From 8e494d75991394d10412870d42e1874f8fe8e754 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sat, 21 Jun 2008 14:30:34 +0000 Subject: [PATCH 01/15] #s29325 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8661 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/docs/CHANGELOG.html | 3 ++- phpBB/includes/session.php | 8 ++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index da25ae64ab..019bdb496c 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -72,7 +72,7 @@ - +

1. Changelog

@@ -122,6 +122,7 @@
  • [Fix] Correctly fetch server name if using non-standard port (#27395)
  • [Fix] Regular expression for email matching in posts will no longer die on long words.
  • [Sec] Only allow urls gone through redirect() being used within login_box(). (thanks nookieman)
    • +
  • [Fix] Do not display ban message if direct call to cron. (thanks Dog Cow for reporting)

    • 1.ii. Changes since 3.0.0

    diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 8a3a16727e..734fbaa070 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1124,6 +1124,14 @@ class session // To circumvent session_begin returning a valid value and the check_ban() not called on second page view, we kill the session again $this->session_kill(false); + // A very special case... we are within the cron script which is not supposed to print out the ban message... show blank page + if (defined('IN_CRON')) + { + garbage_collection(); + exit_handler(); + exit; + } + trigger_error($message); } From 008cccbefc574108d0d550ba10b740c188a86f4f Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sat, 21 Jun 2008 14:30:56 +0000 Subject: [PATCH 02/15] fix 3.0.1 to 3.0.2-RC1 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8662 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/install/database_update.php | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/phpBB/install/database_update.php b/phpBB/install/database_update.php index 43d8c06a27..184331976b 100644 --- a/phpBB/install/database_update.php +++ b/phpBB/install/database_update.php @@ -1770,7 +1770,12 @@ function change_database_data(&$no_updates, $version) $no_updates = false; break; + // No changes from 3.0.1-RC1 to 3.0.1 case '3.0.1-RC1': + break; + + // changes from 3.0.1 to 3.0.2-RC1 + case '3.0.1': set_config('referer_validation', '1'); set_config('check_attachment_content', '1'); @@ -1779,6 +1784,9 @@ function change_database_data(&$no_updates, $version) $no_updates = false; break; + // uncomment once RC1 out - no changes from 3.0.2-RC1 to 3.0.2 +// case '3.0.2-RC1': +// break; } } From 413d9ead8adbcaa0739c02ff279aa02de3746e7b Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sat, 21 Jun 2008 14:31:53 +0000 Subject: [PATCH 03/15] bug #29315 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8663 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/styles/prosilver/template/message_body.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/styles/prosilver/template/message_body.html b/phpBB/styles/prosilver/template/message_body.html index eac7aeb2cb..896f0b826e 100644 --- a/phpBB/styles/prosilver/template/message_body.html +++ b/phpBB/styles/prosilver/template/message_body.html @@ -4,7 +4,7 @@

    {MESSAGE_TITLE}

    {MESSAGE_TEXT}

    -

    {L_RETURN_TO_SEARCH_ADV}

    +

    {L_RETURN_TO_SEARCH_ADV}

    From 7252f69b1af4b017bec4a0999abeaceb65aa01af Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sat, 21 Jun 2008 14:39:10 +0000 Subject: [PATCH 04/15] #29235 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8664 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/styles/subsilver2/template/search_results.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/phpBB/styles/subsilver2/template/search_results.html b/phpBB/styles/subsilver2/template/search_results.html index 7977665893..d277b51db9 100644 --- a/phpBB/styles/subsilver2/template/search_results.html +++ b/phpBB/styles/subsilver2/template/search_results.html @@ -35,7 +35,7 @@ {NEWEST_POST_IMG} - {topicrow.ATTACH_ICON_IMG} {searchresults.TOPIC_TITLE} + {searchresults.ATTACH_ICON_IMG} {searchresults.TOPIC_TITLE} {searchresults.UNAPPROVED_IMG}  @@ -94,7 +94,7 @@
    -  {L_POST_SUBJECT}: {searchresults.POST_SUBJECT} +  {L_POST_SUBJECT}: {searchresults.POST_SUBJECT} [ {L_JUMP_TO_POST} ] From aa2baa7eaa51234e6807905a726c9593c7106679 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sat, 21 Jun 2008 15:09:44 +0000 Subject: [PATCH 05/15] #26795 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8665 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/message_parser.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 6c12903999..8e0103af05 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -400,7 +400,10 @@ class bbcode_firstpass extends bbcode case 'php': $remove_tags = false; - $code = str_replace(array('<', '>'), array('<', '>'), $code); + + $str_from = array('<', '>', '[', ']', '.', ':', ':'); + $str_to = array('<', '>', '[', ']', '.', ':', ':'); + $code = str_replace($str_from, $str_to, $code); if (!preg_match('/\<\?.*?\?\>/is', $code)) { From b8647dc952b8992e3a09d31f27a5f3834fb4e8b5 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sat, 21 Jun 2008 16:04:13 +0000 Subject: [PATCH 06/15] change subject/title column length git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8666 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/develop/create_schema_files.php | 16 ++++----- phpBB/docs/CHANGELOG.html | 25 +++++++------ phpBB/install/database_update.php | 43 ++++++++++++++++++++--- phpBB/install/schemas/firebird_schema.sql | 14 ++++---- phpBB/install/schemas/mssql_schema.sql | 14 ++++---- phpBB/install/schemas/mysql_40_schema.sql | 2 +- phpBB/install/schemas/mysql_41_schema.sql | 14 ++++---- phpBB/install/schemas/oracle_schema.sql | 14 ++++---- phpBB/install/schemas/postgres_schema.sql | 14 ++++---- phpBB/install/schemas/schema_data.sql | 2 +- phpBB/install/schemas/sqlite_schema.sql | 2 +- 11 files changed, 98 insertions(+), 62 deletions(-) diff --git a/phpBB/develop/create_schema_files.php b/phpBB/develop/create_schema_files.php index cefdf404dd..5f583648bf 100644 --- a/phpBB/develop/create_schema_files.php +++ b/phpBB/develop/create_schema_files.php @@ -674,7 +674,7 @@ foreach ($supported_dbms as $dbms) } $line .= ($key_data[0] == 'INDEX') ? 'CREATE INDEX' : ''; - + $line .= " {$table_name}_{$key_name} ON {$table_name} (" . implode(', ', $key_data[1]) . ")\n"; $line .= "/\n"; break; @@ -1005,7 +1005,7 @@ function get_schema_struct() 'topic_id' => array('UINT', 0), 'forum_id' => array('UINT', 0), 'save_time' => array('TIMESTAMP', 0), - 'draft_subject' => array('XSTEXT_UNI', ''), + 'draft_subject' => array('STEXT_UNI', ''), 'draft_message' => array('MTEXT_UNI', ''), ), 'PRIMARY_KEY' => 'draft_id', @@ -1067,7 +1067,7 @@ function get_schema_struct() 'forum_topics_real' => array('UINT', 0), 'forum_last_post_id' => array('UINT', 0), 'forum_last_poster_id' => array('UINT', 0), - 'forum_last_post_subject' => array('XSTEXT_UNI', ''), + 'forum_last_post_subject' => array('STEXT_UNI', ''), 'forum_last_post_time' => array('TIMESTAMP', 0), 'forum_last_poster_name'=> array('VCHAR_UNI', ''), 'forum_last_poster_colour'=> array('VCHAR:6', ''), @@ -1281,7 +1281,7 @@ function get_schema_struct() 'enable_magic_url' => array('BOOL', 1), 'enable_sig' => array('BOOL', 1), 'post_username' => array('VCHAR_UNI:255', ''), - 'post_subject' => array('XSTEXT_UNI', '', 'true_sort'), + 'post_subject' => array('STEXT_UNI', '', 'true_sort'), 'post_text' => array('MTEXT_UNI', ''), 'post_checksum' => array('VCHAR:32', ''), 'post_attachment' => array('BOOL', 0), @@ -1317,7 +1317,7 @@ function get_schema_struct() 'enable_smilies' => array('BOOL', 1), 'enable_magic_url' => array('BOOL', 1), 'enable_sig' => array('BOOL', 1), - 'message_subject' => array('XSTEXT_UNI', ''), + 'message_subject' => array('STEXT_UNI', ''), 'message_text' => array('MTEXT_UNI', ''), 'message_edit_reason' => array('STEXT_UNI', ''), 'message_edit_user' => array('UINT', 0), @@ -1536,7 +1536,7 @@ function get_schema_struct() 'KEYS' => array( 'session_time' => array('INDEX', 'session_time'), 'session_user_id' => array('INDEX', 'session_user_id'), - 'session_forum_id' => array('INDEX', 'session_forum_id'), + 'session_fid' => array('INDEX', 'session_forum_id'), ), ); @@ -1682,7 +1682,7 @@ function get_schema_struct() 'topic_attachment' => array('BOOL', 0), 'topic_approved' => array('BOOL', 1), 'topic_reported' => array('BOOL', 0), - 'topic_title' => array('XSTEXT_UNI', '', 'true_sort'), + 'topic_title' => array('STEXT_UNI', '', 'true_sort'), 'topic_poster' => array('UINT', 0), 'topic_time' => array('TIMESTAMP', 0), 'topic_time_limit' => array('TIMESTAMP', 0), @@ -1698,7 +1698,7 @@ function get_schema_struct() 'topic_last_poster_id' => array('UINT', 0), 'topic_last_poster_name' => array('VCHAR_UNI', ''), 'topic_last_poster_colour' => array('VCHAR:6', ''), - 'topic_last_post_subject' => array('XSTEXT_UNI', ''), + 'topic_last_post_subject' => array('STEXT_UNI', ''), 'topic_last_post_time' => array('TIMESTAMP', 0), 'topic_last_view_time' => array('TIMESTAMP', 0), 'topic_moved_id' => array('UINT', 0), diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index 019bdb496c..8ce216d186 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -90,39 +90,42 @@
  • [Fix] Made the compress_tar class tolerate archives that do not properly have their archived contents listed (Bug #14429 / thanks to JRSweets for his patch)
  • [Fix] Moved topics should not count towards the number of topics in a forum (Bug #14648 / thanks to Schumi for his patch)
  • [Fix] Properly check for invalid characters in MySQL DB prefixes during install (Bug #18775)
    • -
  • [Change] Generalize load check (Bug #21255 / thanks to Xipher)
    • -
  • [Change] Make utf8_htmlspecialchars not pass its argument by reference (Bug #21885)
  • [Fix] Bring the PostgreSQL backup system back to working order (Bug #22385)
    • -
  • [Change] Sort the tables at the database table backup screen
  • [Fix] Update correct theme for cached styles in style.php (Bug #25805)
  • [Fix] Also add PHPBB_INSTALLED check to download/file.php for inline avatar delivery
  • [Fix] Unable to login to some jabber server, reverted previous change (Bug #25095)
  • [Fix] Do not return BMP as valid image type for GD image manipulation (Bug #25925)
    • -
  • [Change] For determining the maximum number of private messages in one box, use the biggest value from all groups the user is a member of (Bug #24665)
  • [Fix] Correctly determine safe mode for temp file creation in functions_upload.php (Bug #23525)
  • [Fix] Correctly sort by rank in memberlist (Bug #24435)
  • [Fix] Purge cache after database restore (Bug #24245)
  • [Fix] Correctly display subforum read/unread icons from RTL in FF3, Konqueror and Safari3+. (thanks arod-1 for the fix, related to Bug #14830)
    • -
  • [Feature] Added optional referer validation of POST requests as additional CSRF protection.
  • [Fix] Added missing form token in acp (thanks NBBN).
    • -
  • [Feature] Added optional stricter upload validation to avoid mime sniffing in addition to the safeguards provided by file.php. (thanks to Nicolas Grekas for compiling the list).
  • [Fix] Do not remove whitespace in front of url containing the boards url and no relative path appended (Bug #27355)
    • -
  • [Change] Show email ban reason on registration. Additionally allow custom errors properly returned if using validate_data(). (Bug #26885)
    • -
  • [Feature] Streamlined banning via the MCP by adding a ban link to the user profile. Also pre-fills ban fields as far as possible.
    • -
  • [Feature] Added ACP logout to reset an admin session.
  • [Fix] reset forum notifications in viewtopic (Bug #28025)
  • [Fix] corrected link for searching post author's other posts (Bug #26455)
  • [Fix] HTTP Authentication supports UTF-8 usernames now (Bug #21135)
  • [Fix] Topic searches by author no longer return invalid results (Bug #11777)
    • -
  • [Change] Don't allow redirects to different domains. (thanks nookieman)
  • [Fix] Delete drafts and bookmarks when deleting an user. (#27585, thanks Schumi for the fix)
  • [Fix] Set last_post_subject for new topics. (#23945)
  • [Fix] Allow moving posts to invisible forums. (#27325)
  • [Fix] Don't allow promoting unapproved group members (#16124)
  • [Fix] Correctly fetch server name if using non-standard port (#27395)
  • [Fix] Regular expression for email matching in posts will no longer die on long words.
    • -
  • [Sec] Only allow urls gone through redirect() being used within login_box(). (thanks nookieman)
  • [Fix] Do not display ban message if direct call to cron. (thanks Dog Cow for reporting)
    • +
  • [Fix] Correctly display double-colon on special conditions within highlighted php source (Bug #26795)
    • +
  • [Fix] Increase storage capacity of titles/subjects due to specialchared content (Bug #25235)
    • +
  • [Change] Adjust truncate_string() to be able to adjust the maximum storage length.
    • +
  • [Change] Generalize load check (Bug #21255 / thanks to Xipher)
    • +
  • [Change] Make utf8_htmlspecialchars not pass its argument by reference (Bug #21885)
    • +
  • [Change] Sort the tables at the database table backup screen
    • +
  • [Change] For determining the maximum number of private messages in one box, use the biggest value from all groups the user is a member of (Bug #24665)
    • +
  • [Change] Show email ban reason on registration. Additionally allow custom errors properly returned if using validate_data(). (Bug #26885)
    • +
  • [Change] Don't allow redirects to different domains. (thanks nookieman)
    • +
  • [Feature] Added optional referer validation of POST requests as additional CSRF protection.
    • +
  • [Feature] Added optional stricter upload validation to avoid mime sniffing in addition to the safeguards provided by file.php. (thanks to Nicolas Grekas for compiling the list).
    • +
  • [Feature] Streamlined banning via the MCP by adding a ban link to the user profile. Also pre-fills ban fields as far as possible.
    • +
  • [Feature] Added ACP logout to reset an admin session.
    • +
  • [Sec] Only allow urls gone through redirect() being used within login_box(). (thanks nookieman)

    • 1.ii. Changes since 3.0.0

    diff --git a/phpBB/install/database_update.php b/phpBB/install/database_update.php index 184331976b..0805a2b273 100644 --- a/phpBB/install/database_update.php +++ b/phpBB/install/database_update.php @@ -8,7 +8,7 @@ * */ -$updates_to_version = '3.0.2-RC1'; +$updates_to_version = '3.0.2-RC2'; // Return if we "just include it" to find out for which version the database update is responsible for if (defined('IN_PHPBB') && defined('IN_INSTALL')) @@ -500,8 +500,37 @@ $database_update_info = array( '3.0.1-RC1' => array(), // No changes from 3.0.1 to 3.0.2-RC1 '3.0.1' => array(), -// uncomment once RC1 out - no changes from 3.0.2-RC1 to 3.0.2 -// '3.0.2-RC1' => array(), + // Changes from 3.0.2-RC1 to 3.0.2-RC2 + '3.0.2-RC1' => array( + 'change_columns' => array( + DRAFTS_TABLE => array( + 'draft_subject' => array('STEXT_UNI', ''), + ), + FORUMS_TABLE => array( + 'forum_last_post_subject' => array('STEXT_UNI', ''), + ), + POSTS_TABLE => array( + 'post_subject' => array('STEXT_UNI', '', 'true_sort'), + ), + PRIVMSGS_TABLE => array( + 'message_subject' => array('STEXT_UNI', ''), + ), + TOPICS_TABLE => array( + 'topic_title' => array('STEXT_UNI', '', 'true_sort'), + 'topic_last_post_subject' => array('STEXT_UNI', ''), + ), + ), + 'drop_keys' => array( + SESSIONS_TABLE => array('session_forum_id'), + ), + 'add_index' => array( + SESSIONS_TABLE => array( + 'session_fid' => array('session_forum_id'), + ), + ), + ), + // uncomment once RC2 out - no changes from 3.0.2-RC2 to 3.0.2 +// '3.0.2-RC2' => array(), ); // Determine mapping database type @@ -1784,8 +1813,12 @@ function change_database_data(&$no_updates, $version) $no_updates = false; break; - // uncomment once RC1 out - no changes from 3.0.2-RC1 to 3.0.2 -// case '3.0.2-RC1': + // No changes from 3.0.2-RC1 to 3.0.2-RC2 + case '3.0.2-RC1': + break; + + // uncomment once RC2 out - no changes from 3.0.2-RC2 to 3.0.2 +// case '3.0.2-RC2': // break; } } diff --git a/phpBB/install/schemas/firebird_schema.sql b/phpBB/install/schemas/firebird_schema.sql index 55ab4c18e1..1d2ec37eaa 100644 --- a/phpBB/install/schemas/firebird_schema.sql +++ b/phpBB/install/schemas/firebird_schema.sql @@ -261,7 +261,7 @@ CREATE TABLE phpbb_drafts ( topic_id INTEGER DEFAULT 0 NOT NULL, forum_id INTEGER DEFAULT 0 NOT NULL, save_time INTEGER DEFAULT 0 NOT NULL, - draft_subject VARCHAR(100) CHARACTER SET UTF8 DEFAULT '' NOT NULL COLLATE UNICODE, + draft_subject VARCHAR(255) CHARACTER SET UTF8 DEFAULT '' NOT NULL COLLATE UNICODE, draft_message BLOB SUB_TYPE TEXT CHARACTER SET UTF8 DEFAULT '' NOT NULL );; @@ -357,7 +357,7 @@ CREATE TABLE phpbb_forums ( forum_topics_real INTEGER DEFAULT 0 NOT NULL, forum_last_post_id INTEGER DEFAULT 0 NOT NULL, forum_last_poster_id INTEGER DEFAULT 0 NOT NULL, - forum_last_post_subject VARCHAR(100) CHARACTER SET UTF8 DEFAULT '' NOT NULL COLLATE UNICODE, + forum_last_post_subject VARCHAR(255) CHARACTER SET UTF8 DEFAULT '' NOT NULL COLLATE UNICODE, forum_last_post_time INTEGER DEFAULT 0 NOT NULL, forum_last_poster_name VARCHAR(255) CHARACTER SET UTF8 DEFAULT '' NOT NULL COLLATE UNICODE, forum_last_poster_colour VARCHAR(6) CHARACTER SET NONE DEFAULT '' NOT NULL, @@ -625,7 +625,7 @@ CREATE TABLE phpbb_posts ( enable_magic_url INTEGER DEFAULT 1 NOT NULL, enable_sig INTEGER DEFAULT 1 NOT NULL, post_username VARCHAR(255) CHARACTER SET UTF8 DEFAULT '' NOT NULL COLLATE UNICODE, - post_subject VARCHAR(100) CHARACTER SET UTF8 DEFAULT '' NOT NULL COLLATE UNICODE, + post_subject VARCHAR(255) CHARACTER SET UTF8 DEFAULT '' NOT NULL COLLATE UNICODE, post_text BLOB SUB_TYPE TEXT CHARACTER SET UTF8 DEFAULT '' NOT NULL, post_checksum VARCHAR(32) CHARACTER SET NONE DEFAULT '' NOT NULL, post_attachment INTEGER DEFAULT 0 NOT NULL, @@ -671,7 +671,7 @@ CREATE TABLE phpbb_privmsgs ( enable_smilies INTEGER DEFAULT 1 NOT NULL, enable_magic_url INTEGER DEFAULT 1 NOT NULL, enable_sig INTEGER DEFAULT 1 NOT NULL, - message_subject VARCHAR(100) CHARACTER SET UTF8 DEFAULT '' NOT NULL COLLATE UNICODE, + message_subject VARCHAR(255) CHARACTER SET UTF8 DEFAULT '' NOT NULL COLLATE UNICODE, message_text BLOB SUB_TYPE TEXT CHARACTER SET UTF8 DEFAULT '' NOT NULL, message_edit_reason VARCHAR(255) CHARACTER SET UTF8 DEFAULT '' NOT NULL COLLATE UNICODE, message_edit_user INTEGER DEFAULT 0 NOT NULL, @@ -977,7 +977,7 @@ ALTER TABLE phpbb_sessions ADD PRIMARY KEY (session_id);; CREATE INDEX phpbb_sessions_session_time ON phpbb_sessions(session_time);; CREATE INDEX phpbb_sessions_session_user_id ON phpbb_sessions(session_user_id);; -CREATE INDEX phpbb_sessions_session_forum_id ON phpbb_sessions(session_forum_id);; +CREATE INDEX phpbb_sessions_session_fid ON phpbb_sessions(session_forum_id);; # Table: 'phpbb_sessions_keys' CREATE TABLE phpbb_sessions_keys ( @@ -1189,7 +1189,7 @@ CREATE TABLE phpbb_topics ( topic_attachment INTEGER DEFAULT 0 NOT NULL, topic_approved INTEGER DEFAULT 1 NOT NULL, topic_reported INTEGER DEFAULT 0 NOT NULL, - topic_title VARCHAR(100) CHARACTER SET UTF8 DEFAULT '' NOT NULL COLLATE UNICODE, + topic_title VARCHAR(255) CHARACTER SET UTF8 DEFAULT '' NOT NULL COLLATE UNICODE, topic_poster INTEGER DEFAULT 0 NOT NULL, topic_time INTEGER DEFAULT 0 NOT NULL, topic_time_limit INTEGER DEFAULT 0 NOT NULL, @@ -1205,7 +1205,7 @@ CREATE TABLE phpbb_topics ( topic_last_poster_id INTEGER DEFAULT 0 NOT NULL, topic_last_poster_name VARCHAR(255) CHARACTER SET UTF8 DEFAULT '' NOT NULL COLLATE UNICODE, topic_last_poster_colour VARCHAR(6) CHARACTER SET NONE DEFAULT '' NOT NULL, - topic_last_post_subject VARCHAR(100) CHARACTER SET UTF8 DEFAULT '' NOT NULL COLLATE UNICODE, + topic_last_post_subject VARCHAR(255) CHARACTER SET UTF8 DEFAULT '' NOT NULL COLLATE UNICODE, topic_last_post_time INTEGER DEFAULT 0 NOT NULL, topic_last_view_time INTEGER DEFAULT 0 NOT NULL, topic_moved_id INTEGER DEFAULT 0 NOT NULL, diff --git a/phpBB/install/schemas/mssql_schema.sql b/phpBB/install/schemas/mssql_schema.sql index a6519bd69e..6890148243 100644 --- a/phpBB/install/schemas/mssql_schema.sql +++ b/phpBB/install/schemas/mssql_schema.sql @@ -344,7 +344,7 @@ CREATE TABLE [phpbb_drafts] ( [topic_id] [int] DEFAULT (0) NOT NULL , [forum_id] [int] DEFAULT (0) NOT NULL , [save_time] [int] DEFAULT (0) NOT NULL , - [draft_subject] [varchar] (100) DEFAULT ('') NOT NULL , + [draft_subject] [varchar] (255) DEFAULT ('') NOT NULL , [draft_message] [text] DEFAULT ('') NOT NULL ) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY] GO @@ -433,7 +433,7 @@ CREATE TABLE [phpbb_forums] ( [forum_topics_real] [int] DEFAULT (0) NOT NULL , [forum_last_post_id] [int] DEFAULT (0) NOT NULL , [forum_last_poster_id] [int] DEFAULT (0) NOT NULL , - [forum_last_post_subject] [varchar] (100) DEFAULT ('') NOT NULL , + [forum_last_post_subject] [varchar] (255) DEFAULT ('') NOT NULL , [forum_last_post_time] [int] DEFAULT (0) NOT NULL , [forum_last_poster_name] [varchar] (255) DEFAULT ('') NOT NULL , [forum_last_poster_colour] [varchar] (6) DEFAULT ('') NOT NULL , @@ -760,7 +760,7 @@ CREATE TABLE [phpbb_posts] ( [enable_magic_url] [int] DEFAULT (1) NOT NULL , [enable_sig] [int] DEFAULT (1) NOT NULL , [post_username] [varchar] (255) DEFAULT ('') NOT NULL , - [post_subject] [varchar] (100) DEFAULT ('') NOT NULL , + [post_subject] [varchar] (255) DEFAULT ('') NOT NULL , [post_text] [text] DEFAULT ('') NOT NULL , [post_checksum] [varchar] (32) DEFAULT ('') NOT NULL , [post_attachment] [int] DEFAULT (0) NOT NULL , @@ -815,7 +815,7 @@ CREATE TABLE [phpbb_privmsgs] ( [enable_smilies] [int] DEFAULT (1) NOT NULL , [enable_magic_url] [int] DEFAULT (1) NOT NULL , [enable_sig] [int] DEFAULT (1) NOT NULL , - [message_subject] [varchar] (100) DEFAULT ('') NOT NULL , + [message_subject] [varchar] (255) DEFAULT ('') NOT NULL , [message_text] [text] DEFAULT ('') NOT NULL , [message_edit_reason] [varchar] (255) DEFAULT ('') NOT NULL , [message_edit_user] [int] DEFAULT (0) NOT NULL , @@ -1180,7 +1180,7 @@ GO CREATE INDEX [session_user_id] ON [phpbb_sessions]([session_user_id]) ON [PRIMARY] GO -CREATE INDEX [session_forum_id] ON [phpbb_sessions]([session_forum_id]) ON [PRIMARY] +CREATE INDEX [session_fid] ON [phpbb_sessions]([session_forum_id]) ON [PRIMARY] GO @@ -1411,7 +1411,7 @@ CREATE TABLE [phpbb_topics] ( [topic_attachment] [int] DEFAULT (0) NOT NULL , [topic_approved] [int] DEFAULT (1) NOT NULL , [topic_reported] [int] DEFAULT (0) NOT NULL , - [topic_title] [varchar] (100) DEFAULT ('') NOT NULL , + [topic_title] [varchar] (255) DEFAULT ('') NOT NULL , [topic_poster] [int] DEFAULT (0) NOT NULL , [topic_time] [int] DEFAULT (0) NOT NULL , [topic_time_limit] [int] DEFAULT (0) NOT NULL , @@ -1427,7 +1427,7 @@ CREATE TABLE [phpbb_topics] ( [topic_last_poster_id] [int] DEFAULT (0) NOT NULL , [topic_last_poster_name] [varchar] (255) DEFAULT ('') NOT NULL , [topic_last_poster_colour] [varchar] (6) DEFAULT ('') NOT NULL , - [topic_last_post_subject] [varchar] (100) DEFAULT ('') NOT NULL , + [topic_last_post_subject] [varchar] (255) DEFAULT ('') NOT NULL , [topic_last_post_time] [int] DEFAULT (0) NOT NULL , [topic_last_view_time] [int] DEFAULT (0) NOT NULL , [topic_moved_id] [int] DEFAULT (0) NOT NULL , diff --git a/phpBB/install/schemas/mysql_40_schema.sql b/phpBB/install/schemas/mysql_40_schema.sql index 266b7707d4..7e4ddeb3cd 100644 --- a/phpBB/install/schemas/mysql_40_schema.sql +++ b/phpBB/install/schemas/mysql_40_schema.sql @@ -674,7 +674,7 @@ CREATE TABLE phpbb_sessions ( PRIMARY KEY (session_id), KEY session_time (session_time), KEY session_user_id (session_user_id), - KEY session_forum_id (session_forum_id) + KEY session_fid (session_forum_id) ); diff --git a/phpBB/install/schemas/mysql_41_schema.sql b/phpBB/install/schemas/mysql_41_schema.sql index bdce42b895..ba51ea2102 100644 --- a/phpBB/install/schemas/mysql_41_schema.sql +++ b/phpBB/install/schemas/mysql_41_schema.sql @@ -183,7 +183,7 @@ CREATE TABLE phpbb_drafts ( topic_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, forum_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, save_time int(11) UNSIGNED DEFAULT '0' NOT NULL, - draft_subject varchar(100) DEFAULT '' NOT NULL, + draft_subject varchar(255) DEFAULT '' NOT NULL, draft_message mediumtext NOT NULL, PRIMARY KEY (draft_id), KEY save_time (save_time) @@ -243,7 +243,7 @@ CREATE TABLE phpbb_forums ( forum_topics_real mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, forum_last_post_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, forum_last_poster_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, - forum_last_post_subject varchar(100) DEFAULT '' NOT NULL, + forum_last_post_subject varchar(255) DEFAULT '' NOT NULL, forum_last_post_time int(11) UNSIGNED DEFAULT '0' NOT NULL, forum_last_poster_name varchar(255) DEFAULT '' NOT NULL, forum_last_poster_colour varchar(6) DEFAULT '' NOT NULL, @@ -437,7 +437,7 @@ CREATE TABLE phpbb_posts ( enable_magic_url tinyint(1) UNSIGNED DEFAULT '1' NOT NULL, enable_sig tinyint(1) UNSIGNED DEFAULT '1' NOT NULL, post_username varchar(255) DEFAULT '' NOT NULL, - post_subject varchar(100) DEFAULT '' NOT NULL COLLATE utf8_unicode_ci, + post_subject varchar(255) DEFAULT '' NOT NULL COLLATE utf8_unicode_ci, post_text mediumtext NOT NULL, post_checksum varchar(32) DEFAULT '' NOT NULL, post_attachment tinyint(1) UNSIGNED DEFAULT '0' NOT NULL, @@ -471,7 +471,7 @@ CREATE TABLE phpbb_privmsgs ( enable_smilies tinyint(1) UNSIGNED DEFAULT '1' NOT NULL, enable_magic_url tinyint(1) UNSIGNED DEFAULT '1' NOT NULL, enable_sig tinyint(1) UNSIGNED DEFAULT '1' NOT NULL, - message_subject varchar(100) DEFAULT '' NOT NULL, + message_subject varchar(255) DEFAULT '' NOT NULL, message_text mediumtext NOT NULL, message_edit_reason varchar(255) DEFAULT '' NOT NULL, message_edit_user mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, @@ -674,7 +674,7 @@ CREATE TABLE phpbb_sessions ( PRIMARY KEY (session_id), KEY session_time (session_time), KEY session_user_id (session_user_id), - KEY session_forum_id (session_forum_id) + KEY session_fid (session_forum_id) ) CHARACTER SET `utf8` COLLATE `utf8_bin`; @@ -803,7 +803,7 @@ CREATE TABLE phpbb_topics ( topic_attachment tinyint(1) UNSIGNED DEFAULT '0' NOT NULL, topic_approved tinyint(1) UNSIGNED DEFAULT '1' NOT NULL, topic_reported tinyint(1) UNSIGNED DEFAULT '0' NOT NULL, - topic_title varchar(100) DEFAULT '' NOT NULL COLLATE utf8_unicode_ci, + topic_title varchar(255) DEFAULT '' NOT NULL COLLATE utf8_unicode_ci, topic_poster mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, topic_time int(11) UNSIGNED DEFAULT '0' NOT NULL, topic_time_limit int(11) UNSIGNED DEFAULT '0' NOT NULL, @@ -819,7 +819,7 @@ CREATE TABLE phpbb_topics ( topic_last_poster_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, topic_last_poster_name varchar(255) DEFAULT '' NOT NULL, topic_last_poster_colour varchar(6) DEFAULT '' NOT NULL, - topic_last_post_subject varchar(100) DEFAULT '' NOT NULL, + topic_last_post_subject varchar(255) DEFAULT '' NOT NULL, topic_last_post_time int(11) UNSIGNED DEFAULT '0' NOT NULL, topic_last_view_time int(11) UNSIGNED DEFAULT '0' NOT NULL, topic_moved_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, diff --git a/phpBB/install/schemas/oracle_schema.sql b/phpBB/install/schemas/oracle_schema.sql index b87fe4527a..19f09bcebd 100644 --- a/phpBB/install/schemas/oracle_schema.sql +++ b/phpBB/install/schemas/oracle_schema.sql @@ -382,7 +382,7 @@ CREATE TABLE phpbb_drafts ( topic_id number(8) DEFAULT '0' NOT NULL, forum_id number(8) DEFAULT '0' NOT NULL, save_time number(11) DEFAULT '0' NOT NULL, - draft_subject varchar2(300) DEFAULT '' , + draft_subject varchar2(765) DEFAULT '' , draft_message clob DEFAULT '' , CONSTRAINT pk_phpbb_drafts PRIMARY KEY (draft_id) ) @@ -500,7 +500,7 @@ CREATE TABLE phpbb_forums ( forum_topics_real number(8) DEFAULT '0' NOT NULL, forum_last_post_id number(8) DEFAULT '0' NOT NULL, forum_last_poster_id number(8) DEFAULT '0' NOT NULL, - forum_last_post_subject varchar2(300) DEFAULT '' , + forum_last_post_subject varchar2(765) DEFAULT '' , forum_last_post_time number(11) DEFAULT '0' NOT NULL, forum_last_poster_name varchar2(765) DEFAULT '' , forum_last_poster_colour varchar2(6) DEFAULT '' , @@ -849,7 +849,7 @@ CREATE TABLE phpbb_posts ( enable_magic_url number(1) DEFAULT '1' NOT NULL, enable_sig number(1) DEFAULT '1' NOT NULL, post_username varchar2(765) DEFAULT '' , - post_subject varchar2(300) DEFAULT '' , + post_subject varchar2(765) DEFAULT '' , post_text clob DEFAULT '' , post_checksum varchar2(32) DEFAULT '' , post_attachment number(1) DEFAULT '0' NOT NULL, @@ -908,7 +908,7 @@ CREATE TABLE phpbb_privmsgs ( enable_smilies number(1) DEFAULT '1' NOT NULL, enable_magic_url number(1) DEFAULT '1' NOT NULL, enable_sig number(1) DEFAULT '1' NOT NULL, - message_subject varchar2(300) DEFAULT '' , + message_subject varchar2(765) DEFAULT '' , message_text clob DEFAULT '' , message_edit_reason varchar2(765) DEFAULT '' , message_edit_user number(8) DEFAULT '0' NOT NULL, @@ -1300,7 +1300,7 @@ CREATE INDEX phpbb_sessions_session_time ON phpbb_sessions (session_time) / CREATE INDEX phpbb_sessions_session_user_id ON phpbb_sessions (session_user_id) / -CREATE INDEX phpbb_sessions_session_forum_id ON phpbb_sessions (session_forum_id) +CREATE INDEX phpbb_sessions_session_fid ON phpbb_sessions (session_forum_id) / /* @@ -1577,7 +1577,7 @@ CREATE TABLE phpbb_topics ( topic_attachment number(1) DEFAULT '0' NOT NULL, topic_approved number(1) DEFAULT '1' NOT NULL, topic_reported number(1) DEFAULT '0' NOT NULL, - topic_title varchar2(300) DEFAULT '' , + topic_title varchar2(765) DEFAULT '' , topic_poster number(8) DEFAULT '0' NOT NULL, topic_time number(11) DEFAULT '0' NOT NULL, topic_time_limit number(11) DEFAULT '0' NOT NULL, @@ -1593,7 +1593,7 @@ CREATE TABLE phpbb_topics ( topic_last_poster_id number(8) DEFAULT '0' NOT NULL, topic_last_poster_name varchar2(765) DEFAULT '' , topic_last_poster_colour varchar2(6) DEFAULT '' , - topic_last_post_subject varchar2(300) DEFAULT '' , + topic_last_post_subject varchar2(765) DEFAULT '' , topic_last_post_time number(11) DEFAULT '0' NOT NULL, topic_last_view_time number(11) DEFAULT '0' NOT NULL, topic_moved_id number(8) DEFAULT '0' NOT NULL, diff --git a/phpBB/install/schemas/postgres_schema.sql b/phpBB/install/schemas/postgres_schema.sql index 84e2845963..f11f1b4d35 100644 --- a/phpBB/install/schemas/postgres_schema.sql +++ b/phpBB/install/schemas/postgres_schema.sql @@ -304,7 +304,7 @@ CREATE TABLE phpbb_drafts ( topic_id INT4 DEFAULT '0' NOT NULL CHECK (topic_id >= 0), forum_id INT4 DEFAULT '0' NOT NULL CHECK (forum_id >= 0), save_time INT4 DEFAULT '0' NOT NULL CHECK (save_time >= 0), - draft_subject varchar(100) DEFAULT '' NOT NULL, + draft_subject varchar(255) DEFAULT '' NOT NULL, draft_message TEXT DEFAULT '' NOT NULL, PRIMARY KEY (draft_id) ); @@ -376,7 +376,7 @@ CREATE TABLE phpbb_forums ( forum_topics_real INT4 DEFAULT '0' NOT NULL CHECK (forum_topics_real >= 0), forum_last_post_id INT4 DEFAULT '0' NOT NULL CHECK (forum_last_post_id >= 0), forum_last_poster_id INT4 DEFAULT '0' NOT NULL CHECK (forum_last_poster_id >= 0), - forum_last_post_subject varchar(100) DEFAULT '' NOT NULL, + forum_last_post_subject varchar(255) DEFAULT '' NOT NULL, forum_last_post_time INT4 DEFAULT '0' NOT NULL CHECK (forum_last_post_time >= 0), forum_last_poster_name varchar(255) DEFAULT '' NOT NULL, forum_last_poster_colour varchar(6) DEFAULT '' NOT NULL, @@ -606,7 +606,7 @@ CREATE TABLE phpbb_posts ( enable_magic_url INT2 DEFAULT '1' NOT NULL CHECK (enable_magic_url >= 0), enable_sig INT2 DEFAULT '1' NOT NULL CHECK (enable_sig >= 0), post_username varchar(255) DEFAULT '' NOT NULL, - post_subject varchar(100) DEFAULT '' NOT NULL, + post_subject varchar(255) DEFAULT '' NOT NULL, post_text TEXT DEFAULT '' NOT NULL, post_checksum varchar(32) DEFAULT '' NOT NULL, post_attachment INT2 DEFAULT '0' NOT NULL CHECK (post_attachment >= 0), @@ -644,7 +644,7 @@ CREATE TABLE phpbb_privmsgs ( enable_smilies INT2 DEFAULT '1' NOT NULL CHECK (enable_smilies >= 0), enable_magic_url INT2 DEFAULT '1' NOT NULL CHECK (enable_magic_url >= 0), enable_sig INT2 DEFAULT '1' NOT NULL CHECK (enable_sig >= 0), - message_subject varchar(100) DEFAULT '' NOT NULL, + message_subject varchar(255) DEFAULT '' NOT NULL, message_text TEXT DEFAULT '' NOT NULL, message_edit_reason varchar(255) DEFAULT '' NOT NULL, message_edit_user INT4 DEFAULT '0' NOT NULL CHECK (message_edit_user >= 0), @@ -891,7 +891,7 @@ CREATE TABLE phpbb_sessions ( CREATE INDEX phpbb_sessions_session_time ON phpbb_sessions (session_time); CREATE INDEX phpbb_sessions_session_user_id ON phpbb_sessions (session_user_id); -CREATE INDEX phpbb_sessions_session_forum_id ON phpbb_sessions (session_forum_id); +CREATE INDEX phpbb_sessions_session_fid ON phpbb_sessions (session_forum_id); /* Table: 'phpbb_sessions_keys' @@ -1054,7 +1054,7 @@ CREATE TABLE phpbb_topics ( topic_attachment INT2 DEFAULT '0' NOT NULL CHECK (topic_attachment >= 0), topic_approved INT2 DEFAULT '1' NOT NULL CHECK (topic_approved >= 0), topic_reported INT2 DEFAULT '0' NOT NULL CHECK (topic_reported >= 0), - topic_title varchar(100) DEFAULT '' NOT NULL, + topic_title varchar(255) DEFAULT '' NOT NULL, topic_poster INT4 DEFAULT '0' NOT NULL CHECK (topic_poster >= 0), topic_time INT4 DEFAULT '0' NOT NULL CHECK (topic_time >= 0), topic_time_limit INT4 DEFAULT '0' NOT NULL CHECK (topic_time_limit >= 0), @@ -1070,7 +1070,7 @@ CREATE TABLE phpbb_topics ( topic_last_poster_id INT4 DEFAULT '0' NOT NULL CHECK (topic_last_poster_id >= 0), topic_last_poster_name varchar(255) DEFAULT '' NOT NULL, topic_last_poster_colour varchar(6) DEFAULT '' NOT NULL, - topic_last_post_subject varchar(100) DEFAULT '' NOT NULL, + topic_last_post_subject varchar(255) DEFAULT '' NOT NULL, topic_last_post_time INT4 DEFAULT '0' NOT NULL CHECK (topic_last_post_time >= 0), topic_last_view_time INT4 DEFAULT '0' NOT NULL CHECK (topic_last_view_time >= 0), topic_moved_id INT4 DEFAULT '0' NOT NULL CHECK (topic_moved_id >= 0), diff --git a/phpBB/install/schemas/schema_data.sql b/phpBB/install/schemas/schema_data.sql index 3dfe8ae0d9..b9b4141aab 100644 --- a/phpBB/install/schemas/schema_data.sql +++ b/phpBB/install/schemas/schema_data.sql @@ -214,7 +214,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('topics_per_page', INSERT INTO phpbb_config (config_name, config_value) VALUES ('tpl_allow_php', '0'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_icons_path', 'images/upload_icons'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_path', 'files'); -INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.0.2-RC1'); +INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.0.2-RC2'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_expire_days', '90'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_gc', '14400'); diff --git a/phpBB/install/schemas/sqlite_schema.sql b/phpBB/install/schemas/sqlite_schema.sql index f7b5b47081..d7ac93f672 100644 --- a/phpBB/install/schemas/sqlite_schema.sql +++ b/phpBB/install/schemas/sqlite_schema.sql @@ -654,7 +654,7 @@ CREATE TABLE phpbb_sessions ( CREATE INDEX phpbb_sessions_session_time ON phpbb_sessions (session_time); CREATE INDEX phpbb_sessions_session_user_id ON phpbb_sessions (session_user_id); -CREATE INDEX phpbb_sessions_session_forum_id ON phpbb_sessions (session_forum_id); +CREATE INDEX phpbb_sessions_session_fid ON phpbb_sessions (session_forum_id); # Table: 'phpbb_sessions_keys' CREATE TABLE phpbb_sessions_keys ( From 11f27bee84447bf769e10fc7d099bb34209e9c2d Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sat, 21 Jun 2008 16:05:02 +0000 Subject: [PATCH 07/15] further checks on maximum storage length git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8667 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions.php | 2 +- phpBB/includes/functions_content.php | 25 ++++++++++++++++++++++- phpBB/includes/functions_convert.php | 30 ++++++++++++++-------------- phpBB/includes/functions_posting.php | 6 +++--- 4 files changed, 43 insertions(+), 20 deletions(-) diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 40eb3fa823..50e8b8b7fb 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -822,7 +822,7 @@ function tz_select($default = '', $truncate = false) { if ($truncate) { - $zone_trunc = truncate_string($zone, 50, false, '...'); + $zone_trunc = truncate_string($zone, 50, 255, false, '...'); } else { diff --git a/phpBB/includes/functions_content.php b/phpBB/includes/functions_content.php index 97ec78abcc..ced5106c14 100644 --- a/phpBB/includes/functions_content.php +++ b/phpBB/includes/functions_content.php @@ -1066,8 +1066,16 @@ function extension_allowed($forum_id, $extension, &$extensions) /** * Truncates string while retaining special characters if going over the max length * The default max length is 60 at the moment +* The maximum storage length is there to fit the string within the given length. The string may be further truncated due to html entities. +* For example: string given is 'a "quote"' (length: 9), would be a stored as 'a "quote"' (length: 19) +* +* @param string $string The text to truncate to the given length. String is specialchared. +* @param int $max_length Maximum length of string (multibyte character count as 1 char / Html entity count as 1 char) +* @param int $max_store_length Maximum character length of string (multibyte character count as 1 char / Html entity count as entity chars). +* @param bool $allow_reply Allow Re: in front of string +* @param string $append String to be appended */ -function truncate_string($string, $max_length = 60, $allow_reply = true, $append = '') +function truncate_string($string, $max_length = 60, $max_store_length = 255, $allow_reply = true, $append = '') { $chars = array(); @@ -1090,6 +1098,21 @@ function truncate_string($string, $max_length = 60, $allow_reply = true, $append $stripped = true; } + // Due to specialchars, we may not be able to store the string... + if (utf8_strlen($string) > $max_store_length) + { + // let's split again, we do not want half-baked strings where entities are split + $_chars = utf8_str_split(htmlspecialchars_decode($string)); + $chars = array_map('utf8_htmlspecialchars', $_chars); + + do + { + array_pop($chars); + $string = implode('', $chars); + } + while (utf8_strlen($string) > $max_store_length || !sizeof($chars)); + } + if ($strip_reply) { $string = 'Re: ' . $string; diff --git a/phpBB/includes/functions_convert.php b/phpBB/includes/functions_convert.php index 477dd787a1..b6af76e8f6 100644 --- a/phpBB/includes/functions_convert.php +++ b/phpBB/includes/functions_convert.php @@ -148,7 +148,7 @@ function auto_id($pad = 0) { return $convert_row['max_id'] + $pad; } - + return $auto_id + $pad; } @@ -280,7 +280,7 @@ function get_config_value($config_name) { $convert_config = get_config(); } - + if (!isset($convert_config[$config_name])) { return false; @@ -669,12 +669,12 @@ function import_avatar($source, $use_target = false, $user_id = false) { $convert->p_master->error(sprintf($user->lang['CONV_ERROR_NO_AVATAR_PATH'], 'import_avatar()'), __LINE__, __FILE__); } - + if ($use_target === false && $user_id !== false) { $use_target = $config['avatar_salt'] . '_' . $user_id . '.' . substr(strrchr($source, '.'), 1); } - + $result = _import_check('avatar_path', $source, $use_target); return ((!empty($user_id)) ? $user_id : $use_target) . '.' . substr(strrchr($source, '.'), 1); @@ -946,7 +946,7 @@ function get_remote_avatar_dim($src, $axis) unset($remote_avatar_cache); return $retval; } - + $url_info = @parse_url($src); if (empty($url_info['host'])) { @@ -962,19 +962,19 @@ function get_remote_avatar_dim($src, $axis) case 'ftp': $port = 21; break; - + case 'https': $port = 443; break; - + default: $port = 80; } } - + $timeout = @ini_get('default_socket_timeout'); @ini_set('default_socket_timeout', 2); - + // We're just trying to reach the server to avoid timeouts $fp = @fsockopen($host, $port, $errno, $errstr, 1); if ($fp) @@ -982,11 +982,11 @@ function get_remote_avatar_dim($src, $axis) $remote_avatar_cache[$src] = @getimagesize($src); fclose($fp); } - + $default_x = (defined('DEFAULT_AVATAR_X_CUSTOM')) ? DEFAULT_AVATAR_X_CUSTOM : DEFAULT_AVATAR_X; $default_y = (defined('DEFAULT_AVATAR_Y_CUSTOM')) ? DEFAULT_AVATAR_Y_CUSTOM : DEFAULT_AVATAR_Y; $default = array($default_x, $default_y); - + if (empty($remote_avatar_cache[$src]) || empty($remote_avatar_cache[$src][0]) || empty($remote_avatar_cache[$src][1])) { $remote_avatar_cache[$src] = $default; @@ -1002,7 +1002,7 @@ function get_remote_avatar_dim($src, $axis) $remote_avatar_cache[$src][1] = (int)($remote_avatar_cache[$src][1] * $ratio); } } - + @ini_set('default_socket_timeout', $timeout); return $remote_avatar_cache[$src][$axis]; } @@ -1112,7 +1112,7 @@ function words_unique(&$words) function add_user_group($group_id, $user_id, $group_leader=false) { global $convert, $phpbb_root_path, $config, $user, $db; - + $sql = 'INSERT INTO ' . USER_GROUP_TABLE . ' ' . $db->sql_build_array('INSERT', array( 'group_id' => $group_id, 'user_id' => $user_id, @@ -1282,7 +1282,7 @@ function restore_config($schema) // Most are... if (is_string($config_value)) { - $config_value = truncate_string(utf8_htmlspecialchars($config_value), 255, false); + $config_value = truncate_string(utf8_htmlspecialchars($config_value), 255, 255, false); } set_config($config_name, $config_value); @@ -2443,7 +2443,7 @@ function get_smiley_display() function fill_dateformat($user_dateformat) { global $config; - + return ((empty($user_dateformat)) ? $config['default_dateformat'] : $user_dateformat); } diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index fe41bc448d..72c4fd0728 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -362,7 +362,7 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage { $upload->set_disallowed_content(explode('|', $config['mime_triggers'])); } - + if (!$local) { $filedata['post_attach'] = ($upload->is_valid($form_name)) ? true : false; @@ -1345,7 +1345,7 @@ function delete_post($forum_id, $topic_id, $post_id, &$data) else if ($data['topic_first_post_id'] == $post_id) { $post_mode = 'delete_first_post'; - } + } else if ($data['topic_last_post_id'] == $post_id) { $post_mode = 'delete_last_post'; @@ -1651,7 +1651,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u // Display edit info if edit reason given or user is editing his post, which is not the last within the topic. if ($data['post_edit_reason'] || (!$auth->acl_get('m_edit', $data['forum_id']) && ($post_mode == 'edit' || $post_mode == 'edit_first_post'))) { - $data['post_edit_reason'] = truncate_string($data['post_edit_reason'], 255, false); + $data['post_edit_reason'] = truncate_string($data['post_edit_reason'], 255, 255, false); $sql_data[POSTS_TABLE]['sql'] = array( 'post_edit_time' => $current_time, From 56aba11fd16fce8a9c925e8963368d91bc78247b Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sat, 21 Jun 2008 17:08:41 +0000 Subject: [PATCH 08/15] Catch invalid username wildcard ban (we do not support these) (Bug #29305) git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8668 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/docs/CHANGELOG.html | 1 + phpBB/includes/functions_user.php | 119 ++++++++++++++---------------- 2 files changed, 58 insertions(+), 62 deletions(-) diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index 8ce216d186..cb7d820f47 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -114,6 +114,7 @@
  • [Fix] Do not display ban message if direct call to cron. (thanks Dog Cow for reporting)
  • [Fix] Correctly display double-colon on special conditions within highlighted php source (Bug #26795)
  • [Fix] Increase storage capacity of titles/subjects due to specialchared content (Bug #25235)
    • +
  • [Fix] Catch invalid username wildcard ban (we do not support these) (Bug #29305)
  • [Change] Adjust truncate_string() to be able to adjust the maximum storage length.
  • [Change] Generalize load check (Bug #21255 / thanks to Xipher)
  • [Change] Make utf8_htmlspecialchars not pass its argument by reference (Bug #21885)
    • diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index daa571a790..185c177b18 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -734,70 +734,65 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas case 'user': $type = 'ban_userid'; - if (in_array('*', $ban_list)) + // At the moment we do not support wildcard username banning + + // Select the relevant user_ids. + $sql_usernames = array(); + + foreach ($ban_list as $username) { - // Ban all users (it's a good thing that you can exclude people) - $banlist_ary[] = '*'; + $username = trim($username); + if ($username != '') + { + $clean_name = utf8_clean_string($username); + if ($clean_name == $user->data['username_clean']) + { + trigger_error('CANNOT_BAN_YOURSELF', E_USER_WARNING); + } + if (in_array($clean_name, $founder_names)) + { + trigger_error('CANNOT_BAN_FOUNDER', E_USER_WARNING); + } + $sql_usernames[] = $clean_name; + } + } + + // Make sure we have been given someone to ban + if (!sizeof($sql_usernames)) + { + trigger_error('NO_USER_SPECIFIED'); + } + + $sql = 'SELECT user_id + FROM ' . USERS_TABLE . ' + WHERE ' . $db->sql_in_set('username_clean', $sql_usernames); + + // Do not allow banning yourself + if (sizeof($founder)) + { + $sql .= ' AND ' . $db->sql_in_set('user_id', array_merge(array_keys($founder), array($user->data['user_id'])), true); } else { - // Select the relevant user_ids. - $sql_usernames = array(); - - foreach ($ban_list as $username) - { - $username = trim($username); - if ($username != '') - { - $clean_name = utf8_clean_string($username); - if ($clean_name == $user->data['username_clean']) - { - trigger_error('CANNOT_BAN_YOURSELF', E_USER_WARNING); - } - if (in_array($clean_name, $founder_names)) - { - trigger_error('CANNOT_BAN_FOUNDER', E_USER_WARNING); - } - $sql_usernames[] = $clean_name; - } - } - - // Make sure we have been given someone to ban - if (!sizeof($sql_usernames)) - { - trigger_error('NO_USER_SPECIFIED'); - } - - $sql = 'SELECT user_id - FROM ' . USERS_TABLE . ' - WHERE ' . $db->sql_in_set('username_clean', $sql_usernames); - - // Do not allow banning yourself - if (sizeof($founder)) - { - $sql .= ' AND ' . $db->sql_in_set('user_id', array_merge(array_keys($founder), array($user->data['user_id'])), true); - } - else - { - $sql .= ' AND user_id <> ' . $user->data['user_id']; - } - - $result = $db->sql_query($sql); - - if ($row = $db->sql_fetchrow($result)) - { - do - { - $banlist_ary[] = (int) $row['user_id']; - } - while ($row = $db->sql_fetchrow($result)); - } - else - { - trigger_error('NO_USERS'); - } - $db->sql_freeresult($result); + $sql .= ' AND user_id <> ' . $user->data['user_id']; } + + $result = $db->sql_query($sql); + + if ($row = $db->sql_fetchrow($result)) + { + do + { + $banlist_ary[] = (int) $row['user_id']; + } + while ($row = $db->sql_fetchrow($result)); + } + else + { + $db->sql_freeresult($result); + trigger_error('NO_USERS'); + } + $db->sql_freeresult($result); break; case 'ip': @@ -997,7 +992,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas switch ($mode) { case 'user': - $sql_where = (in_array('*', $banlist_ary)) ? '' : 'WHERE ' . $db->sql_in_set('session_user_id', $banlist_ary); + $sql_where = 'WHERE ' . $db->sql_in_set('session_user_id', $banlist_ary); break; case 'ip': @@ -2923,7 +2918,7 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna { case 'demote': case 'promote': - + $sql = 'SELECT user_id FROM ' . USER_GROUP_TABLE . " WHERE group_id = $group_id AND user_pending = 1 @@ -2935,7 +2930,7 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna { return 'NO_VALID_USERS'; } - + $sql = 'UPDATE ' . USER_GROUP_TABLE . ' SET group_leader = ' . (($action == 'promote') ? 1 : 0) . " WHERE group_id = $group_id From f47de039542b2726b0618a5960845f6fb0d386e9 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sun, 22 Jun 2008 11:02:04 +0000 Subject: [PATCH 09/15] #29435 (do not highlight if only wildcard(s) provided) git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8669 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/search.php | 27 +++++++++++++++------------ 1 file changed, 15 insertions(+), 12 deletions(-) diff --git a/phpBB/search.php b/phpBB/search.php index c34aaefecf..5335680c46 100644 --- a/phpBB/search.php +++ b/phpBB/search.php @@ -88,7 +88,7 @@ if ($keywords || $author || $author_id || $search_id || $submit) if ($search_id == 'egosearch') { $author_id = $user->data['user_id']; - + if ($user->data['user_id'] == ANONYMOUS) { login_box('', $user->lang['LOGIN_EXPLAIN_EGOSEARCH']); @@ -466,6 +466,9 @@ if ($keywords || $author || $author_id || $search_id || $submit) // define some vars for urls $hilit = implode('|', explode(' ', preg_replace('#\s+#u', ' ', str_replace(array('+', '-', '|', '(', ')', '"'), ' ', $keywords)))); + // Do not allow *only* wildcard being used for hilight + $hilit = (strspn($hilit, '*') === strlen($hilit)) ? '' : $hilit; + $u_hilit = urlencode(htmlspecialchars_decode(str_replace('|', ' ', $hilit))); $u_show_results = ($show_results != 'posts') ? '&sr=' . $show_results : ''; $u_search_forum = implode('&fid%5B%5D=', $search_forum); @@ -600,18 +603,18 @@ if ($keywords || $author || $author_id || $search_id || $submit) FROM ' . TOPICS_TABLE . ' WHERE ' . $db->sql_in_set('topic_id', array_keys($shadow_topic_list)); $result = $db->sql_query($sql); - + while ($row = $db->sql_fetchrow($result)) { $orig_topic_id = $shadow_topic_list[$row['topic_id']]; - + // We want to retain some values $row = array_merge($row, array( 'topic_moved_id' => $rowset[$orig_topic_id]['topic_moved_id'], 'topic_status' => $rowset[$orig_topic_id]['topic_status'], 'forum_name' => $rowset[$orig_topic_id]['forum_name']) ); - + $rowset[$orig_topic_id] = $row; } $db->sql_freeresult($result); @@ -627,7 +630,7 @@ if ($keywords || $author || $author_id || $search_id || $submit) else if ($config['load_anon_lastread'] || $user->data['is_registered']) { $topic_tracking_info[$forum_id] = get_complete_topic_tracking($forum_id, $forum['topic_list'], ($forum_id) ? false : $forum['topic_list']); - + if (!$user->data['is_registered']) { $user->data['user_lastmark'] = (isset($tracking_topics['l'])) ? (int) (base_convert($tracking_topics['l'], 36, 10) + $config['board_startdate']) : 0; @@ -708,7 +711,7 @@ if ($keywords || $author || $author_id || $search_id || $submit) AND in_message = 0 ORDER BY filetime DESC, post_msg_id ASC'; $result = $db->sql_query($sql); - + while ($row = $db->sql_fetchrow($result)) { $attachments[$row['post_msg_id']][] = $row; @@ -742,12 +745,12 @@ if ($keywords || $author || $author_id || $search_id || $submit) { // Get a list of forums the user cannot read $forum_ary = array_unique(array_keys($auth->acl_getf('!f_read', true))); - + // Determine first forum the user is able to read (must not be a category) $sql = 'SELECT forum_id FROM ' . FORUMS_TABLE . ' WHERE forum_type = ' . FORUM_POST; - + if (sizeof($forum_ary)) { $sql .= ' AND ' . $db->sql_in_set('forum_id', $forum_ary, true); @@ -856,7 +859,7 @@ if ($keywords || $author || $author_id || $search_id || $submit) if (!empty($attachments[$row['post_id']])) { parse_attachments($forum_id, $row['post_text'], $attachments[$row['post_id']], $update_count); - + // we only display inline attachments unset($attachments[$row['post_id']]); } @@ -874,7 +877,7 @@ if ($keywords || $author || $author_id || $search_id || $submit) 'POST_AUTHOR_COLOUR' => get_username_string('colour', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'POST_AUTHOR' => get_username_string('username', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'U_POST_AUTHOR' => get_username_string('profile', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), - + 'POST_SUBJECT' => $row['post_subject'], 'POST_DATE' => (!empty($row['post_time'])) ? $user->format_date($row['post_time']) : '', 'MESSAGE' => $row['post_text'] @@ -1056,7 +1059,7 @@ if ($auth->acl_get('a_search')) WHERE dbms_lob.getlength(search_keywords) > 0 ORDER BY search_time DESC'; break; - + case 'mssql': case 'mssql_odbc': $sql = 'SELECT search_time, search_keywords @@ -1064,7 +1067,7 @@ if ($auth->acl_get('a_search')) WHERE DATALENGTH(search_keywords) > 0 ORDER BY search_time DESC'; break; - + default: $sql = 'SELECT search_time, search_keywords FROM ' . SEARCH_RESULTS_TABLE . ' From f8890cbb81bb6c9164e43641044adc3057820ae4 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Mon, 23 Jun 2008 14:07:24 +0000 Subject: [PATCH 10/15] urlencode image filenames used in img(). This is not needed, but better for XHTML compatibility. git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8670 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/session.php | 1 + 1 file changed, 1 insertion(+) diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 734fbaa070..958833ece7 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -1603,6 +1603,7 @@ class user extends session $localised_images = true; } + $row['image_filename'] = rawurlencode($row['image_filename']); $this->img_array[$row['image_name']] = $row; } $db->sql_freeresult($result); From 2b14d820313c1a7b7bbf898dcfc942e9fa368ba6 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Mon, 23 Jun 2008 17:08:42 +0000 Subject: [PATCH 11/15] adjust authors file git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8671 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/docs/AUTHORS | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/phpBB/docs/AUTHORS b/phpBB/docs/AUTHORS index 19bbda832a..49281e2297 100644 --- a/phpBB/docs/AUTHORS +++ b/phpBB/docs/AUTHORS @@ -22,13 +22,15 @@ involved in phpBB. phpBB Lead Developer : Acyd Burn (Meik Sievertsen) -phpBB Developers : DavidMJ (David M.) +phpBB Developers : APTX (Marek A. R.) + DavidMJ (David M.) dhn (Dominik Dröscher) kellanved (Henry Sudhof) naderman (Nils Adermann) - subBlue (Tom Beddard) + ToonArmy (Chris Smith) Vic D'Elfant (Vic D'Elfant) + -- Previous Contributors -- phpBB Project Manager : theFinn (James Atkinson) [Founder - 04/2007] From 6322808f28b72a96ca03a6718477f4c5f7ef1341 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Tue, 24 Jun 2008 20:59:21 +0000 Subject: [PATCH 12/15] #29575 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8673 89ea8834-ac86-4346-8a33-228a782c2dd0 --- .../prosilver/template/viewforum_body.html | 20 ++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/phpBB/styles/prosilver/template/viewforum_body.html b/phpBB/styles/prosilver/template/viewforum_body.html index 50518964c9..056afb0548 100644 --- a/phpBB/styles/prosilver/template/viewforum_body.html +++ b/phpBB/styles/prosilver/template/viewforum_body.html @@ -45,10 +45,10 @@
    - @@ -84,7 +84,7 @@

    {L_LOGIN_LOGOUT}  •  {L_REGISTER}

    - +
    @@ -106,12 +106,14 @@
    + + - +
    @@ -133,14 +135,14 @@
      - +
    • style="background-image: url({T_ICONS_PATH}{topicrow.TOPIC_ICON_IMG}); background-repeat: no-repeat;" title="{topicrow.TOPIC_FOLDER_IMG_ALT}">{NEWEST_POST_IMG} {topicrow.TOPIC_TITLE} {topicrow.UNAPPROVED_IMG} {REPORTED_IMG}
      {topicrow.PAGINATION} - {topicrow.ATTACH_ICON_IMG} {L_POST_BY_AUTHOR} {topicrow.TOPIC_AUTHOR_FULL} {L_POSTED_ON_DATE} {topicrow.FIRST_POST_TIME} + {topicrow.ATTACH_ICON_IMG} {L_POST_BY_AUTHOR} {topicrow.TOPIC_AUTHOR_FULL} {L_POSTED_ON_DATE} {topicrow.FIRST_POST_TIME}
      {topicrow.REPLIES} {L_REPLIES}
      {topicrow.VIEWS} {L_VIEWS}
      @@ -171,8 +173,8 @@
      {L_PREVIOUS} {L_NEXT} - - + +
      @@ -186,7 +188,7 @@
      {L_FORUM_LOCKED}{L_POST_TOPIC}
      - +