From a5c23243c7a0a86ccd749b7733b11d30a6c349e1 Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Fri, 7 Jul 2006 12:36:44 +0000 Subject: [PATCH] - display age in user profile and make it available on viewtopic - various tiny bugfixes including [Bug #2351] [Bug #2549] [Bug #2681] [Bug #3015] - strip first, then change newlines [Bug #2403] - added support for creating user profiles to the login function (makes use of user_add), triggered by LOGIN_SUCCESS_CREATE_PROFILE constant - moved newest user updating from ucp_register to user_add function - renamed the admin_ auth module function to acp_ - added initialisation code to auth_apache which checks whether it will work - added user_add support to both auth_ldap and auth_apache - some auth_ldap tweaks, should work with users deeper in the organisation structure too now - adjusted global topics in mcp_report to work like mcp_queue git-svn-id: file:///svn/phpbb/trunk@6151 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/acp/acp_board.php | 4 +- phpBB/includes/acp/acp_styles.php | 21 ++-- phpBB/includes/auth.php | 34 ++++++ phpBB/includes/auth/auth_apache.php | 104 +++++++++++++++-- phpBB/includes/auth/auth_db.php | 4 - phpBB/includes/auth/auth_ldap.php | 105 ++++++++++++------ phpBB/includes/constants.php | 1 + phpBB/includes/functions_user.php | 10 +- phpBB/includes/mcp/mcp_queue.php | 15 ++- phpBB/includes/mcp/mcp_reports.php | 19 +++- phpBB/includes/search/fulltext_native.php | 2 +- phpBB/includes/ucp/ucp_register.php | 7 -- phpBB/install/schemas/schema_data.sql | 1 + phpBB/language/en/acp/board.php | 8 +- phpBB/language/en/common.php | 3 + phpBB/memberlist.php | 15 +++ phpBB/search.php | 2 +- .../subSilver/template/mcp_notes_user.html | 2 +- .../styles/subSilver/template/mcp_queue.html | 4 +- .../subSilver/template/mcp_reports.html | 5 +- .../subSilver/template/memberlist_view.html | 12 +- phpBB/viewtopic.php | 31 ++++-- 22 files changed, 306 insertions(+), 103 deletions(-) diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index be98c6fd49..ab416068c4 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -390,7 +390,7 @@ class acp_board { include_once($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx); - $method = 'admin_' . $method; + $method = 'acp_' . $method; if (function_exists($method)) { if ($fields = $method($this->new_config)) @@ -518,7 +518,7 @@ class acp_board { if ($method && file_exists($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx)) { - $method = 'admin_' . $method; + $method = 'acp_' . $method; if (function_exists($method)) { $fields = $method($this->new_config); diff --git a/phpBB/includes/acp/acp_styles.php b/phpBB/includes/acp/acp_styles.php index a455d664ba..23743824e1 100644 --- a/phpBB/includes/acp/acp_styles.php +++ b/phpBB/includes/acp/acp_styles.php @@ -483,16 +483,17 @@ pagination_sep = \'{PAGINATION_SEP}\' $filelist = $filelist_cats = array(); - $template_data = (!empty($_POST['template_data'])) ? ((STRIP) ? stripslashes($_POST['template_data']) : $_POST['template_data']) : ''; + // we want newlines no carriage returns! + $_POST['template_data'] = (isset($_POST['template_data']) && !empty($_POST['template_data'])) ? str_replace(array("\n\r", "\r"), array("\n", "\n"), $_POST['template_data']) : ''; + + $template_data = (STRIP) ? stripslashes($_POST['template_data']) : $_POST['template_data']; $template_file = request_var('template_file', ''); $text_rows = max(5, min(999, request_var('text_rows', 20))); $save_changes = (isset($_POST['save'])) ? true : false; // make sure template_file path doesn't go upwards $template_file = str_replace('..', '.', $template_file); - // we want newlines no carriage returns! - $template_data = str_replace(array("\n\r", "\r"), array("\n", "\n"), $template_data); - + // Retrieve some information about the template $sql = 'SELECT template_storedb, template_path, template_name FROM ' . STYLES_TEMPLATE_TABLE . " @@ -815,20 +816,22 @@ pagination_sep = \'{PAGINATION_SEP}\' $this->page_title = 'EDIT_THEME'; + // we want newlines no carriage returns! + $_POST['css_data'] = (isset($_POST['css_data']) && !empty($_POST['css_data'])) ? str_replace(array("\n\r", "\r"), array("\n", "\n"), $_POST['css_data']) : ''; + + $template_data = (STRIP) ? stripslashes($_POST['template_data']) : $_POST['template_data']; + // get user input $text_rows = max(5, min(999, request_var('text_rows', 20))); $hide_css = request_var('hidecss', false); $show_css = !$hide_css && request_var('showcss', false); $edit_class = request_var('css_class', ''); $custom_class = request_var('custom_class', ''); - $css_data = (!empty($_POST['css_data'])) ? ((STRIP) ? stripslashes($_POST['css_data']) : $_POST['css_data']) : ''; + $css_data = (STRIP) ? stripslashes($_POST['css_data']) : $_POST['css_data']; $submit = isset($_POST['submit']) ? true : false; $add_custom = isset($_POST['add_custom']) ? true : false; $matches = array(); - // we want newlines no carriage returns! - $css_data = str_replace(array("\n\r", "\r"), array("\n", "\n"), $css_data); - // Retrieve some information about the theme $sql = 'SELECT theme_storedb, theme_path, theme_name, theme_data FROM ' . STYLES_THEME_TABLE . " @@ -2254,7 +2257,7 @@ pagination_sep = \'{PAGINATION_SEP}\' // heck of a lot of data ... $sql_ary = array( 'template_id' => $style_id, - 'template_filename' => "$template_pathfile$file", + 'template_filename' => "$template_path$pathfile$file", 'template_included' => (isset($includes[$file])) ? implode(':', $includes[$file]) . ':' : '', 'template_mtime' => filemtime("{$phpbb_root_path}styles/$template_path$pathfile$file"), 'template_data' => file_get_contents("{$phpbb_root_path}styles/$template_path$pathfile$file"), diff --git a/phpBB/includes/auth.php b/phpBB/includes/auth.php index b226f0b13b..06b2ac0689 100644 --- a/phpBB/includes/auth.php +++ b/phpBB/includes/auth.php @@ -717,6 +717,40 @@ class auth { $login = $method($username, $password); + // If the auth module wants us to create an empty profile do so and then treat the status as LOGIN_SUCCESS + if ($login['status'] == LOGIN_SUCCESS_CREATE_PROFILE) + { + // we are going to use the user_add function so include functions_user.php if it wasn't defined yet + if (!function_exists('user_add')) + { + include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx); + } + + user_add($login['user_row'], (isset($login['cp_data'])) ? $login['cp_data'] : false); + + $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type + FROM ' . USERS_TABLE . " + WHERE username = '" . $db->sql_escape($username) . "'"; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if (!$row) + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + 'error_msg' => 'AUTH_NO_PROFILE_CREATED', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + $login = array( + 'status' => LOGIN_SUCCESS, + 'error_msg' => false, + 'user_row' => $row, + ); + } + // If login succeeded, we will log the user in... else we pass the login array through... if ($login['status'] == LOGIN_SUCCESS) { diff --git a/phpBB/includes/auth/auth_apache.php b/phpBB/includes/auth/auth_apache.php index 410bf1abdb..8556fb5707 100644 --- a/phpBB/includes/auth/auth_apache.php +++ b/phpBB/includes/auth/auth_apache.php @@ -4,13 +4,6 @@ * * Authentication plug-ins is largely down to Sergey Kanareykin, our thanks to him. * -* This is for initial authentication via Apaches basic realm authentication methods, -* user data is then obtained from the integrated user table -* -* You can do any kind of checking you like here ... the return data format is -* either the resulting row of user information, an integer zero (indicating an -* inactive user) or some error string -* * @package login * @version $Id$ * @copyright (c) 2005 phpBB Group @@ -18,6 +11,24 @@ * */ +/** +* Checks whether the user is identified to apache +* Only allow changing authentication to apache if the user is identified +* Called in acp_board while setting authentication plugins +* +* @return boolean|string false if the user is identified and else an error message +*/ +function init_apache() +{ + global $user; + + if (!isset($_SERVER['PHP_AUTH_USER']) || $user->data['username'] !== $_SERVER['PHP_AUTH_USER']) + { + return $user->lang['APACHE_SETUP_BEFORE_USE']; + } + return false; +} + /** * Login function */ @@ -25,11 +36,29 @@ function login_apache(&$username, &$password) { global $db; + if (!isset($_SERVER['PHP_AUTH_USER'])) + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + $php_auth_user = $_SERVER['PHP_AUTH_USER']; $php_auth_pw = $_SERVER['PHP_AUTH_PW']; if (!empty($php_auth_user) && !empty($php_auth_pw)) { + if ($php_auth_user !== $username) + { + return array( + 'status' => LOGIN_ERROR_USERNAME, + 'error_msg' => 'LOGIN_ERROR_USERNAME', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type FROM ' . USERS_TABLE . " WHERE username = '" . $db->sql_escape($php_auth_user) . "'"; @@ -57,11 +86,11 @@ function login_apache(&$username, &$password) ); } - // the user does not exist + // this is the user's first login so create an empty profile return array( - 'status' => LOGIN_ERROR_USERNAME, - 'error_msg' => 'LOGIN_ERROR_USERNAME', - 'user_row' => array('user_id' => ANONYMOUS), + 'status' => LOGIN_SUCCESS_CREATE_PROFILE, + 'error_msg' => false, + 'user_row' => user_row_apache($php_auth_user, $php_auth_pw), ); } @@ -82,6 +111,11 @@ function autologin_apache() { global $db; + if (!isset($_SERVER['PHP_AUTH_USER'])) + { + return array(); + } + $php_auth_user = $_SERVER['PHP_AUTH_USER']; $php_auth_pw = $_SERVER['PHP_AUTH_PW']; @@ -98,11 +132,57 @@ function autologin_apache() { return ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) ? array() : $row; } + + // create the user if he does not exist yet + user_add(user_row_apache($php_auth_user, $php_auth_pw)); + + $sql = 'SELECT * + FROM ' . USERS_TABLE . " + WHERE username = '" . $db->sql_escape($php_auth_user) . "'"; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if ($row) + { + return $row; + } } return array(); } +/** +* This function generates an array which can be passed to the user_add function in order to create a user +*/ +function user_row_apache($username, $password) +{ + global $db, $config, $user; + // first retrieve default group id + $sql = 'SELECT group_id + FROM ' . GROUPS_TABLE . " + WHERE group_name = '" . $db->sql_escape('REGISTERED') . "' + AND group_type = " . GROUP_SPECIAL; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if (!$row) + { + trigger_error('NO_GROUP'); + } + + // generate user account data + return array( + 'username' => $username, + 'user_password' => $password, + 'user_email' => '', + 'group_id' => (int) $row['group_id'], + 'user_type' => USER_NORMAL, + 'user_ip' => $user->ip, + ); +} + /** * The session validation function checks whether the user is still logged in * @@ -110,7 +190,7 @@ function autologin_apache() */ function validate_session_apache(&$user) { - return ($_SERVER['PHP_AUTH_USER'] === $user['username']) ? true : false; + return (isset($_SERVER['PHP_AUTH_USER']) && ($_SERVER['PHP_AUTH_USER'] === $user['username'])) ? true : false; } ?> \ No newline at end of file diff --git a/phpBB/includes/auth/auth_db.php b/phpBB/includes/auth/auth_db.php index 55465ab762..9477fd92c3 100644 --- a/phpBB/includes/auth/auth_db.php +++ b/phpBB/includes/auth/auth_db.php @@ -6,10 +6,6 @@ * * This is for authentication via the integrated user table * -* You can do any kind of checking you like here ... the return data format is -* either the resulting row of user information, an integer zero (indicating an -* inactive user) or some error string -* * @package login * @version $Id$ * @copyright (c) 2005 phpBB Group diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php index e9b87bcf44..25c90aeeeb 100644 --- a/phpBB/includes/auth/auth_ldap.php +++ b/phpBB/includes/auth/auth_ldap.php @@ -5,13 +5,6 @@ * * Authentication plug-ins is largely down to Sergey Kanareykin, our thanks to him. * -* This is for initial authentication via an LDAP server, user information is then -* obtained from the integrated user table -* -* You can do any kind of checking you like here ... the return data format is -* either the resulting row of user information, an integer zero (indicating an -* inactive user) or some error string -* * @package login * @version $Id$ * @copyright (c) 2005 phpBB Group @@ -39,9 +32,17 @@ function init_ldap() } @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); + @ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); // ldap_connect only checks whether the specified server is valid, so the connection might still fail - $search = @ldap_search($ldap, $config['ldap_base_dn'], $config['ldap_uid'] . '=' . $user->data['username'], array($config['ldap_uid'])); + $search = @ldap_search( + $ldap, + $config['ldap_base_dn'], + '(' . $config['ldap_uid'] . '=' . $user->data['username'] . ')', + (empty($config['ldap_email'])) ? array($config['ldap_uid']) : array($config['ldap_uid'], $config['ldap_email']), + 0, + 1 + ); if ($search === false) { @@ -52,6 +53,11 @@ function init_ldap() @ldap_close($ldap); + if (!empty($config['ldap_email']) && !isset($result[0][$config['ldap_email']])) + { + return $user->lang['LDAP_NO_EMAIL']; + } + if (is_array($result) && sizeof($result) > 1) { return false; @@ -65,7 +71,7 @@ function init_ldap() */ function login_ldap(&$username, &$password) { - global $db, $config; + global $db, $config, $user; if (!@extension_loaded('ldap')) { @@ -86,13 +92,22 @@ function login_ldap(&$username, &$password) } @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); + @ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); - $search = @ldap_search($ldap, $config['ldap_base_dn'], $config['ldap_uid'] . '=' . $username, array($config['ldap_uid'])); - $result = @ldap_get_entries($ldap, $search); + $search = @ldap_search( + $ldap, + $config['ldap_base_dn'], + '(' . $config['ldap_uid'] . '=' . $username . ')', + (empty($config['ldap_email'])) ? array($config['ldap_uid']) : array($config['ldap_uid'], $config['ldap_email']), + 0, + 1 + ); - if (is_array($result) && sizeof($result) > 1) + $ldap_result = @ldap_get_entries($ldap, $search); + + if (is_array($ldap_result) && sizeof($ldap_result) > 1) { - if (@ldap_bind($ldap, $result[0]['dn'], $password)) + if (@ldap_bind($ldap, $ldap_result[0]['dn'], $password)) { @ldap_close($ldap); @@ -105,6 +120,8 @@ function login_ldap(&$username, &$password) if ($row) { + unset($ldap_result); + // User inactive... if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) { @@ -122,9 +139,45 @@ function login_ldap(&$username, &$password) 'user_row' => $row, ); } + else + { + // retrieve default group id + $sql = 'SELECT group_id + FROM ' . GROUPS_TABLE . " + WHERE group_name = '" . $db->sql_escape('REGISTERED') . "' + AND group_type = " . GROUP_SPECIAL; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if (!$row) + { + trigger_error('NO_GROUP'); + } + + // generate user account data + $ldap_user_row = array( + 'username' => $username, + 'user_password' => $password, + 'user_email' => (!empty($config['ldap_email'])) ? $ldap_result[0][$config['ldap_email']][0] : '', + 'group_id' => (int) $row['group_id'], + 'user_type' => USER_NORMAL, + 'user_ip' => $user->ip, + ); + + unset($ldap_result); + + // this is the user's first login so create an empty profile + return array( + 'status' => LOGIN_SUCCESS_CREATE_PROFILE, + 'error_msg' => false, + 'user_row' => $ldap_user_row, + ); + } } else { + unset($ldap_result); @ldap_close($ldap); // Give status about wrong password... @@ -149,14 +202,10 @@ function login_ldap(&$username, &$password) * This function is used to output any required fields in the authentication * admin panel. It also defines any required configuration table fields. */ -function admin_ldap(&$new) +function acp_ldap(&$new) { global $user; - /** - * @todo Using same approach as with cfg_build_template? - */ - $tpl = '
@@ -171,27 +220,17 @@ function admin_ldap(&$new)

' . $user->lang['LDAP_UID_EXPLAIN'] . '
+
+

' . $user->lang['LDAP_EMAIL_EXPLAIN'] . '
+
+
'; // These are fields required in the config table return array( 'tpl' => $tpl, - 'config' => array('ldap_server', 'ldap_base_dn', 'ldap_uid') + 'config' => array('ldap_server', 'ldap_base_dn', 'ldap_uid', 'ldap_email') ); } -/** -* Would be nice to allow syncing of 'appropriate' data when user updates -* their username, password, etc. ... should be up to the plugin what data -* is updated. -* -* @todo implement this functionality (probably 3.2) -* -* @param new|update|delete $mode defining the action to take on user updates -*/ -function usercp_ldap($mode) -{ - global $db, $config; -} - ?> \ No newline at end of file diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index c3dfcbeca7..fa6a3903d2 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -39,6 +39,7 @@ define('ACL_NO', -1); define('LOGIN_CONTINUE', 1); define('LOGIN_BREAK', 2); define('LOGIN_SUCCESS', 3); +define('LOGIN_SUCCESS_CREATE_PROFILE', 20); define('LOGIN_ERROR_USERNAME', 10); define('LOGIN_ERROR_PASSWORD', 11); define('LOGIN_ERROR_ACTIVE', 12); diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 6bccea43ea..7ae4b1a588 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -148,7 +148,7 @@ function user_add($user_row, $cp_data = false) // These are the additional vars able to be specified $additional_vars = array( 'user_permissions' => '', - 'user_timezone' => 0, + 'user_timezone' => $config['board_timezone'], 'user_dateformat' => $config['default_dateformat'], 'user_lang' => $config['default_lang'], 'user_style' => $config['default_style'], @@ -242,6 +242,14 @@ function user_add($user_row, $cp_data = false) // Now make it the users default group... group_set_user_default($user_row['group_id'], array($user_id)); + // set the newest user and adjust the user count if the user is a normal user and no activation mail is sent + if ($user_row['user_type'] == USER_NORMAL || !$config['email_enable']) + { + set_config('newest_user_id', $user_id, true); + set_config('newest_username', $user_row['username'], true); + set_config('num_users', $config['num_users'] + 1, true); + } + return $user_id; } diff --git a/phpBB/includes/mcp/mcp_queue.php b/phpBB/includes/mcp/mcp_queue.php index adb71fda1a..e09dfb4d09 100644 --- a/phpBB/includes/mcp/mcp_queue.php +++ b/phpBB/includes/mcp/mcp_queue.php @@ -181,6 +181,8 @@ class mcp_queue $forum_list[] = $row['forum_id']; } + $global_id = $forum_list[0]; + if (!($forum_list = implode(', ', $forum_list))) { trigger_error('NOT_MODERATOR'); @@ -192,8 +194,6 @@ class mcp_queue $result = $db->sql_query($sql); $forum_info['forum_topics'] = (int) $db->sql_fetchfield('sum_forum_topics'); $db->sql_freeresult($result); - - $global_id = $forum_list[0]; } else { @@ -250,7 +250,7 @@ class mcp_queue if (sizeof($post_ids)) { - $sql = 'SELECT t.topic_id, t.topic_title, t.forum_id, p.post_id, p.post_username, p.poster_id, p.post_time, u.username + $sql = 'SELECT t.topic_id, t.topic_title, t.forum_id, p.post_id, p.post_subject, p.post_username, p.poster_id, p.post_time, u.username FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . USERS_TABLE . " u WHERE p.post_id IN (" . implode(', ', $post_ids) . ") AND t.topic_id = p.topic_id @@ -281,7 +281,7 @@ class mcp_queue } else { - $sql = 'SELECT t.forum_id, t.topic_id, t.topic_title, t.topic_time AS post_time, t.topic_poster AS poster_id, t.topic_first_post_id AS post_id, t.topic_first_poster_name AS username + $sql = 'SELECT t.forum_id, t.topic_id, t.topic_title, t.topic_title AS post_subject, t.topic_time AS post_time, t.topic_poster AS poster_id, t.topic_first_post_id AS post_id, t.topic_first_poster_name AS username FROM ' . TOPICS_TABLE . " t WHERE topic_approved = 0 AND forum_id IN (0, $forum_list) @@ -336,15 +336,13 @@ class mcp_queue $template->assign_block_vars('postrow', array( 'U_VIEWFORUM' => (!$global_topic) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']) : '', - // Q: Why accessing the topic by a post_id instead of its topic_id? - // A: To prevent the post from being hidden because of wrong encoding or different charset - 'U_VIEWTOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&p=' . $row['post_id']) . (($mode == 'unapproved_posts') ? '#p' . $row['post_id'] : ''), + 'U_VIEWPOST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&p=' . $row['post_id']) . (($mode == 'unapproved_posts') ? '#p' . $row['post_id'] : ''), 'U_VIEW_DETAILS' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&start=$start&mode=approve_details&f={$row['forum_id']}&p={$row['post_id']}" . (($mode == 'unapproved_topics') ? "&t={$row['topic_id']}" : '')), 'U_VIEWPROFILE' => ($row['poster_id'] != ANONYMOUS) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&u=' . $row['poster_id']) : '', 'POST_ID' => $row['post_id'], 'FORUM_NAME' => (!$global_topic) ? $forum_names[$row['forum_id']] : $user->lang['GLOBAL_ANNOUNCEMENT'], - 'TOPIC_TITLE' => $row['topic_title'], + 'POST_SUBJECT' => $row['post_subject'], 'POSTER' => $poster, 'POST_TIME' => $user->format_date($row['post_time'])) ); @@ -360,6 +358,7 @@ class mcp_queue 'S_FORUM_OPTIONS' => $forum_options, 'S_MCP_ACTION' => build_url(array('t', 'f', 'sd', 'st', 'sk')), + 'S_TOPICS' => ($mode == 'unapproved_posts') ? false : true, 'PAGINATION' => generate_pagination($this->u_action . "&f=$forum_id", $total, $config['topics_per_page'], $start), 'PAGE_NUMBER' => on_page($total, $config['topics_per_page'], $start), diff --git a/phpBB/includes/mcp/mcp_reports.php b/phpBB/includes/mcp/mcp_reports.php index 6ff8545acc..9bafa6ffeb 100755 --- a/phpBB/includes/mcp/mcp_reports.php +++ b/phpBB/includes/mcp/mcp_reports.php @@ -191,6 +191,8 @@ class mcp_reports $forum_list[] = $row['forum_id']; } + $global_id = $forum_list[0]; + if (!($forum_list = implode(', ', $forum_list))) { trigger_error('NOT_MODERATOR'); @@ -214,6 +216,7 @@ class mcp_reports $forum_info = $forum_info[$forum_id]; $forum_list = $forum_id; + $global_id = $forum_id; } $forum_list .= ', 0'; @@ -297,16 +300,20 @@ class mcp_reports $poster = $row['username']; } + $global_topic = ($row['forum_id']) ? false : true; + if ($global_topic) + { + $row['forum_id'] = $global_id; + } + $template->assign_block_vars('postrow', array( - 'U_VIEWFORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']), - // Q: Why accessing the topic by a post_id instead of its topic_id? - // A: To prevent the post from being hidden because of wrong encoding or different charset - 'U_VIEWTOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&p=' . $row['post_id']) . '#p' . $row['post_id'], - 'U_VIEW_DETAILS' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=reports&start=$start&mode=report_details&f={$forum_id}&p={$row['post_id']}"), + 'U_VIEWFORUM' => (!$global_topic) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']) : '', + 'U_VIEWPOST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&p=' . $row['post_id']) . '#p' . $row['post_id'], + 'U_VIEW_DETAILS' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=reports&start=$start&mode=report_details&f={$row['forum_id']}&p={$row['post_id']}"), 'U_VIEW_POSTER_PROFILE' => ($row['poster_id'] != ANONYMOUS) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&u=' . $row['poster_id']) : '', 'U_VIEW_REPORTER_PROFILE' => ($row['reporter_id'] != ANONYMOUS) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&u=' . $row['reporter_id']) : '', - 'FORUM_NAME' => ($row['forum_id']) ? $forum_data[$row['forum_id']]['forum_name'] : $user->lang['ALL_FORUMS'], + 'FORUM_NAME' => (!$global_topic) ? $forum_names[$row['forum_id']] : $user->lang['GLOBAL_ANNOUNCEMENT'], 'POSTER' => $poster, 'POST_ID' => $row['post_id'], 'POST_SUBJECT' => $row['post_subject'], diff --git a/phpBB/includes/search/fulltext_native.php b/phpBB/includes/search/fulltext_native.php index 873faec291..7224f072b1 100755 --- a/phpBB/includes/search/fulltext_native.php +++ b/phpBB/includes/search/fulltext_native.php @@ -232,7 +232,7 @@ class fulltext_native extends search_backend for ($i = 0, $n = sizeof($text); $i < $n; $i++) { - if ($lengths[$i] < $config['fulltext_native_min_chars'] || $lengths[$i] > $config['fulltext_native_max_chars']) + if ($lengths[$i] < $config['fulltext_native_min_chars'] || $lengths[$i] > $config['fulltext_native_max_chars'] || strlen($text[$i]) > 252) { unset($text[$i]); } diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index 44c15bfb0e..8b199be6ac 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -345,13 +345,6 @@ class ucp_register $db->sql_freeresult($result); } } - - if ($user_type == USER_NORMAL || !$config['email_enable']) - { - set_config('newest_user_id', $user_id, true); - set_config('newest_username', $username, true); - set_config('num_users', $config['num_users'] + 1, true); - } unset($data); $message = $message . '

' . sprintf($user->lang['RETURN_INDEX'], '', ''); diff --git a/phpBB/install/schemas/schema_data.sql b/phpBB/install/schemas/schema_data.sql index 8b1bb2ad20..3770f348e2 100644 --- a/phpBB/install/schemas/schema_data.sql +++ b/phpBB/install/schemas/schema_data.sql @@ -107,6 +107,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('jab_port', '5222') INSERT INTO phpbb_config (config_name, config_value) VALUES ('jab_resource', ''); INSERT INTO phpbb_config (config_name, config_value) VALUES ('jab_username', ''); INSERT INTO phpbb_config (config_name, config_value) VALUES ('ldap_base_dn', ''); +INSERT INTO phpbb_config (config_name, config_value) VALUES ('ldap_email', ''); INSERT INTO phpbb_config (config_name, config_value) VALUES ('ldap_server', ''); INSERT INTO phpbb_config (config_name, config_value) VALUES ('ldap_uid', ''); INSERT INTO phpbb_config (config_name, config_value) VALUES ('limit_load', '0'); diff --git a/phpBB/language/en/acp/board.php b/phpBB/language/en/acp/board.php index 68bde04177..f7f23b2ec5 100644 --- a/phpBB/language/en/acp/board.php +++ b/phpBB/language/en/acp/board.php @@ -287,11 +287,15 @@ $lang = array_merge($lang, array( 'ACP_AUTH_SETTINGS_EXPLAIN' => 'phpBB2 supports authentication plug-ins, or modules. These allow you determine how users are authenticated when they log into the board. By default three plug-ins are provided; DB, LDAP and Apache. Not all methods require additional information so only fill out fields if they are relevant to the selected method.', 'AUTH_METHOD' => 'Select an authentication method', + + 'APACHE_SETUP_BEFORE_USE' => 'You have to setup apache authentication before you switch phpBB to this authentication method. Keep in mind that the username you use for apache authentication has to be the same as your phpBB username.', + 'LDAP_DN' => 'LDAP base dn', 'LDAP_DN_EXPLAIN' => 'This is the Distinguished Name, locating the user information, e.g. o=My Company,c=US', + 'LDAP_EMAIL' => 'LDAP email attribute', + 'LDAP_EMAIL_EXPLAIN' => 'Set this to the name of your user entry email attribute (if one exists) in order to automatically set the email address for new users. Leaving this empty results in empty email address for users who log in for the first time.', + 'LDAP_NO_EMAIL' => 'The specified email attribute does not exist.', 'LDAP_NO_IDENTITY' => 'Could not find a login identity for %s', - 'LDAP_NO_LDAP_EXTENSION' => 'LDAP extension not availible', - 'LDAP_NO_SERVER_CONNECTION' => 'Could not connect to LDAP server', 'LDAP_SERVER' => 'LDAP server name', 'LDAP_SERVER_EXPLAIN' => 'If using LDAP this is the name or IP address of the server.', 'LDAP_UID' => 'LDAP uid', diff --git a/phpBB/language/en/common.php b/phpBB/language/en/common.php index 8d5b905ac4..fdbffa7a1e 100644 --- a/phpBB/language/en/common.php +++ b/phpBB/language/en/common.php @@ -65,6 +65,7 @@ $lang = array_merge($lang, array( 'ASCENDING' => 'Ascending', 'ATTACHMENTS' => 'Attachments', 'AUTHOR' => 'Author', + 'AUTH_NO_PROFILE_CREATED' => 'Creating a user profile failed', 'AVATAR_DISALLOWED_EXTENSION' => 'The extension %s is not allowed', 'AVATAR_EMPTY_REMOTE_DATA' => 'Avatar could not be uploaded, the remote data appears to be invalid or corrupted.', 'AVATAR_INVALID_FILENAME' => '%s is an invalid filename', @@ -246,6 +247,8 @@ $lang = array_merge($lang, array( 'LAST_POST' => 'Last post', 'LAST_UPDATED' => 'Last updated', 'LAST_VISIT' => 'Last visit', + 'LDAP_NO_LDAP_EXTENSION' => 'LDAP extension not availible', + 'LDAP_NO_SERVER_CONNECTION' => 'Could not connect to LDAP server', 'LEGEND' => 'Legend', 'LOCATION' => 'Location', 'LOCK_POST' => 'Lock Post', diff --git a/phpBB/memberlist.php b/phpBB/memberlist.php index 8f52176daa..387658aa60 100644 --- a/phpBB/memberlist.php +++ b/phpBB/memberlist.php @@ -1276,8 +1276,23 @@ function show_profile($data) $online = false; } + $age = ''; + + if ($data['user_birthday']) + { + list($bday_day, $bday_month, $bday_year) = array_map('intval', explode('-', $data['user_birthday'])); + + if ($bday_year) + { + $time = time() + $user->timezone + $user->dst; + + $age = (int) (date('Y', $time) - $bday_year - ((((date('n', $time) - $bday_month) < 0) || ((date('j', $time) - $bday_day) < 0)) ? 1 : 0)); + } + } + // Dump it out to the template return array( + 'AGE' => $age, 'USERNAME' => $username, 'USER_COLOR' => (!empty($data['user_colour'])) ? $data['user_colour'] : '', 'RANK_TITLE' => $rank_title, diff --git a/phpBB/search.php b/phpBB/search.php index 08792d18f6..d167fc42cd 100644 --- a/phpBB/search.php +++ b/phpBB/search.php @@ -141,7 +141,7 @@ if ($keywords || $author || $author_id || $search_id || $submit) else if ($auth->acl_getf_global('m_approve')) { $m_approve_fid_ary = array_diff(array_keys($auth->acl_getf('!m_approve', true)), $ex_fid_ary); - $m_approve_fid_sql = ' AND (p.post_approved = 1 OR p.forum_id NOT IN (' . implode(', ', $m_approve_fid_ary) . '))'; + $m_approve_fid_sql = ' AND (p.post_approved = 1' . (($m_approve_fid_ary) ? ' OR p.forum_id NOT IN (' . implode(', ', $m_approve_fid_ary) . ')') . ')' : ''; } else { diff --git a/phpBB/styles/subSilver/template/mcp_notes_user.html b/phpBB/styles/subSilver/template/mcp_notes_user.html index b04fb457b9..d9457e967f 100755 --- a/phpBB/styles/subSilver/template/mcp_notes_user.html +++ b/phpBB/styles/subSilver/template/mcp_notes_user.html @@ -54,7 +54,7 @@ - colspan="2">{L_REPORT_BY}: {usernotes.REPORT_BY} {L_ON} {usernotes.REPORT_AT}
{usernotes.ACTION} + colspan="2">{L_REPORT_BY}: {usernotes.REPORT_BY} {L_REPORTED}: {usernotes.REPORT_AT}
{usernotes.ACTION} diff --git a/phpBB/styles/subSilver/template/mcp_queue.html b/phpBB/styles/subSilver/template/mcp_queue.html index d3ee05dacb..36de61f6dc 100644 --- a/phpBB/styles/subSilver/template/mcp_queue.html +++ b/phpBB/styles/subSilver/template/mcp_queue.html @@ -10,7 +10,7 @@ {L_DISPLAY_ITEMS}: {S_SELECT_SORT_DAYS} {L_SORT_BY} {S_SELECT_SORT_KEY} {S_SELECT_SORT_DIR} {L_FORUM}     {L_ONLY_TOPIC}   -  {L_TOPIC}  +  {L_TOPIC}{L_POST}   {L_AUTHOR}   {L_POST_TIME}   {L_SELECT}  @@ -18,7 +18,7 @@ -

{postrow.TOPIC_TITLE}

+

{postrow.POST_SUBJECT}

{L_FORUM}: {postrow.FORUM_NAME}{postrow.FORUM_NAME} {postrow.POSTER}{postrow.POSTER}
[ {L_VIEW_DETAILS} ] diff --git a/phpBB/styles/subSilver/template/mcp_reports.html b/phpBB/styles/subSilver/template/mcp_reports.html index 3b6170843e..f0c1281b0b 100644 --- a/phpBB/styles/subSilver/template/mcp_reports.html +++ b/phpBB/styles/subSilver/template/mcp_reports.html @@ -19,9 +19,8 @@ -

{postrow.POST_SUBJECT}

- {L_TOPIC}: {postrow.TOPIC_TITLE}
- {L_FORUM}: {postrow.FORUM_NAME} +

{postrow.POST_SUBJECT}

+ {L_FORUM}: {postrow.FORUM_NAME}{postrow.FORUM_NAME} {postrow.POSTER}{postrow.POSTER}
{postrow.POST_TIME} {postrow.REPORTER}{postrow.REPORTER} diff --git a/phpBB/styles/subSilver/template/memberlist_view.html b/phpBB/styles/subSilver/template/memberlist_view.html index b15a610c81..650c5ec48a 100644 --- a/phpBB/styles/subSilver/template/memberlist_view.html +++ b/phpBB/styles/subSilver/template/memberlist_view.html @@ -129,19 +129,23 @@ {L_USERGROUPS}: - + {L_LOCATION}: {LOCATION} - + + {L_AGE}: + {AGE} + + {L_OCCUPATION}: {OCCUPATION} - + {L_INTERESTS}: {INTERESTS} - + {L_WEBSITE}: {U_WWW} diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index 78f30c5339..4a8570f762 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -118,7 +118,7 @@ if ($view && !$post_id) else { $topic_id = $row['topic_id']; - + // Check for global announcement correctness? if (!$row['forum_id'] && !$forum_id) { @@ -175,7 +175,7 @@ if ($user->data['is_registered']) if ($config['load_db_lastread']) { $sql_array['SELECT'] .= ', tt.mark_time, ft.mark_time as forum_mark_time'; - + $sql_array['LEFT_JOIN'][] = array( 'FROM' => array(TOPICS_TRACK_TABLE => 'tt'), 'ON' => 'tt.user_id = ' . $user->data['user_id'] . ' AND t.topic_id = tt.topic_id' @@ -203,7 +203,7 @@ $sql_array['WHERE'] .= ' AND (f.forum_id = t.forum_id'; if (!$forum_id) { // If it is a global announcement make sure to set the forum id to a postable forum - $sql_array['WHERE'] .= ' OR (t.topic_type = ' . POST_GLOBAL . ' + $sql_array['WHERE'] .= ' OR (t.topic_type = ' . POST_GLOBAL . ' AND f.forum_type = ' . FORUM_POST . ')'; } else @@ -646,7 +646,7 @@ if (!empty($topic_data['poll_start'])) 'vote_user_id' => (int) $user->data['user_id'], 'vote_user_ip' => (string) $user->ip, ); - + $sql = 'INSERT INTO ' . POLL_VOTES_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); $db->sql_query($sql); } @@ -840,6 +840,9 @@ $sql = $db->sql_build_query('SELECT', array( $result = $db->sql_query($sql); +$today = explode('-', date('j-n-Y', time() + $user->timezone + $user->dst)); +$today = array('day' => (int) $today[0], 'month' => (int) $today[1], 'year' => (int) $today[2]); + // Posts are stored in the $rowset array while $attach_list, $user_cache // and the global bbcode_bitfield are built while ($row = $db->sql_fetchrow($result)) @@ -949,7 +952,8 @@ while ($row = $db->sql_fetchrow($result)) 'jabber' => '', 'search' => '', 'username' => ($row['user_colour']) ? '' . $poster . '' : $poster, - + 'age' => '', + 'warnings' => 0, ); } @@ -977,6 +981,7 @@ while ($row = $db->sql_fetchrow($result)) 'viewonline' => $row['user_allow_viewonline'], 'avatar' => '', + 'age' => '', 'online' => false, 'profile' => append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=viewprofile&u=$poster_id"), @@ -1055,10 +1060,21 @@ while ($row = $db->sql_fetchrow($result)) $user_cache[$poster_id]['icq_status_img'] = ''; $user_cache[$poster_id]['icq'] = ''; } + + if (!empty($row['user_birthday'])) + { + list($bday_day, $bday_month, $bday_year) = array_map('intval', explode('-', $row['user_birthday'])); + + if ($bday_year) + { + $user_cache[$poster_id]['age'] = (int) ($today['year'] - $bday_year - ((($today['month'] - $bday_month) < 0) || (($today['day'] - $bday_day) < 0)) ? 1 : 0); + } + } } } } $db->sql_freeresult($result); +unset($today); // Load custom profile fields if ($config['load_cpf_viewtopic']) @@ -1309,7 +1325,7 @@ for ($i = 0, $end = sizeof($post_list); $i < $end; ++$i) if ($topic_data['topic_bumped'] && $row['post_id'] == $topic_data['topic_last_post_id'] && isset($user_cache[$topic_data['topic_bumper']]) ) { // It is safe to grab the username from the user cache array, we are at the last - // post and only the topic poster and last poster are allowed to bump. However, a + // post and only the topic poster and last poster are allowed to bump. However, a // check is still needed incase an admin bumped the topic (but didn't post in the topic) $l_bumped_by = '

' . sprintf($user->lang['BUMPED_BY'], $user_cache[$topic_data['topic_bumper']]['username'], $user->format_date($topic_data['topic_last_post_time'])); } @@ -1327,7 +1343,7 @@ for ($i = 0, $end = sizeof($post_list); $i < $end; ++$i) } $post_unread = (isset($topic_tracking_info[$topic_id]) && $row['post_time'] > $topic_tracking_info[$topic_id]) ? true : false; - + $s_first_unread = false; if (!$first_unread && $post_unread) { @@ -1345,6 +1361,7 @@ for ($i = 0, $end = sizeof($post_list); $i < $end; ++$i) 'POSTER_FROM' => $user_cache[$poster_id]['from'], 'POSTER_AVATAR' => $user_cache[$poster_id]['avatar'], 'POSTER_WARNINGS' => $user_cache[$poster_id]['warnings'], + 'POSTER_AGE' => $user_cache[$poster_id]['age'], 'POST_DATE' => $user->format_date($row['post_time']), 'POST_SUBJECT' => $row['post_subject'],