_VIEW_ALL_NOTIFICATIONS}" id="notification_list_button">{NOTIFICATIONS_COUNT}</a> ]&nbsp;
 					<div id="notification_list" class="notification_list">
 						<div class="row1 header">
 							{L_NOTIFICATIONS}

phpBB/styles/subsilver2/template/search_results.html

@@ -34,6 +34,7 @@
 			<!-- ENDIF -->
 			</td>
 			<td class="row1">
+				<!-- EVENT topiclist_row_prepend -->
 				<!-- IF searchresults.S_UNREAD_TOPIC --><a href="{searchresults.U_NEWEST_POST}" class="imageset">{NEWEST_POST_IMG}</a><!-- ENDIF -->
 				{searchresults.ATTACH_ICON_IMG} <a href="{searchresults.U_VIEW_TOPIC}" class="topictitle">{searchresults.TOPIC_TITLE}</a>
 				<!-- IF searchresults.S_TOPIC_UNAPPROVED or searchresults.S_POSTS_UNAPPROVED -->
@@ -58,6 +59,7 @@
 					] </p>
 				<!-- ENDIF -->
 				<p class="gensmall">{L_IN} <a href="{searchresults.U_VIEW_FORUM}">{searchresults.FORUM_TITLE}</a></p>
+				<!-- EVENT topiclist_row_append -->
 			</td>
 			<td class="row2" width="100" align="center"><p class="topicauthor">{searchresults.TOPIC_AUTHOR_FULL}</p></td>
 			<td class="row1" width="50" align="center"><p class="topicdetails">{searchresults.TOPIC_REPLIES}</p></td>

phpBB/styles/subsilver2/template/viewforum_body.html

@@ -40,6 +40,7 @@
 				<td class="row1" width="25" align="center"><!-- IF topicrow.TOPIC_ICON_IMG --><img src="{T_ICONS_PATH}{topicrow.TOPIC_ICON_IMG}" width="{topicrow.TOPIC_ICON_IMG_WIDTH}" height="{topicrow.TOPIC_ICON_IMG_HEIGHT}" alt="" title="" /><!-- ENDIF --></td>
 			<!-- ENDIF -->
 			<td class="row1">
+				<!-- EVENT topiclist_row_prepend -->
 				<!-- IF topicrow.S_UNREAD_TOPIC --><a href="{topicrow.U_NEWEST_POST}" class="imageset">{NEWEST_POST_IMG}</a><!-- ENDIF -->
 				{topicrow.ATTACH_ICON_IMG} <!-- IF topicrow.S_HAS_POLL or topicrow.S_TOPIC_MOVED --><b>{topicrow.TOPIC_TYPE}</b> <!-- ENDIF --><a title="{L_POSTED}{L_COLON} {topicrow.FIRST_POST_TIME}" href="{topicrow.U_VIEW_TOPIC}"class="topictitle">{topicrow.TOPIC_TITLE}</a>
 				<!-- IF topicrow.S_TOPIC_UNAPPROVED or topicrow.S_POSTS_UNAPPROVED -->
@@ -63,6 +64,7 @@
 					<!-- END pagination -->
 					] </p>
 				<!-- ENDIF -->
+				<!-- EVENT topiclist_row_append -->
 			</td>
 			<td class="row2" width="130" align="center"><p class="topicauthor">{topicrow.TOPIC_AUTHOR_FULL}</p></td>
 			<td class="row1" width="50" align="center"><p class="topicdetails">{topicrow.REPLIES}</p></td>
@@ -203,6 +205,7 @@
 					<td class="row1" width="25" align="center"><!-- IF topicrow.TOPIC_ICON_IMG --><img src="{T_ICONS_PATH}{topicrow.TOPIC_ICON_IMG}" width="{topicrow.TOPIC_ICON_IMG_WIDTH}" height="{topicrow.TOPIC_ICON_IMG_HEIGHT}" alt="" title="" /><!-- ENDIF --></td>
 				<!-- ENDIF -->
 				<td class="row1">
+					<!-- EVENT topiclist_row_prepend -->
 					<!-- IF topicrow.S_UNREAD_TOPIC --><a href="{topicrow.U_NEWEST_POST}" class="imageset">{NEWEST_POST_IMG}</a><!-- ENDIF -->
 					{topicrow.ATTACH_ICON_IMG} <!-- IF topicrow.S_HAS_POLL or topicrow.S_TOPIC_MOVED --><b>{topicrow.TOPIC_TYPE}</b> <!-- ENDIF --><a title="{L_POSTED}{L_COLON} {topicrow.FIRST_POST_TIME}" href="{topicrow.U_VIEW_TOPIC}" class="topictitle">{topicrow.TOPIC_TITLE}</a>
 					<!-- IF topicrow.S_TOPIC_UNAPPROVED or topicrow.S_POSTS_UNAPPROVED -->
@@ -227,6 +230,7 @@
 						] </p>
 					<!-- ENDIF -->
 					<!-- IF topicrow.S_POST_GLOBAL and FORUM_ID != topicrow.FORUM_ID --><p class="gensmall">{L_IN} <a href="{topicrow.U_VIEW_FORUM}">{topicrow.FORUM_NAME}</a></p><!-- ENDIF -->
+					<!-- EVENT topiclist_row_append -->
 				</td>
 				<td class="row2" width="130" align="center"><p class="topicauthor">{topicrow.TOPIC_AUTHOR_FULL}</p></td>
 				<td class="row1" width="50" align="center"><p class="topicdetails">{topicrow.REPLIES}</p></td>

phpBB/viewforum.php

@@ -372,6 +372,16 @@ $sql_array = array(
 	'LEFT_JOIN'	=> array(),
 );
 
+/**
+* Event to modify the SQL query before the topic data is retrieved
+*
+* @event core.viewforum_get_topic_data
+* @var	array	sql_array		The SQL array to get the data of all topics
+* @since 3.1-A1
+*/
+$vars = array('sql_array');
+extract($phpbb_dispatcher->trigger_event('core.viewforum_get_topic_data', compact($vars)));
+
 $sql_approved = ' AND ' . $phpbb_content_visibility->get_visibility_sql('topic', $forum_id, 't.');
 
 if ($user->data['is_registered'])
@@ -554,6 +564,17 @@ if (sizeof($shadow_topic_list))
 	$sql = 'SELECT *
 		FROM ' . TOPICS_TABLE . '
 		WHERE ' . $db->sql_in_set('topic_id', array_keys($shadow_topic_list));
+
+	/**
+	* Event to modify the SQL query before the shadowtopic data is retrieved
+	*
+	* @event core.viewforum_get_shadowtopic_data
+	* @var	string	sql		The SQL string to get the data of any shadowtopics
+	* @since 3.1-A1
+	*/
+	$vars = array('sql');
+	extract($phpbb_dispatcher->trigger_event('core.viewforum_get_shadowtopic_data', compact($vars)));
+
 	$result = $db->sql_query($sql);
 
 	while ($row = $db->sql_fetchrow($result))

phpBB/viewtopic.php

@@ -832,39 +832,14 @@ if (!empty($topic_data['poll_start']))
 		$poll_total += $poll_option['poll_option_total'];
 	}
 
-	if ($poll_info[0]['bbcode_bitfield'])
+	$parse_flags = ($row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES;
-	{
-		$poll_bbcode = new bbcode();
-	}
-	else
-	{
-		$poll_bbcode = false;
-	}
 
 	for ($i = 0, $size = sizeof($poll_info); $i < $size; $i++)
 	{
-		$poll_info[$i]['poll_option_text'] = censor_text($poll_info[$i]['poll_option_text']);
+		$poll_info[$i]['poll_option_text'] = generate_text_for_display($poll_info[$i]['poll_option_text'], $poll_info[$i]['bbcode_uid'], $poll_option['bbcode_bitfield'], $parse_flags, true);
-
-		if ($poll_bbcode !== false)
-		{
-			$poll_bbcode->bbcode_second_pass($poll_info[$i]['poll_option_text'], $poll_info[$i]['bbcode_uid'], $poll_option['bbcode_bitfield']);
-		}
-
-		$poll_info[$i]['poll_option_text'] = bbcode_nl2br($poll_info[$i]['poll_option_text']);
-		$poll_info[$i]['poll_option_text'] = smiley_text($poll_info[$i]['poll_option_text']);
 	}
 
-	$topic_data['poll_title'] = censor_text($topic_data['poll_title']);
+	$topic_data['poll_title'] = generate_text_for_display($topic_data['poll_title'], $poll_info[0]['bbcode_uid'], $poll_info[0]['bbcode_bitfield'], $parse_flags, true);
-
-	if ($poll_bbcode !== false)
-	{
-		$poll_bbcode->bbcode_second_pass($topic_data['poll_title'], $poll_info[0]['bbcode_uid'], $poll_info[0]['bbcode_bitfield']);
-	}
-
-	$topic_data['poll_title'] = bbcode_nl2br($topic_data['poll_title']);
-	$topic_data['poll_title'] = smiley_text($topic_data['poll_title']);
-
-	unset($poll_bbcode);
 
 	foreach ($poll_info as $poll_option)
 	{
@@ -1406,29 +1381,13 @@ for ($i = 0, $end = sizeof($post_list); $i < $end; ++$i)
 	// End signature parsing, only if needed
 	if ($user_cache[$poster_id]['sig'] && $row['enable_sig'] && empty($user_cache[$poster_id]['sig_parsed']))
 	{
-		$user_cache[$poster_id]['sig'] = censor_text($user_cache[$poster_id]['sig']);
+		$parse_flags = ($user_cache[$poster_id]['sig_bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES;
-
+		$user_cache[$poster_id]['sig'] = generate_text_for_display($user_cache[$poster_id]['sig'], $user_cache[$poster_id]['sig_bbcode_uid'], $user_cache[$poster_id]['sig_bbcode_bitfield'],  $parse_flags, true);
-		if ($user_cache[$poster_id]['sig_bbcode_bitfield'])
-		{
-			$bbcode->bbcode_second_pass($user_cache[$poster_id]['sig'], $user_cache[$poster_id]['sig_bbcode_uid'], $user_cache[$poster_id]['sig_bbcode_bitfield']);
-		}
-
-		$user_cache[$poster_id]['sig'] = bbcode_nl2br($user_cache[$poster_id]['sig']);
-		$user_cache[$poster_id]['sig'] = smiley_text($user_cache[$poster_id]['sig']);
-		$user_cache[$poster_id]['sig_parsed'] = true;
 	}
 
 	// Parse the message and subject
-	$message = censor_text($row['post_text']);
+	$parse_flags = ($row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES;
-
+	$message = generate_text_for_display($row['post_text'], $row['bbcode_uid'], $row['bbcode_bitfield'], $parse_flags, true);
-	// Second parse bbcode here
-	if ($row['bbcode_bitfield'])
-	{
-		$bbcode->bbcode_second_pass($message, $row['bbcode_uid'], $row['bbcode_bitfield']);
-	}
-
-	$message = bbcode_nl2br($message);
-	$message = smiley_text($message);
 
 	if (!empty($attachments[$row['post_id']]))
 	{

tests/functional/avatar_acp_groups_test.php

@@ -0,0 +1,63 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2013 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+require_once dirname(__FILE__) . '/common_avatar_test.php';
+
+/**
+ * @group functional
+ */
+class phpbb_functional_avatar_acp_groups_test extends phpbb_functional_common_avatar_test
+{
+	public function get_url()
+	{
+		return 'adm/index.php?i=acp_groups&mode=manage&action=edit&g=5';
+	}
+
+	public function avatar_acp_groups_data()
+	{
+		return array(
+			// Correct Gravatar
+			array(
+				'GROUP_UPDATED',
+				'avatar_driver_gravatar',
+				array(
+					'avatar_gravatar_email'		=> 'test@example.com',
+					'avatar_gravatar_width'		=> 80,
+					'avatar_gravatar_height'	=> 80,
+				),
+			),
+			// Gravatar with incorrect size
+			array(
+				'The submitted avatar is 120 wide and 120 high. Avatars must be at least 20 wide and 20 high, but no larger than 90 wide and 90 high.',
+				'avatar_driver_gravatar',
+				array(
+					'avatar_gravatar_email'		=> 'test@example.com',
+					'avatar_gravatar_width'		=> 120,
+					'avatar_gravatar_height'	=> 120,
+				),
+			),
+			// Delete avatar image to reset group settings
+			array(
+				'GROUP_UPDATED',
+				'avatar_driver_gravatar',
+				array(
+					'avatar_delete'	=> array('tick', ''),
+				),
+			),
+		);
+	}
+
+	/**
+	* @dataProvider avatar_acp_groups_data
+	*/
+	public function test_avatar_acp_groups($expected, $avatar_type, $data)
+	{
+		$this->assert_avatar_submit($expected, $avatar_type, $data);
+	}
+}

tests/functional/avatar_acp_users_test.php

@@ -0,0 +1,61 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2013 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+require_once dirname(__FILE__) . '/common_avatar_test.php';
+
+/**
+ * @group functional
+ */
+class phpbb_functional_avatar_acp_users_test extends phpbb_functional_common_avatar_test
+{
+	public function get_url()
+	{
+		return 'adm/index.php?i=acp_users&u=2&mode=avatar';
+	}
+
+	public function avatar_acp_users_data()
+	{
+		return array(
+			// Gravatar with incorrect email
+			array(
+				'EMAIL_INVALID_EMAIL',
+				'avatar_driver_gravatar',
+				array(
+					'avatar_gravatar_email'		=> 'test.example.com',
+					'avatar_gravatar_width'		=> 80,
+					'avatar_gravatar_height'	=> 80,
+				),
+			),
+			// Remote avatar with correct link
+			array(
+				'USER_AVATAR_UPDATED',
+				'avatar_driver_upload',
+				array(
+					'avatar_upload_url'	=> 'https://secure.gravatar.com/avatar/55502f40dc8b7c769880b10874abc9d0.jpg',
+				),
+			),
+			// Reset avatar settings
+			array(
+				'USER_AVATAR_UPDATED',
+				'avatar_driver_gravatar',
+				array(
+					'avatar_delete'	=> array('tick', ''),
+				),
+			),
+		);
+	}
+
+	/**
+	* @dataProvider avatar_acp_users_data
+	*/
+	public function test_avatar_acp_users($expected, $avatar_type, $data)
+	{
+		$this->assert_avatar_submit($expected, $avatar_type, $data);
+	}
+}

tests/functional/avatar_ucp_groups_test.php

@@ -0,0 +1,71 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2013 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+require_once dirname(__FILE__) . '/common_avatar_test.php';
+
+/**
+ * @group functional
+ */
+class phpbb_functional_avatar_ucp_groups_test extends phpbb_functional_common_avatar_test
+{
+	public function get_url()
+	{
+		return 'ucp.php?i=ucp_groups&mode=manage&action=edit&g=5';
+	}
+
+	public function avatar_ucp_groups_data()
+	{
+		return array(
+			// Incorrect URL
+			array(
+				'AVATAR_URL_INVALID',
+				'avatar_driver_upload',
+				array(
+					'avatar_upload_url'	=> 'https://secure.gravatar.com/avatar/55502f40dc8b7c769880b10874abc9d0?s=80',
+				),
+			),
+			/*
+			// Does not work due to DomCrawler issue
+			// Valid file upload
+			array(
+				'GROUP_UPDATED',
+				'avatar_driver_upload',
+				array(
+					'avatar_upload_file'	=> array('upload', $this->path . 'valid.jpg'),
+				),
+			),
+			*/
+			// Correct remote avatar
+			array(
+				'GROUP_UPDATED',
+				'avatar_driver_remote',
+				array(
+					'avatar_remote_url'	=> 'https://secure.gravatar.com/avatar/55502f40dc8b7c769880b10874abc9d0.jpg',
+					'avatar_remote_width'	=> 80,
+					'avatar_remote_height'	=> 80,
+				),
+			),
+			array(
+				'GROUP_UPDATED',
+				'avatar_driver_gravatar',
+				array(
+					'avatar_delete'	=> array('tick', ''),
+				),
+			),
+		);
+	}
+
+	/**
+	* @dataProvider avatar_ucp_groups_data
+	*/
+	public function test_avatar_ucp_groups($expected, $avatar_type, $data)
+	{
+		$this->assert_avatar_submit($expected, $avatar_type, $data);
+	}
+}

tests/functional/avatar_ucp_users_test.php

@@ -0,0 +1,78 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2013 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+require_once dirname(__FILE__) . '/common_avatar_test.php';
+
+/**
+ * @group functional
+ */
+class phpbb_functional_avatar_ucp_users_test extends phpbb_functional_common_avatar_test
+{
+	public function get_url()
+	{
+		return 'ucp.php?i=ucp_profile&mode=avatar';
+	}
+
+	public function avatar_ucp_groups_data()
+	{
+		return array(
+			// Gravatar with correct settings
+			array(
+				'PROFILE_UPDATED',
+				'avatar_driver_gravatar',
+				array(
+					'avatar_gravatar_email'		=> 'test@example.com',
+					'avatar_gravatar_width'		=> 80,
+					'avatar_gravatar_height'	=> 80,
+				),
+			),
+			// Wrong driver selected
+			array(
+				'NO_AVATAR_SELECTED',
+				'avatar_driver_upload',
+				array(
+					'avatar_remote_url'	=> 'https://secure.gravatar.com/avatar/55502f40dc8b7c769880b10874abc9d0.jpg',
+					'avatar_remote_width'	=> 80,
+					'avatar_remote_height'	=> 80,
+				),
+			),
+			array(
+				'PROFILE_UPDATED',
+				'avatar_driver_gravatar',
+				array(
+					'avatar_delete'	=> array('tick', ''),
+				),
+			),
+		);
+	}
+
+	/**
+	* @dataProvider avatar_ucp_groups_data
+	*/
+	public function test_avatar_ucp_groups($expected, $avatar_type, $data)
+	{
+		$this->assert_avatar_submit($expected, $avatar_type, $data);
+	}
+
+	public function test_display_upload_avatar()
+	{
+		$this->assert_avatar_submit('PROFILE_UPDATED',
+			'avatar_driver_upload',
+			array(
+				'avatar_upload_url'	=> 'https://secure.gravatar.com/avatar/55502f40dc8b7c769880b10874abc9d0.jpg',
+			)
+		);
+
+		$crawler = self::request('GET', $this->get_url() . '&sid=' . $this->sid);
+		$avatar_link = $crawler->filter('img')->attr('src');
+		$crawler = self::request('GET', $avatar_link . '&sid=' . $this->sid, array(), false);
+		$content = self::$client->getResponse()->getContent();
+		self::assertEquals(false, stripos(trim($content), 'debug'), 'Output contains debug message');
+	}
+}

tests/functional/browse_test.php

@@ -29,4 +29,11 @@ class phpbb_functional_browse_test extends phpbb_functional_test_case
 		$crawler = self::request('GET', 'viewtopic.php?t=1');
 		$this->assertGreaterThan(0, $crawler->filter('.postbody')->count());
 	}
+
+	public function test_feed()
+	{
+		$crawler = self::request('GET', 'feed.php', array(), false);
+		self::assert_response_xml();
+		$this->assertGreaterThan(0, $crawler->filter('entry')->count());
+	}
 }

tests/functional/common_avatar_test.php

@@ -0,0 +1,80 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2013 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+/**
+ * @group functional
+ */
+abstract class phpbb_functional_common_avatar_test extends phpbb_functional_test_case
+{
+	private $path;
+	private $form_content;
+
+	abstract function get_url();
+
+	public function setUp()
+	{
+		parent::setUp();
+		$this->path = __DIR__ . '/fixtures/files/';
+		$this->login();
+		$this->admin_login();
+		$this->add_lang(array('acp/board', 'ucp', 'acp/users', 'acp/groups'));
+		$this->set_acp_settings();
+	}
+
+	private function set_acp_settings()
+	{
+		$crawler = self::request('GET', 'adm/index.php?i=acp_board&mode=avatar&sid=' . $this->sid);
+		// Check the default entries we should have
+		$this->assertContainsLang('ALLOW_GRAVATAR', $crawler->text());
+		$this->assertContainsLang('ALLOW_REMOTE', $crawler->text());
+		$this->assertContainsLang('ALLOW_AVATARS', $crawler->text());
+		$this->assertContainsLang('ALLOW_LOCAL', $crawler->text());
+
+		// Now start setting the needed settings
+		$form = $crawler->selectButton($this->lang('SUBMIT'))->form();
+		$form['config[allow_avatar_local]']->select(1);
+		$form['config[allow_avatar_gravatar]']->select(1);
+		$form['config[allow_avatar_remote]']->select(1);
+		$form['config[allow_avatar_remote_upload]']->select(1);
+		$crawler = self::submit($form);
+		$this->assertContainsLang('CONFIG_UPDATED', $crawler->text());
+	}
+
+	public function assert_avatar_submit($expected, $type, $data, $button_text = 'SUBMIT')
+	{
+		$crawler = self::request('GET', $this->get_url() . '&sid=' . $this->sid);
+
+		// Test if setting a gravatar avatar properly works
+		$form = $crawler->selectButton($this->lang($button_text))->form();
+		$form['avatar_driver']->select($type);
+
+		foreach ($data as $key => $value)
+		{
+			if (is_array($value))
+			{
+				$form[$key]->$value[0]($value[1]);
+			}
+			else
+			{
+				$form[$key]->setValue($value);
+			}
+		}
+
+		$crawler = self::submit($form);
+
+		try
+		{
+			$this->assertContainsLang($expected, $crawler->text());
+		}
+		catch (Exception $e)
+		{
+			$this->assertContains($expected, $crawler->text());
+		}
+	}
+}

tests/functional/extension_permission_lang_test.php

@@ -18,6 +18,7 @@ class phpbb_functional_extension_permission_lang_test extends phpbb_functional_t
 
 	static protected $fixtures = array(
 		'foo/bar/language/en/',
+		'foo/bar/event/',
 	);
 
 	static public function setUpBeforeClass()
@@ -75,6 +76,6 @@ class phpbb_functional_extension_permission_lang_test extends phpbb_functional_t
 		$this->assertContains('Can attach files', $crawler->filter('body')->text());
 
 		// language from ext/foo/bar/language/en/permissions_foo.php
-		$this->assertContains('Can view foo', $crawler->filter('body')->text());
+		$this->assertContains('Can view foobar', $crawler->filter('body')->text());
 	}
 }

tests/functional/fixtures/ext/foo/bar/event/permission_listener.php

@@ -0,0 +1,40 @@
+<?php
+
+/**
+*
+* @package testing
+* @copyright (c) 2013 phpBB Group
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+*
+*/
+
+/**
+* @ignore
+*/
+
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
+/**
+* Event listener
+*/
+use Symfony\Component\EventDispatcher\EventSubscriberInterface;
+
+class phpbb_ext_foo_bar_event_permission_listener implements EventSubscriberInterface
+{
+	static public function getSubscribedEvents()
+	{
+		return array(
+			'core.permissions'	=> 'add_permissions',
+		);
+	}
+
+	public function add_permissions($event)
+	{
+		$permissions = $event['permissions'];
+		$permissions['u_foo'] = array('lang' => 'ACL_U_FOOBAR', 'cat' => 'post');
+		$event['permissions'] = $permissions;
+	}
+}

tests/functional/fixtures/ext/foo/bar/language/en/permissions_foo.php

@@ -1,6 +1,5 @@
 <?php
 
-// Admin Permissions
 $lang = array_merge($lang, array(
-    'acl_u_foo'    => array('lang' => 'Can view foo', 'cat' => 'misc'),
+	'ACL_U_FOOBAR'		=> 'Can view foobar with permission foo',
 ));

tests/functional/report_post_captcha_test.php

@@ -12,13 +12,6 @@
  */
 class phpbb_functional_report_post_captcha_test extends phpbb_functional_test_case
 {
-	public function test_user_report_post()
-	{
-		$this->login();
-		$crawler = self::request('GET', 'report.php?f=2&p=1');
-		$this->assertNotContains($this->lang('CONFIRM_CODE'), $crawler->filter('html')->text());
-	}
-
 	public function test_guest_report_post()
 	{
 		$crawler = self::request('GET', 'report.php?f=2&p=1');
@@ -31,6 +24,18 @@ class phpbb_functional_report_post_captcha_test extends phpbb_functional_test_ca
 		$this->set_reporting_guest(-1);
 	}
 
+	public function test_user_report_post()
+	{
+		$this->login();
+		$crawler = self::request('GET', 'report.php?f=2&p=1');
+		$this->assertNotContains($this->lang('CONFIRM_CODE'), $crawler->filter('html')->text());
+
+		$this->add_lang('mcp');
+		$form = $crawler->selectButton($this->lang('SUBMIT'))->form();
+		$crawler = self::submit($form);
+		$this->assertContains($this->lang('POST_REPORTED_SUCCESS'), $crawler->text());
+	}
+
 	protected function set_reporting_guest($report_post_allowed)
 	{
 		$this->login();

tests/mock/auth_provider.php

@@ -0,0 +1,53 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2013 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+/**
+ * Mock auth provider class with basic functions to help test sessions.
+ */
+class phpbb_mock_auth_provider implements phpbb_auth_provider_interface
+{
+	function init()
+	{
+		return null;
+	}
+
+	function login($username, $password)
+	{
+		return array(
+			'status' => "",
+			'error_msg' => "",
+			'user_row' => "",
+		);
+	}
+
+	function autologin()
+	{
+		return array();
+	}
+
+	function acp()
+	{
+		return array();
+	}
+
+	function logout($data, $new_session)
+	{
+		return null;
+	}
+
+	function validate_session($user)
+	{
+		return null;
+	}
+
+	public function get_acp_template($new_config)
+	{
+		return null;
+	}
+}

tests/mock/session_testable.php

@@ -58,5 +58,9 @@ class phpbb_mock_session_testable extends phpbb_session
 			}
 		}
 	}
+
+	public function setup()
+	{
+	}
 }
 

tests/session/check_ban_test.php

@@ -0,0 +1,78 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2013 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+require_once dirname(__FILE__) . '/../test_framework/phpbb_session_test_case.php';
+
+class phpbb_session_check_ban_test extends phpbb_session_test_case
+{
+	protected $user_id = 4;
+	protected $key_id = 4;
+	protected $session;
+	protected $backup_cache;
+
+	public function getDataSet()
+	{
+		return $this->createXMLDataSet(dirname(__FILE__) . '/fixtures/sessions_banlist.xml');
+	}
+
+	static function check_banned_data()
+	{
+		return array(
+		    array('All false values, should not be banned',
+				 false, false, false, false, /* should be banned? -> */ false),
+			array('Matching values in the database, should be banned',
+				 4, '127.0.0.1', 'bar@example.org', true, /* should be banned? -> */ true),
+			array('IP Banned, should be banned',
+			     false, '127.1.1.1', false, false, /* should be banned? -> */ true),
+		);
+	}
+
+	public function setUp()
+	{
+		parent::setUp();
+		// Get session here so that config is mocked correctly
+		$this->session = $this->session_factory->get_session($this->db);
+		global $cache, $config, $phpbb_root_path, $phpEx;
+		$this->backup_cache = $cache;
+		// Change the global cache object for this test because
+		// the mock cache object does not hit the database as is needed
+		// for this test.
+		$cache = new phpbb_cache_service(
+			new phpbb_cache_driver_file(),
+			$config,
+			$this->db,
+			$phpbb_root_path,
+			$phpEx
+		);
+	}
+
+	public function tearDown()
+	{
+		parent::tearDown();
+		// Set cache back to what it was before the test changed it
+		global $cache;
+		$cache = $this->backup_cache;
+	}
+
+	/** @dataProvider check_banned_data */
+	public function test_check_is_banned($test_msg, $user_id, $user_ips, $user_email, $return, $should_be_banned)
+	{
+		try
+		{
+			$is_banned = $this->session->check_ban($user_id, $user_ips, $user_email, $return);
+		}
+		catch (PHPUnit_Framework_Error_Notice $e)
+		{
+			// User error was triggered, user must have been banned
+			$is_banned = true;
+		}
+
+		$this->assertEquals($should_be_banned, $is_banned, $test_msg);
+	}
+}

tests/session/check_isvalid_test.php

@@ -0,0 +1,61 @@
+<?php
+/**
+*
+* @package testing
+* @copyright (c) 2013 phpBB Group
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+*
+*/
+
+require_once dirname(__FILE__) . '/../test_framework/phpbb_session_test_case.php';
+
+class phpbb_session_check_isvalid_test extends phpbb_session_test_case
+{
+	public function getDataSet()
+	{
+		return $this->createXMLDataSet(dirname(__FILE__) . '/fixtures/sessions_full.xml');
+	}
+
+	protected function access_with($session_id, $user_id, $user_agent, $ip)
+	{
+		$this->session_factory->merge_test_data($session_id, $user_id, $user_agent, $ip);
+
+		$session = $this->session_factory->get_session($this->db);
+		$session->page = array('page' => 'page', 'forum' => 0);
+
+		$session->session_begin();
+		$this->session_factory->check($this);
+		return $session;
+	}
+
+	public function test_session_valid_session_exists()
+	{
+		$session = $this->access_with('bar_session000000000000000000000', '4', 'user agent', '127.0.0.1');
+		$session->check_cookies($this, array());
+
+		$this->check_sessions_equals(array(
+				array('session_id' => 'anon_session00000000000000000000', 'session_user_id' => 1),
+				array('session_id' => 'bar_session000000000000000000000', 'session_user_id' => 4),
+			),
+			'If a request comes with a valid session id with matching user agent and IP, no new session should be created.'
+		);
+	}
+
+	public function test_session_invalid_make_new_annon_session()
+	{
+		$session = $this->access_with('anon_session00000000000000000000', '4', 'user agent', '127.0.0.1');
+		$session->check_cookies($this, array(
+			'u' => array('1', null),
+			'k' => array(null, null),
+			'sid' => array($session->session_id, null),
+		));
+
+		$this->check_sessions_equals(array(
+				array('session_id' => $session->session_id, 'session_user_id' => 1), // use generated SID
+				array('session_id' => 'bar_session000000000000000000000', 'session_user_id' => 4),
+			),
+			'If a request comes with a valid session id and IP but different user id and user agent,
+				 a new anonymous session is created and the session matching the supplied session id is deleted.'
+		);
+	}
+}

tests/session/continue_test.php

@@ -1,133 +0,0 @@
-<?php
-/**
-*
-* @package testing
-* @copyright (c) 2011 phpBB Group
-* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
-*
-*/
-
-require_once dirname(__FILE__) . '/testable_factory.php';
-
-class phpbb_session_continue_test extends phpbb_database_test_case
-{
-	public function getDataSet()
-	{
-		return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/sessions_full.xml');
-	}
-
-	static public function session_begin_attempts()
-	{
-		// The session_id field is defined as CHAR(32) in the database schema.
-		// Thus the data we put in session_id fields has to have a length of 32 characters on stricter DBMSes.
-		// Thus we fill those strings up with zeroes until they have a string length of 32.
-
-		return array(
-			array(
-				'bar_session000000000000000000000', '4', 'user agent', '127.0.0.1',
-				array(
-					array('session_id' => 'anon_session00000000000000000000', 'session_user_id' => 1),
-					array('session_id' => 'bar_session000000000000000000000', 'session_user_id' => 4),
-				),
-				array(),
-				'If a request comes with a valid session id with matching user agent and IP, no new session should be created.',
-			),
-			array(
-				'anon_session00000000000000000000', '4', 'user agent', '127.0.0.1',
-				array(
-					array('session_id' => '__new_session_id__', 'session_user_id' => 1), // use generated SID
-					array('session_id' => 'bar_session000000000000000000000', 'session_user_id' => 4),
-				),
-				array(
-					'u' => array('1', null),
-					'k' => array(null, null),
-					'sid' => array('__new_session_id__', null),
-				),
-				'If a request comes with a valid session id and IP but different user id and user agent, a new anonymous session is created and the session matching the supplied session id is deleted.',
-			),
-		);
-	}
-
-	/**
-	* @dataProvider session_begin_attempts
-	*/
-	public function test_session_begin_valid_session($session_id, $user_id, $user_agent, $ip, $expected_sessions, $expected_cookies, $message)
-	{
-		global $phpbb_container, $phpbb_root_path, $phpEx;
-
-		$db = $this->new_dbal();
-		$config = new phpbb_config(array());
-		$request = $this->getMock('phpbb_request');
-		$user = $this->getMock('phpbb_user');
-
-		$auth_provider = new phpbb_auth_provider_db($db, $config, $request, $user, $phpbb_root_path, $phpEx);
-		$phpbb_container = $this->getMock('Symfony\Component\DependencyInjection\ContainerInterface');
-		$phpbb_container->expects($this->any())
-			->method('get')
-			->with('auth.provider.db')
-			->will($this->returnValue($auth_provider));
-
-		$session_factory = new phpbb_session_testable_factory;
-		$session_factory->set_cookies(array(
-			'_sid' => $session_id,
-			'_u' => $user_id,
-		));
-		$session_factory->merge_config_data(array(
-			'session_length' => time(), // need to do this to allow sessions started at time 0
-		));
-		$session_factory->merge_server_data(array(
-			'HTTP_USER_AGENT' => $user_agent,
-			'REMOTE_ADDR' => $ip,
-		));
-
-		$session = $session_factory->get_session($db);
-		$session->page = array('page' => 'page', 'forum' => 0);
-
-		$session->session_begin();
-
-		$sql = 'SELECT session_id, session_user_id
-			FROM phpbb_sessions
-			ORDER BY session_user_id';
-
-		$expected_sessions = $this->replace_session($expected_sessions, $session->session_id);
-		$expected_cookies = $this->replace_session($expected_cookies, $session->session_id);
-
-		$this->assertSqlResultEquals(
-			$expected_sessions,
-			$sql,
-			$message
-		);
-
-		$session->check_cookies($this, $expected_cookies);
-
-		$session_factory->check($this);
-	}
-
-	/**
-	* Replaces recursively the value __new_session_id__ with the given session
-	* id.
-	*
-	* @param array $array An array of data
-	* @param string $session_id The new session id to use instead of the
-	*                           placeholder.
-	* @return array The input array with all occurances of __new_session_id__
-	*               replaced.
-	*/
-	public function replace_session($array, $session_id)
-	{
-		foreach ($array as $key => &$value)
-		{
-			if ($value === '__new_session_id__')
-			{
-				$value = $session_id;
-			}
-
-			if (is_array($value))
-			{
-				$value = $this->replace_session($value, $session_id);
-			}
-		}
-
-		return $array;
-	}
-}

tests/session/create_test.php

@@ -0,0 +1,43 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2013 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+require_once dirname(__FILE__) . '/../test_framework/phpbb_session_test_case.php';
+
+class phpbb_session_create_test extends phpbb_session_test_case
+{
+	public function getDataSet()
+	{
+		return $this->createXMLDataSet(dirname(__FILE__) . '/fixtures/sessions_full.xml');
+	}
+
+	static function bot($bot_agent, $user_id, $bot_ip)
+	{
+		return array(array(
+			'bot_agent' => $bot_agent,
+			'user_id' => $user_id,
+			'bot_ip' => $bot_ip,
+		));
+	}
+
+	function test_bot_session()
+	{
+		$output = $this->session_facade->session_create(
+			false,
+			false,
+			false,
+			false,
+			array(),
+			'user agent',
+			'127.0.0.1',
+			self::bot('user agent', 13, '127.0.0.1'),
+			''
+		);
+		$this->assertEquals(true, $output->data['is_bot'], 'should be a bot');
+	}
+}

tests/session/creation_test.php

@@ -1,69 +0,0 @@
-<?php
-/**
-*
-* @package testing
-* @copyright (c) 2011 phpBB Group
-* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
-*
-*/
-
-require_once dirname(__FILE__) . '/testable_factory.php';
-
-class phpbb_session_creation_test extends phpbb_database_test_case
-{
-	public function getDataSet()
-	{
-		return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/sessions_empty.xml');
-	}
-
-	// also see security/extract_current_page.php
-
-	public function test_login_session_create()
-	{
-		global $phpbb_container, $phpbb_root_path, $phpEx;
-
-		$db = $this->new_dbal();
-		$config = new phpbb_config(array());
-		$request = $this->getMock('phpbb_request');
-		$user = $this->getMock('phpbb_user');
-
-		$auth_provider = new phpbb_auth_provider_db($db, $config, $request, $user, $phpbb_root_path, $phpEx);
-		$phpbb_container = $this->getMock('Symfony\Component\DependencyInjection\ContainerInterface');
-		$phpbb_container->expects($this->any())
-			->method('get')
-			->with('auth.provider.db')
-			->will($this->returnValue($auth_provider));
-
-		$session_factory = new phpbb_session_testable_factory;
-
-		$session = $session_factory->get_session($db);
-		$session->page = array('page' => 'page', 'forum' => 0);
-
-		$session->session_create(3);
-
-		$sql = 'SELECT session_user_id
-			FROM phpbb_sessions';
-
-		$this->assertSqlResultEquals(
-			array(array('session_user_id' => 3)),
-			$sql,
-			'Check if exactly one session for user id 3 was created'
-		);
-
-		$one_year_in_seconds = 365 * 24 * 60 * 60;
-		$cookie_expire = $session->time_now + $one_year_in_seconds;
-
-		$session->check_cookies($this, array(
-			'u' => array(null, $cookie_expire),
-			'k' => array(null, $cookie_expire),
-			'sid' => array($session->session_id, $cookie_expire),
-		));
-
-		global $SID, $_SID;
-		$this->assertEquals($session->session_id, $_SID);
-		$this->assertEquals('?sid=' . $session->session_id, $SID);
-
-		$session_factory->check($this);
-	}
-}
-

tests/session/extract_hostname_test.php

@@ -0,0 +1,51 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2013 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+require_once dirname(__FILE__) . '/../test_framework/phpbb_session_test_case.php';
+
+class phpbb_session_extract_hostname_test extends phpbb_session_test_case
+{
+	public function getDataSet()
+	{
+		return $this->createXMLDataSet(dirname(__FILE__) . '/fixtures/sessions_empty.xml');
+	}
+
+	static public function extract_current_hostname_data()
+	{
+		return array (
+			// [Input] $host, $server_name_config, $cookie_domain_config, [Expected] $output
+			// If host is ip use that
+			//    ipv4
+			array('127.0.0.1', 'skipped.org', 'skipped.org', '127.0.0.1'),
+			//    ipv6
+			array('::1', 'skipped.org', 'skipped.org', ':'),
+			array('2002::3235:51f9', 'skipped.org', 'skipped.org', '2002::3235'),
+			// If no host but server name matches cookie_domain use that
+			array('', 'example.org', 'example.org', 'example.org'),
+			// If there is a host uri use that
+			array('example.org', false, false, 'example.org'),
+			// 'best approach' guessing
+			array('', 'example.org', false, 'example.org'),
+			array('', false, '127.0.0.1', '127.0.0.1'),
+			array('', false, false, php_uname('n')),
+		);
+	}
+
+	/** @dataProvider extract_current_hostname_data */
+	function test_extract_current_hostname($host, $server_name_config, $cookie_domain_config, $expected)
+	{
+		$output = $this->session_facade->extract_current_hostname(
+			$host,
+			$server_name_config,
+			$cookie_domain_config
+		);
+
+		$this->assertEquals($expected, $output);
+	}
+}

tests/session/extract_page_test.php

@@ -0,0 +1,115 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2013 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+require_once dirname(__FILE__) . '/../test_framework/phpbb_session_test_case.php';
+
+class phpbb_session_extract_page_test extends phpbb_session_test_case
+{
+	public function getDataSet()
+	{
+		return $this->createXMLDataSet(dirname(__FILE__) . '/fixtures/sessions_empty.xml');
+	}
+
+	static public function extract_current_page_data()
+	{
+		return array(
+			array(
+				'./',
+				'/phpBB/index.php',
+				'',
+				'/phpBB/',
+				array(
+					'page_name' => 'index.php',
+					'page_dir' => '',
+					'query_string' => '',
+					'script_path' => '/phpBB/',
+					'root_script_path' => '/phpBB/',
+					'page' => 'index.php',
+					'forum' => 0,
+				),
+			),
+			array(
+				'./',
+				'/phpBB/ucp.php',
+				'mode=login',
+				'/phpBB/ucp.php?mode=login',
+				array(
+					'page_name' => 'ucp.php',
+					'page_dir' => '',
+					'query_string' => 'mode=login',
+					'script_path' => '/phpBB/',
+					'root_script_path' => '/phpBB/',
+					'page' => 'ucp.php?mode=login',
+					'forum' => 0,
+				),
+			),
+			array(
+				'./',
+				'/phpBB/ucp.php',
+				'mode=register',
+				'/phpBB/ucp.php?mode=register',
+				array(
+					'page_name' => 'ucp.php',
+					'page_dir' => '',
+					'query_string' => 'mode=register',
+					'script_path' => '/phpBB/',
+					'root_script_path' => '/phpBB/',
+					'page' => 'ucp.php?mode=register',
+					'forum' => 0,
+				),
+			),
+			array(
+				'./',
+				'/phpBB/ucp.php',
+				'mode=register',
+				'/phpBB/ucp.php?mode=register',
+				array(
+					'page_name' => 'ucp.php',
+					'page_dir' => '',
+					'query_string' => 'mode=register',
+					'script_path' => '/phpBB/',
+					'root_script_path' => '/phpBB/',
+					'page' => 'ucp.php?mode=register',
+					'forum' => 0,
+				),
+			),
+			array(
+				'./../',
+				'/phpBB/adm/index.php',
+				'sid=e7215d958cdd41a6fc13509bebe53e42',
+				'/phpBB/adm/index.php?sid=e7215d958cdd41a6fc13509bebe53e42',
+				array(
+					'page_name' => 'index.php',
+					//'page_dir' => 'adm',
+					// ^-- Ignored because .. returns different directory in live vs testing
+					'query_string' => '',
+					'script_path' => '/phpBB/adm/',
+					'root_script_path' => '/phpBB/',
+					//'page' => 'adm/index.php',
+					'forum' => 0,
+				),
+			),
+		);
+	}
+
+	/** @dataProvider extract_current_page_data */
+	function test_extract_current_page($root_path, $php_self, $query_string, $request_uri, $expected)
+	{
+		$output = $this->session_facade->extract_current_page(
+			$root_path,
+			$php_self,
+			$query_string,
+			$request_uri
+		);
+
+		// This compares the result of the output.
+		// Any keys that are not in the expected array are overwritten by the output (aka not checked).
+		$this->assert_array_content_equals(array_merge($output, $expected), $output);
+	}
+}

tests/session/fixtures/sessions_banlist.xml

@@ -0,0 +1,66 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<dataset>
+	<table name="phpbb_users">
+		<column>user_id</column>
+		<column>username_clean</column>
+		<column>user_permissions</column>
+		<column>user_sig</column>
+		<column>user_occ</column>
+		<column>user_interests</column>
+		<row>
+			<value>1</value>
+			<value>anonymous</value>
+			<value></value>
+			<value></value>
+			<value></value>
+			<value></value>
+		</row>
+    </table>
+    <table name="phpbb_sessions">
+		<column>session_id</column>
+		<column>session_user_id</column>
+		<column>session_ip</column>
+		<column>session_browser</column>
+		<column>session_admin</column>
+		<row>
+			<value>bar_session000000000000000000000</value>
+			<value>4</value>
+            <value>127.0.0.1</value>
+			<value>user agent</value>
+			<value>1</value>
+		</row>
+	</table>
+	<table name="phpbb_banlist">
+        <column>ban_id</column>
+        <column>ban_userid</column>
+        <column>ban_ip</column>
+        <column>ban_email</column>
+        <column>ban_start</column>
+        <column>ban_end</column>
+        <column>ban_exclude</column>
+        <column>ban_reason</column>
+        <column>ban_give_reason</column>
+        <row>
+            <value>2</value>
+            <value>4</value>
+            <value>127.0.0.1</value>
+            <value>bar@example.org</value>
+            <value>1111</value>
+            <value>0</value>
+            <value>0</value>
+            <value>HAHAHA</value>
+            <value>1</value>
+        </row>
+        <row>
+            <value>3</value>
+            <value>0</value>
+            <value>127.1.1.1</value>
+            <value></value>
+            <value>1111</value>
+            <value>0</value>
+            <value>0</value>
+            <value>HAHAHA</value>
+            <value>1</value>
+        </row>
+    </table>
+</dataset>

tests/session/fixtures/sessions_full.xml

@@ -37,17 +37,20 @@
 		<column>session_user_id</column>
 		<column>session_ip</column>
 		<column>session_browser</column>
+		<column>session_admin</column>
 		<row>
 			<value>anon_session00000000000000000000</value>
 			<value>1</value>
 			<value>127.0.0.1</value>
 			<value>anonymous user agent</value>
+			<value>0</value>
 		</row>
 		<row>
 			<value>bar_session000000000000000000000</value>
 			<value>4</value>
 			<value>127.0.0.1</value>
 			<value>user agent</value>
+			<value>1</value>
 		</row>
 	</table>
 </dataset>

tests/session/fixtures/sessions_garbage.xml

@@ -0,0 +1,58 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<dataset>
+	<table name="phpbb_users">
+		<column>user_id</column>
+		<column>username_clean</column>
+		<column>user_permissions</column>
+		<column>user_sig</column>
+		<column>user_occ</column>
+		<column>user_interests</column>
+		<row>
+			<value>4</value>
+			<value>bar</value>
+			<value></value>
+			<value></value>
+			<value></value>
+			<value></value>
+		</row>
+	</table>
+	<table name="phpbb_sessions">
+		<column>session_id</column>
+		<column>session_user_id</column>
+		<column>session_ip</column>
+		<column>session_browser</column>
+		<column>session_admin</column>
+		<row>
+			<value>anon_session00000000000000000000</value>
+			<value>1</value>
+			<value>127.0.0.1</value>
+			<value>anonymous user agent</value>
+			<value>0</value>
+		</row>
+		<row>
+			<value>bar_session000000000000000000000</value>
+			<value>4</value>
+			<value>127.0.0.1</value>
+			<value>user agent</value>
+			<value>1</value>
+		</row>
+	</table>
+	<table name="phpbb_login_attempts">
+		<column>attempt_ip</column>
+		<column>attempt_browser</column>
+		<column>attempt_forwarded_for</column>
+		<column>attempt_time</column>
+		<column>user_id</column>
+		<column>username</column>
+		<column>username_clean</column>
+		<row>
+			<value>127.0.0.1</value>
+			<value>browser</value>
+			<value></value>
+			<value>0001</value>
+			<value>4</value>
+			<value>bar</value>
+			<value>bar</value>
+		</row>
+	</table>
+</dataset>

tests/session/fixtures/sessions_key.xml

@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<dataset>
+    <table name="phpbb_sessions_keys">
+        <column>key_id</column>
+        <column>user_id</column>
+        <column>last_ip</column>
+        <column>last_login</column>
+        <row>
+            <value>a87ff679a2f3e71d9181a67b7542122c</value>
+            <value>4</value>
+            <value>127.0.0.1</value>
+            <value>0</value>
+        </row>
+    </table>
+    <table name="phpbb_sessions">
+        <column>session_id</column>
+        <column>session_user_id</column>
+        <column>session_ip</column>
+        <column>session_browser</column>
+        <row>
+            <value>bar_session000000000000000000000</value>
+            <value>4</value>
+            <value>127.0.0.1</value>
+            <value>user agent</value>
+            <value>1</value>
+        </row>
+    </table>
+    <table name="phpbb_users">
+        <column>user_id</column>
+        <column>username_clean</column>
+        <column>user_permissions</column>
+        <column>user_sig</column>
+        <column>user_occ</column>
+        <column>user_interests</column>
+        <row>
+            <value>4</value>
+            <value>bar</value>
+            <value></value>
+            <value></value>
+            <value></value>
+            <value></value>
+        </row>
+    </table>
+</dataset>

tests/session/garbage_collection_test.php

@@ -0,0 +1,53 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2013 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+require_once dirname(__FILE__) . '/../test_framework/phpbb_session_test_case.php';
+
+class phpbb_session_garbage_collection_test extends phpbb_session_test_case
+{
+	public $session;
+
+	public function getDataSet()
+	{
+		return $this->createXMLDataSet(dirname(__FILE__) . '/fixtures/sessions_garbage.xml');
+	}
+
+	public function setUp()
+	{
+		parent::setUp();
+		$this->session = $this->session_factory->get_session($this->db);
+	}
+
+	public function test_cleanup_all()
+	{
+		$this->check_sessions_equals(
+			array(
+				array(
+					'session_id' => 'anon_session00000000000000000000',
+					'session_user_id' => 1,
+				),
+				array(
+					'session_id' => 'bar_session000000000000000000000',
+					'session_user_id' => 4,
+				),
+			),
+			'Before test, should have some sessions.'
+		);
+		// Set session length so it clears all
+		global $config;
+		$config['session_length'] = 0;
+		// There is an error unless the captcha plugin is set
+		$config['captcha_plugin'] = 'phpbb_captcha_nogd';
+		$this->session->session_gc();
+		$this->check_sessions_equals(
+			array(),
+			'After setting session time to 0, should remove all.'
+		);
+	}
+}

tests/session/session_key_test.php

@@ -0,0 +1,51 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2013 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+require_once dirname(__FILE__) . '/../test_framework/phpbb_session_test_case.php';
+
+class phpbb_session_login_keys_test extends phpbb_session_test_case
+{
+	protected $user_id = 4;
+	protected $key_id = 4;
+
+	public function getDataSet()
+	{
+		return $this->createXMLDataSet(dirname(__FILE__) . '/fixtures/sessions_key.xml');
+	}
+
+	public function test_set_key_manually()
+	{
+		// With AutoLogin setup
+		$this->session_factory->merge_config_data(array('allow_autologin' => true));
+		$session = $this->session_factory->get_session($this->db);
+		// Using a user_id and key that is already in the database
+		$session->cookie_data['u'] = $this->user_id;
+		$session->cookie_data['k'] = $this->key_id;
+		// Try to access session
+		$session->session_create($this->user_id, false, $this->user_id);
+
+		$this->assertEquals($this->user_id, $session->data['user_id'], "session should automatically login");
+	}
+
+	public function test_reset_keys()
+	{
+		// With AutoLogin setup
+		$this->session_factory->merge_config_data(array('allow_autologin' => true));
+		$session = $this->session_factory->get_session($this->db);
+		// Reset of the keys for this user
+		$session->reset_login_keys($this->user_id);
+		// Using a user_id and key that was in the database (before reset)
+		$session->cookie_data['u'] = $this->user_id;
+		$session->cookie_data['k'] = $this->key_id;
+		// Try to access session
+		$session->session_create($this->user_id, false, $this->user_id);
+
+		$this->assertNotEquals($this->user_id, $session->data['user_id'], "session should be cleared");
+	}
+}

tests/session/testable_facade.php

@@ -0,0 +1,142 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2013 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+require_once dirname(__FILE__) . '/testable_factory.php';
+require_once dirname(__FILE__) . '/../../phpBB/phpbb/session.php';
+
+/**
+ * This class exists to expose session.php's functions in a more testable way.
+ *
+ * Since many functions in session.php have global variables inside the function,
+ * this exposes those functions through a testable facade that uses 
+ * testable_factory's mock global variables to modify global variables used in 
+ * the functions.
+ *
+ * This is using the facade pattern to provide a testable "front" to the 
+ * functions in sessions.php.
+ *
+ */
+class phpbb_session_testable_facade
+{
+	protected $db;
+	protected $session_factory;
+
+	function __construct($db, $session_factory)
+	{
+		$this->db = $db;
+		$this->session_factory = $session_factory;
+	}
+
+	function extract_current_page(
+		$root_path,
+		$php_self, 
+		$query_string,
+		$request_uri
+	) 
+	{
+		$this->session_factory->get_session($this->db);
+		global $request;
+		$request->overwrite('PHP_SELF', $php_self, phpbb_request_interface::SERVER);
+		$request->overwrite('QUERY_STRING', $query_string, phpbb_request_interface::SERVER);
+		$request->overwrite('REQUEST_URI', $request_uri, phpbb_request_interface::SERVER);
+		return phpbb_session::extract_current_page($root_path);
+	}
+
+	function extract_current_hostname(
+		$host,
+		$server_name_config,
+		$cookie_domain_config
+	)
+	{
+		$session = $this->session_factory->get_session($this->db);
+		global $config, $request;
+		$config['server_name'] = $server_name_config;
+		$config['cookie_domain'] = $cookie_domain_config;
+		$request->overwrite('SERVER_NAME', $host, phpbb_request_interface::SERVER);
+		$request->overwrite('Host', $host, phpbb_request_interface::SERVER);
+		// Note: There is a php_uname function used as a fallthrough
+		//       that this function doesn't override
+		return $session->extract_current_hostname();
+	}
+
+	/**
+	 *
+	 * This function has a lot of dependencies, so instead of naming them all,
+	 * just ask for overrides
+	 *
+	 * @param update_session_page Boolean of whether to set page of the session
+	 * @param config_overrides An array of overrides for the global config object
+	 * @param request_overrides An array of overrides for the global request object
+	 * @return boolean False if the user is identified, otherwise true.
+	 */
+	function session_begin(
+		$update_session_page = true,
+		$config_overrides = array(),
+		$request_overrides = array(),
+		$cookies_overrides = array()
+	)
+	{
+		$this->session_factory->merge_config_data($config_overrides);
+		$this->session_factory->merge_server_data($request_overrides);
+		$this->session_factory->set_cookies($cookies_overrides);
+		$session = $this->session_factory->get_session($this->db);
+		$session->session_begin($update_session_page);
+		return $session;
+	}
+
+	function session_create(
+		$user_id = false,
+		$set_admin = false,
+		$persist_login = false,
+		$viewonline = true,
+		array $config_overrides = array(),
+		$user_agent = 'user agent',
+		$ip_address = '127.0.0.1',
+		array $bot_overrides = array(),
+		$uri_sid = ""
+	)
+	{
+		$this->session_factory->merge_config_data($config_overrides);
+		// Bots
+		$this->session_factory->merge_cache_data(array('_bots' => $bot_overrides));
+		global $request;
+		$session = $this->session_factory->get_session($this->db);
+		$session->browser = $user_agent;
+		$session->ip = $ip_address;
+		// Uri sid
+		if ($uri_sid)
+		{
+			$_GET['sid'] = $uri_sid;
+		}
+		$session->session_create($user_id, $set_admin, $persist_login, $viewonline);
+		return $session;
+	}
+
+	function validate_referer(
+		$check_script_path,
+		$referer,
+		$host,
+		$force_server_vars,
+		$server_port,
+		$server_name,
+		$root_script_path
+	)
+	{
+		$session = $this->session_factory->get_session($this->db);
+		global $config, $request;
+		$session->referer = $referer;
+		$session->page['root_script_path'] = $root_script_path;
+		$session->host = $host;
+		$config['force_server_vars'] = $force_server_vars;
+		$config['server_name'] = $server_name;
+		$request->overwrite('SERVER_PORT', $server_port, phpbb_request_interface::SERVER);
+		return $session->validate_referer($check_script_path);
+	}
+}
+

tests/session/testable_factory.php

@@ -2,11 +2,14 @@
 /**
 *
 * @package testing
-* @copyright (c) 2011 phpBB Group
+* @copyright (c) 2013 phpBB Group
 * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
 *
 */
 
+require_once dirname(__FILE__) . '/../mock/container_builder.php';
+require_once dirname(__FILE__) . '/../mock/auth_provider.php';
+
 /**
 * This class exists to setup an instance of phpbb's session class for testing.
 *
@@ -16,6 +19,7 @@
 */
 class phpbb_session_testable_factory
 {
+	protected $container;
 	protected $config_data;
 	protected $cache_data;
 	protected $cookies;
@@ -65,7 +69,7 @@ class phpbb_session_testable_factory
 	public function get_session(phpbb_db_driver $dbal)
 	{
 		// set up all the global variables used by session
-		global $SID, $_SID, $db, $config, $cache, $request;
+		global $SID, $_SID, $db, $config, $cache, $request, $phpbb_container;
 
 		$request = $this->request = new phpbb_mock_request(
 			array(),
@@ -83,6 +87,12 @@ class phpbb_session_testable_factory
 		$cache = $this->cache = new phpbb_mock_cache($this->get_cache_data());
 		$SID = $_SID = null;
 
+		$phpbb_container = $this->container = new phpbb_mock_container_builder();
+		$phpbb_container->set(
+			'auth.provider.db',
+			new phpbb_mock_auth_provider()
+		);
+
 		$session = new phpbb_mock_session_testable;
 		return $session;
 	}
@@ -164,6 +174,32 @@ class phpbb_session_testable_factory
 		return $this->server_data = array_merge($this->server_data, $server_data);
 	}
 
+	/**
+	 * Set cookies, merge config and server data in one step.
+	 *
+	 * New values overwrite old ones.
+	 *
+	 * @param $session_id
+	 * @param $user_id
+	 * @param $user_agent
+	 * @param $ip
+	 * @param int $time
+	 */
+	public function merge_test_data($session_id, $user_id, $user_agent, $ip, $time = 0)
+	{
+		$this->set_cookies(array(
+			'_sid' => $session_id,
+			'_u' => $user_id,
+		));
+		$this->merge_config_data(array(
+			'session_length' => time() + $time, // need to do this to allow sessions started at time 0
+		));
+		$this->merge_server_data(array(
+			'HTTP_USER_AGENT' => $user_agent,
+			'REMOTE_ADDR' => $ip,
+		));
+	}
+
 	/**
 	* Retrieve all server variables to be passed to the session.
 	*

tests/session/unset_admin_test.php

@@ -0,0 +1,48 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2013 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+require_once dirname(__FILE__) . '/../test_framework/phpbb_session_test_case.php';
+
+class phpbb_session_unset_admin_test extends phpbb_session_test_case
+{
+	public function getDataSet()
+	{
+		return $this->createXMLDataSet(dirname(__FILE__) . '/fixtures/sessions_full.xml');
+	}
+
+	function get_test_session()
+	{
+		return $this->session_facade->session_begin(
+			true,
+			// Config
+			array(
+				'session_length' => time(), // need to do this to allow sessions started at time 0
+			),
+			// Server
+			array(
+				'HTTP_USER_AGENT' => "user agent",
+				'REMOTE_ADDR' => "127.0.0.1",
+			),
+			// Cookies
+			array(
+				'_sid' => 'bar_session000000000000000000000',
+				'_u' => 4,
+			)
+		);
+	}
+
+	public function test_unset_admin()
+	{
+		$session = $this->get_test_session();
+		$this->assertEquals(1, $session->data['session_admin'], 'should be an admin before test starts');
+		$session->unset_admin();
+		$session = $this->get_test_session();
+		$this->assertEquals(0, $session->data['session_admin'], 'should be not be an admin after unset_admin');
+	}
+}

tests/session/validate_referrer_test.php

@@ -0,0 +1,70 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2013 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+require_once dirname(__FILE__) . '/../test_framework/phpbb_session_test_case.php';
+
+class phpbb_session_validate_referrer_test extends phpbb_session_test_case
+{
+	public function getDataSet()
+	{
+		return $this->createXMLDataSet(dirname(__FILE__) . '/fixtures/sessions_empty.xml');
+	}
+
+	static function referrer_inputs()
+	{
+		$ex = "example.org";
+		$alt = "example.com";
+		return array(
+			// checkpath   referrer  host    forcevars    port servername   rootpath   pass?
+			// 0 Referrer or host wasn't collected, therefore should validate
+			array(false,  '',  $ex,  false,  80, $ex,  '', true),
+			array(false,  $ex, '',   false,  80, $ex,  '', true),
+			// 2 Referrer doesn't match host or server_name
+			array(false,  $alt, $ex,   false,  80, $ex,  '', false),
+			// 3 Everything should check out
+			array(false,  $ex, $ex,  false,    80, $ex,  '', true),
+			// 4 Check Script Path
+			array(true,  $ex, $ex,  false,    80, $ex,  '', true),
+			array(true,  "$ex/foo", $ex,  false,    80, $ex,  "/foo", true),
+			array(true,  "$ex/bar", $ex,  false,    80, $ex,  "/foo", false),
+			// 7 Port (This is not checked unless path is checked)
+			array(true,  "$ex:80/foo", "$ex:80",  false, 80, "$ex:80",  "/foo", true),
+			array(true,  "$ex:80/bar", "$ex:80",  false, 80, "$ex:80",  "/foo", false),
+			array(true,  "$ex:79/foo", "$ex:81",  false, 81, "$ex:81",  "/foo", false),
+		);
+	}
+
+	/** @dataProvider referrer_inputs */
+	function test_referrer_inputs(
+		$check_script_path,
+		$referrer,
+		$host,
+		$force_server_vars,
+		$server_port,
+		$server_name,
+		$root_script_path,
+		$pass_or_fail
+	)
+	{
+		// Referrer needs http:// because it's going to get stripped in function.
+		$referrer = $referrer ? 'http://' . $referrer : '';
+		$this->assertEquals(
+			$pass_or_fail,
+			$this->session_facade->validate_referer(
+				$check_script_path,
+				$referrer,
+				$host,
+				$force_server_vars,
+				$server_port,
+				$server_name,
+				$root_script_path
+			),
+			"referrer should" . ($pass_or_fail ? '' : "n't") . " be validated");
+	}
+}

tests/template/template_test.php

@@ -151,7 +151,7 @@ class phpbb_template_template_test extends phpbb_template_template_test_case
 				array(),
 				array('loop' => array(array(), array(), array(), array(), array(), array(), array()), 'test' => array(array()), 'test.deep' => array(array()), 'test.deep.defines' => array(array())),
 				array(),
-				"xyz\nabc\nabc\nbar\nbar\nabc",
+				"xyz\nabc\n\$VALUE == 'abc'abc\nbar\nbar\nabc\ntest!@#$%^&*()_-=+{}[]:;\",<.>/?",
 			),
 			array(
 				'define_advanced.html',

tests/template/templates/define.html

@@ -2,8 +2,15 @@
 {$VALUE}
 <!-- DEFINE $VALUE = 'abc' -->
 {$VALUE}
+<!-- IF $VALUE != 'abc' -->
+$VALUE != 'abc'
+<!-- ELSEIF $VALUE == 'abc' -->
+$VALUE == 'abc'
+<!-- ENDIF -->
 <!-- INCLUDE define_include.html -->
 {$INCLUDED_VALUE}
 {$VALUE}
 <!-- UNDEFINE $VALUE -->
 {$VALUE}
+<!-- DEFINE $VALUE = 'test!@#$%^&*()_-=+{}[]:;",<.>/?' -->
+{$VALUE}

tests/test_framework/phpbb_functional_test_case.php

@@ -747,6 +747,27 @@ class phpbb_functional_test_case extends phpbb_test_case
 		self::assertStringStartsWith('<!DOCTYPE', trim($content), 'Output found before DOCTYPE specification.');
 	}
 
+	/*
+	* Perform some basic assertions for an xml page
+	*
+	* Checks for debug/error output before the actual page content and the status code
+	*
+	* @param mixed $status_code		Expected status code, false to disable check
+	* @return null
+	*/
+	static public function assert_response_xml($status_code = 200)
+	{
+		if ($status_code !== false)
+		{
+			self::assert_response_status_code($status_code);
+		}
+
+		// Any output before the xml opening means there was an error
+		$content = self::$client->getResponse()->getContent();
+		self::assertNotContains('[phpBB Debug]', $content);
+		self::assertStringStartsWith('<?xml', trim($content), 'Output found before XML specification.');
+	}
+
 	/**
 	* Heuristic function to check that the response is success.
 	*

tests/test_framework/phpbb_session_test_case.php

@@ -0,0 +1,36 @@
+<?php
+/**
+ *
+ * @package testing
+ * @copyright (c) 2013 phpBB Group
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+ *
+ */
+
+require_once dirname(__FILE__) . '/../session/testable_factory.php';
+require_once dirname(__FILE__) . '/../session/testable_facade.php';
+
+abstract class phpbb_session_test_case extends phpbb_database_test_case
+{
+	protected $session_factory;
+	protected $session_facade;
+	protected $db;
+
+	function setUp()
+	{
+		parent::setUp();
+		$this->session_factory = new phpbb_session_testable_factory;
+		$this->db = $this->new_dbal();
+		$this->session_facade =
+			new phpbb_session_testable_facade($this->db, $this->session_factory);
+	}
+
+	protected function check_sessions_equals($expected_sessions, $message)
+	{
+		$sql = 'SELECT session_id, session_user_id
+				FROM phpbb_sessions
+				ORDER BY session_user_id';
+
+		$this->assertSqlResultEquals($expected_sessions, $sql, $message);
+	}
+}

travis/phpunit-postgres-travis.xml

@@ -17,9 +17,6 @@
 			<exclude>tests/functional</exclude>
 			<exclude>tests/lint_test.php</exclude>
 		</testsuite>
-		<testsuite name="phpBB Lint Test">
-			<file>tests/lint_test.php</file>
-		</testsuite>
 		<testsuite name="phpBB Functional Tests">
 			<directory suffix="_test.php" phpVersion="5.3.19" phpVersionOperator=">=">../tests/functional</directory>
 		</testsuite>