diff --git a/.gitignore b/.gitignore index 871d17b386..8298f5a894 100644 --- a/.gitignore +++ b/.gitignore @@ -1,8 +1,12 @@ *~ +phpunit.xml phpBB/cache/*.php +phpBB/cache/queue.php.lock phpBB/config.php phpBB/files/* +phpBB/images/avatars/gallery/* phpBB/images/avatars/upload/* phpBB/store/* tests/phpbb_unit_tests.sqlite2 tests/test_config.php +tests/utf/data/*.txt diff --git a/README.md b/README.md new file mode 100644 index 0000000000..6b94f898a3 --- /dev/null +++ b/README.md @@ -0,0 +1,20 @@ +[![phpBB](http://www.phpbb.com/theme/images/logos/blue/160x52.png)](http://www.phpbb.com) + +## ABOUT + +phpBB is a free bulletin board written in PHP. + +## COMMUNITY + +Find support and lots more on [phpBB.com](http://www.phpbb.com)! Discuss the development on [area51](http://area51.phpbb.com/phpBB/index.php). + +## CONTRIBUTE + +1. [Create an account on phpBB.com](http://www.phpbb.com/community/ucp.php?mode=register) +2. [Create a ticket (unless there already is one)](http://tracker.phpbb.com/secure/CreateIssue!default.jspa) +3. [Read our Git Contribution Guidelines](http://wiki.phpbb.com/Git); if you're new to git, also read [the introduction guide](http://wiki.phpbb.com/display/DEV/Working+with+Git) +4. Send us a pull request + +## LICENSE + +[GNU General Public License v2](http://opensource.org/licenses/gpl-2.0.php) diff --git a/build/build.xml b/build/build.xml index bf77d82f6c..78dbdd379c 100644 --- a/build/build.xml +++ b/build/build.xml @@ -2,9 +2,9 @@ - - - + + + @@ -12,7 +12,8 @@ - + + @@ -42,12 +43,11 @@ - - + @@ -64,6 +64,18 @@ --> + + + + + @@ -121,7 +133,7 @@ --> @@ -129,8 +141,8 @@ - - + + diff --git a/build/build_helper.php b/build/build_helper.php index 94fc0ff3b5..2d9b86b3c3 100644 --- a/build/build_helper.php +++ b/build/build_helper.php @@ -177,7 +177,7 @@ class build_package } // Is binary? - if (preg_match('/^Binary files ' . $package_name . '\/(.*) and [a-z0-9_-]+\/\1 differ/i', $line, $match)) + if (preg_match('/^Binary files ' . $package_name . '\/(.*) and [a-z0-9._-]+\/\1 differ/i', $line, $match)) { $binary[] = trim($match[1]); } diff --git a/build/phpdoc-phpbb.ini b/build/phpdoc-phpbb.ini new file mode 100644 index 0000000000..f1a7a4bee5 --- /dev/null +++ b/build/phpdoc-phpbb.ini @@ -0,0 +1,145 @@ +; Default configuration file for PHPDoctor + +; This config file will cause PHPDoctor to generate API documentation of +; itself. + + +; PHPDoctor settings +; ----------------------------------------------------------------------------- + +; Names of files to parse. This can be a single filename, or a comma separated +; list of filenames. Wildcards are allowed. + +files = "*.php" + +; Names of files or directories to ignore. This can be a single filename, or a +; comma separated list of filenames. Wildcards are NOT allowed. + +;ignore = "CVS, .svn, .git, _compiled" +ignore = templates_c/,*HTML/default/*,spec/,*config.php*,*CVS/,test_chora.php,testupdate/,cache/,store/,*proSilver/,develop/,includes/utf/data/,includes/captcha/fonts/,install/update/,install/update.new/,files/,*phpinfo.php*,*update_script.php*,*upgrade.php*,*convert.php*,install/converter/,language/de/,script/,*swatch.php*,*test.php*,*test2.php*,*install.php*,*functions_diff.php*,*acp_update.php*,acm_xcache.php + +; The directory to look for files in, if not used the PHPDoctor will look in +; the current directory (the directory it is run from). + +source_path = "../phpBB/" + +; If you do not want PHPDoctor to look in each sub directory for files +; uncomment this line. + +;subdirs = off + +; Set how loud PHPDoctor is as it runs. Quiet mode suppresses all output other +; than warnings and errors. Verbose mode outputs additional messages during +; execution. + +quiet = on +;verbose = on + +; Select the doclet to use for generating output. + +doclet = standard +;doclet = debug + +; The directory to find the doclet in. Doclets control the HTML output of +; phpDoctor and can be modified to suit your needs. They are expected to be +; in a directory named after themselves at the location given. + +;doclet_path = ./doclets + +; Select the formatter to use for generating output. + +;formatter = htmlStandardFormatter + +; The directory to find the formatter in. Formatters convert textual markup +; for use by the doclet. + +;formatter_path = ./formatters + +; The directory to find taglets in. Taglets allow you to make PHPDoctor handle +; new tags and to alter the behavour of existing tags and their output. + +;taglet_path = ./taglets + +; If the code you are parsing does not use package tags or not all elements +; have package tags, use this setting to place unbound elements into a +; particular package. + +default_package = "phpBB" + +use_class_path_as_package = off + +ignore_package_tags = off + +; Specifies the name of a HTML file containing text for the overview +; documentation to be placed on the overview page. The path is relative to +; "source_path" unless an absolute path is given. + +overview = ../README.md + +; Package comments will be looked for in a file named package.html in the same +; directory as the first source file parsed in that package or in the directory +; given below. If package comments are placed in the directory given below then +; they should be named ".html". + +package_comment_dir = ./ + +; Parse out global variables and/or global constants? + +;globals = off +;constants = off + +; Generate documentation for all class members + +;private = on + +; Generate documentation for public and protected class members + +;protected = on + +; Generate documentation for only public class members + +;public = on + +; Use the PEAR compatible handling of the docblock first sentence + +;pear_compat = on + +; Standard doclet settings +; ----------------------------------------------------------------------------- + +; The directory to place generated documentation in. If the given path is +; relative to it will be relative to "source_path". + +d = "../build/api/" + +; Specifies the title to be placed in the HTML tag. + +windowtitle = "phpBB3" + +; Specifies the title to be placed near the top of the overview summary file. + +doctitle = "phpBB3 Sourcecode Documentation" + +; Specifies the header text to be placed at the top of each output file. The +; header will be placed to the right of the upper navigation bar. + +header = "phpBB3" + +; Specifies the footer text to be placed at the bottom of each output file. The +; footer will be placed to the right of the lower navigation bar. + +footer = "phpBB3" + +; Specifies the text to be placed at the bottom of each output file. The text +; will be placed at the bottom of the page, below the lower navigation bar. + +;bottom = "This document was generated by <a href="http://peej.github.com/phpdoctor/">PHPDoctor: The PHP Documentation Creator</a>" + +; Create a class tree? + +;tree = off + +; Use GeSHi to include formatted source files in the documentation. PHPDoctor will look in the current doclet directory for a /geshi subdirectory. Unpack the GeSHi archive from http://qbnz.com/highlighter to get this directory - it will contain a php script and a subdirectory with formatting files. + +include_source = off + diff --git a/git-tools/hooks/commit-msg b/git-tools/hooks/commit-msg index a6777ff9c9..4f6ae71d4b 100755 --- a/git-tools/hooks/commit-msg +++ b/git-tools/hooks/commit-msg @@ -55,12 +55,24 @@ quit() fi } -msg=$(grep -nE '.{81,}' "$1"); +# Check for empty commit message +if ! grep -qv '^#' "$1" +then + # Commit message is empty (or contains only comments). + # Let git handle this. + # It will abort with a message like so: + # + # Aborting commit due to empty commit message. + exit 0 +fi + +msg=$(grep -v '^#' "$1" |grep -nE '.{81,}') if [ $? -eq 0 ] then - echo "The following lines are greater than 80 characters long:\n" >&2; - echo $msg >&2; + echo "The following lines are greater than 80 characters long:" >&2; + echo >&2 + echo "$msg" >&2; quit $ERR_LENGTH; fi @@ -107,7 +119,19 @@ do case $expect in "header") err=$ERR_HEADER; - echo "$line" | grep -Eq "^\[(ticket/[0-9]+|feature/$branch_regex|task/$branch_regex)\] [A-Z].+$" + echo "$line" | grep -Eq "^\[(ticket/[0-9]+|feature/$branch_regex|task/$branch_regex)\] .+$" + result=$? + if ! echo "$line" | grep -Eq "^\[(ticket/[0-9]+|feature/$branch_regex|task/$branch_regex)\] [A-Z].+$" + then + # Don't be too strict. + # Commits may be temporary, intended to be squashed later. + # Just issue a warning here. + echo "Warning: heading should be a sentence beginning with a capital letter." 1>&2 + echo "You entered:" 1>&2 + echo "$line" 1>&2 + fi + # restore exit code + (exit $result) ;; "empty") err=$ERR_EMPTY; @@ -128,6 +152,10 @@ do # Should not end up here false ;; + "possibly-eof") + # Allow empty and/or comment lines at the end + ! tail -n +"$i" "$1" |grep -qvE '^($|#)' + ;; "comment") echo "$line" | grep -Eq "^#"; ;; @@ -188,7 +216,7 @@ do in_description=1; ;; "footer") - expecting="footer eof"; + expecting="footer possibly-eof"; if [ "$tickets" = "" ] then tickets="$line"; @@ -199,6 +227,9 @@ do "comment") # Comments should expect the same thing again ;; + "possibly-eof") + expecting="eof"; + ;; *) echo "Unrecognised token $expect" >&2; quit 254; diff --git a/git-tools/hooks/prepare-commit-msg b/git-tools/hooks/prepare-commit-msg index 2bf25e58a4..11d2b6b2f2 100755 --- a/git-tools/hooks/prepare-commit-msg +++ b/git-tools/hooks/prepare-commit-msg @@ -35,8 +35,8 @@ then # Branch is prefixed with 'ticket/', append ticket ID to message if [ "$branch" != "${branch##ticket/}" ]; then - tail="\n\nPHPBB3-${branch##ticket/}"; + tail="$(printf "\n\nPHPBB3-${branch##ticket/}")"; fi - echo "[$branch]$tail $(cat "$1")" > "$1" + echo "[$branch] $tail$(cat "$1")" > "$1" fi diff --git a/git-tools/merge.php b/git-tools/merge.php new file mode 100755 index 0000000000..cbd84b896f --- /dev/null +++ b/git-tools/merge.php @@ -0,0 +1,175 @@ +#!/usr/bin/env php +<?php +/** +* +* @package phpBB3 +* @copyright (c) 2011 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +function show_usage() +{ + $filename = basename(__FILE__); + + echo "$filename merges a github pull request.\n"; + echo "\n"; + + echo "Usage: [php] $filename -p pull_request_id [OPTIONS]\n"; + echo "\n"; + + echo "Options:\n"; + echo " -p pull_request_id The pull request id to be merged (mandatory)\n"; + echo " -r remote Remote of upstream, defaults to 'upstream' (optional)\n"; + echo " -d Outputs the commands instead of running them (optional)\n"; + echo " -h This help text\n"; + + exit(2); +} + +// Handle arguments +$opts = getopt('p:r:dh'); + +if (empty($opts) || isset($opts['h'])) +{ + show_usage(); +} + +$pull_id = get_arg($opts, 'p', ''); +$remote = get_arg($opts, 'r', 'upstream'); +$dry_run = !get_arg($opts, 'd', true); + +try +{ + exit(work($pull_id, $remote)); +} +catch (RuntimeException $e) +{ + echo $e->getMessage(); + exit($e->getCode()); +} + +function work($pull_id, $remote) +{ + // Get some basic data + $pull = get_pull('phpbb', 'phpbb3', $pull_id); + + if (!$pull_id) + { + show_usage(); + } + + if ($pull['state'] != 'open') + { + throw new RuntimeException(sprintf("Error: pull request is closed\n", + $target_branch), 5); + } + + $pull_user = $pull['head'][0]; + $pull_branch = $pull['head'][1]; + $target_branch = $pull['base'][1]; + + switch ($target_branch) + { + case 'develop-olympus': + run("git checkout develop-olympus"); + run("git pull $remote develop-olympus"); + + add_remote($pull_user, 'phpbb3'); + run("git fetch $pull_user"); + run("git merge --no-ff $pull_user/$pull_branch"); + run("phpunit"); + + run("git checkout develop"); + run("git pull $remote develop"); + run("git merge --no-ff develop-olympus"); + run("phpunit"); + break; + + case 'develop': + run("git checkout develop"); + run("git pull $remote develop"); + + add_remote($pull_user, 'phpbb3'); + run("git fetch $pull_user"); + run("git merge --no-ff $pull_user/$pull_branch"); + run("phpunit"); + break; + + default: + throw new RuntimeException(sprintf("Error: pull request target branch '%s' is not a main branch\n", + $target_branch), 5); + break; + } +} + +function add_remote($username, $repository, $pushable = false) +{ + $url = get_repository_url($username, $repository, false); + run("git remote add $username $url", true); + + if ($pushable) + { + $ssh_url = get_repository_url($username, $repository, true); + run("git remote set-url --push $username $ssh_url"); + } +} + +function get_repository_url($username, $repository, $ssh = false) +{ + $url_base = ($ssh) ? 'git@github.com:' : 'git://github.com/'; + + return $url_base . $username . '/' . $repository . '.git'; +} + +function api_request($query) +{ + $contents = file_get_contents("http://github.com/api/v2/json/$query"); + + if ($contents === false) + { + throw new RuntimeException("Error: failed to retrieve pull request data\n", 4); + } + + return json_decode($contents); +} + +function get_pull($username, $repository, $pull_id) +{ + $request = api_request("pulls/$username/$repository/$pull_id"); + + $pull = $request->pull; + + $pull_data = array( + 'base' => array($pull->base->user->login, $pull->base->ref), + 'head' => array($pull->head->user->login, $pull->head->ref), + 'state' => $pull->state, + ); + + return $pull_data; +} + +function get_arg($array, $index, $default) +{ + return isset($array[$index]) ? $array[$index] : $default; +} + +function run($cmd, $ignore_fail = false) +{ + global $dry_run; + + if (!empty($dry_run)) + { + echo "$cmd\n"; + } + else + { + passthru(escapeshellcmd($cmd), $status); + + if ($status != 0 && !$ignore_fail) + { + throw new RuntimeException(sprintf("Error: command '%s' failed with status %s'\n", + $cmd, $status), 6); + } + } +} diff --git a/git-tools/setup_github_network.php b/git-tools/setup_github_network.php new file mode 100755 index 0000000000..e4e212eef6 --- /dev/null +++ b/git-tools/setup_github_network.php @@ -0,0 +1,248 @@ +#!/usr/bin/env php +<?php +/** +* +* @package phpBB3 +* @copyright (c) 2011 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +function show_usage() +{ + $filename = basename(__FILE__); + + echo "$filename adds repositories of a github network as remotes to a local git repository.\n"; + echo "\n"; + + echo "Usage: [php] $filename -s collaborators|organisation|contributors|network [OPTIONS]\n"; + echo "\n"; + + echo "Scopes:\n"; + echo " collaborators Repositories of people who have push access to the specified repository\n"; + echo " contributors Repositories of people who have contributed to the specified repository\n"; + echo " organisation Repositories of members of the organisation at github\n"; + echo " network All repositories of the whole github network\n"; + echo "\n"; + + echo "Options:\n"; + echo " -s scope See description above (mandatory)\n"; + echo " -u github_username Overwrites the github username (optional)\n"; + echo " -r repository_name Overwrites the repository name (optional)\n"; + echo " -m your_github_username Sets up ssh:// instead of git:// for pushable repositories (optional)\n"; + echo " -d Outputs the commands instead of running them (optional)\n"; + echo " -h This help text\n"; + + exit(1); +} + +// Handle arguments +$opts = getopt('s:u:r:m:dh'); + +if (empty($opts) || isset($opts['h'])) +{ + show_usage(); +} + +$scope = get_arg($opts, 's', ''); +$username = get_arg($opts, 'u', 'phpbb'); +$repository = get_arg($opts, 'r', 'phpbb3'); +$developer = get_arg($opts, 'm', ''); +$dry_run = !get_arg($opts, 'd', true); +run(null, $dry_run); +exit(work($scope, $username, $repository, $developer)); + +function work($scope, $username, $repository, $developer) +{ + // Get some basic data + $network = get_network($username, $repository); + $collaborators = get_collaborators($username, $repository); + + if ($network === false || $collaborators === false) + { + echo "Error: failed to retrieve network or collaborators\n"; + return 1; + } + + switch ($scope) + { + case 'collaborators': + $remotes = array_intersect_key($network, $collaborators); + break; + + case 'organisation': + $remotes = array_intersect_key($network, get_organisation_members($username)); + break; + + case 'contributors': + $remotes = array_intersect_key($network, get_contributors($username, $repository)); + break; + + case 'network': + $remotes = $network; + break; + + default: + show_usage(); + } + + if (file_exists('.git')) + { + add_remote($username, $repository, isset($collaborators[$developer])); + } + else + { + clone_repository($username, $repository, isset($collaborators[$developer])); + } + + // Add private security repository for developers + if ($username == 'phpbb' && $repository == 'phpbb3' && isset($collaborators[$developer])) + { + run("git remote add $username-security " . get_repository_url($username, "$repository-security", true)); + } + + // Skip blessed repository. + unset($remotes[$username]); + + foreach ($remotes as $remote) + { + add_remote($remote['username'], $remote['repository'], $remote['username'] == $developer); + } + + run('git remote update'); +} + +function clone_repository($username, $repository, $pushable = false) +{ + $url = get_repository_url($username, $repository, false); + run("git clone $url ./ --origin $username"); + + if ($pushable) + { + $ssh_url = get_repository_url($username, $repository, true); + run("git remote set-url --push $username $ssh_url"); + } +} + +function add_remote($username, $repository, $pushable = false) +{ + $url = get_repository_url($username, $repository, false); + run("git remote add $username $url"); + + if ($pushable) + { + $ssh_url = get_repository_url($username, $repository, true); + run("git remote set-url --push $username $ssh_url"); + } +} + +function get_repository_url($username, $repository, $ssh = false) +{ + $url_base = ($ssh) ? 'git@github.com:' : 'git://github.com/'; + + return $url_base . $username . '/' . $repository . '.git'; +} + +function api_request($query) +{ + $contents = file_get_contents("http://github.com/api/v2/json/$query"); + if ($contents === false) + { + return false; + } + return json_decode($contents); +} + +function get_contributors($username, $repository) +{ + $request = api_request("repos/show/$username/$repository/contributors"); + if ($request === false) + { + return false; + } + + $usernames = array(); + foreach ($request->contributors as $contributor) + { + $usernames[$contributor->login] = $contributor->login; + } + + return $usernames; +} + +function get_organisation_members($username) +{ + $request = api_request("organizations/$username/public_members"); + if ($request === false) + { + return false; + } + + $usernames = array(); + foreach ($request->users as $member) + { + $usernames[$member->login] = $member->login; + } + + return $usernames; +} + +function get_collaborators($username, $repository) +{ + $request = api_request("repos/show/$username/$repository/collaborators"); + if ($request === false) + { + return false; + } + + $usernames = array(); + foreach ($request->collaborators as $collaborator) + { + $usernames[$collaborator] = $collaborator; + } + + return $usernames; +} + +function get_network($username, $repository) +{ + $request = api_request("repos/show/$username/$repository/network"); + if ($request === false) + { + return false; + } + + $usernames = array(); + foreach ($request->network as $network) + { + $usernames[$network->owner] = array( + 'username' => $network->owner, + 'repository' => $network->name, + ); + } + + return $usernames; +} + +function get_arg($array, $index, $default) +{ + return isset($array[$index]) ? $array[$index] : $default; +} + +function run($cmd, $dry = false) +{ + static $dry_run; + + if (is_null($cmd)) + { + $dry_run = $dry; + } + else if (!empty($dry_run)) + { + echo "$cmd\n"; + } + else + { + passthru(escapeshellcmd($cmd)); + } +} diff --git a/phpBB/adm/index.php b/phpBB/adm/index.php index 92bcf90039..bf4dc37044 100644 --- a/phpBB/adm/index.php +++ b/phpBB/adm/index.php @@ -237,7 +237,7 @@ function build_select($option_ary, $option_default = false) /** * Build radio fields in acp pages */ -function h_radio($name, &$input_ary, $input_default = false, $id = false, $key = false) +function h_radio($name, $input_ary, $input_default = false, $id = false, $key = false, $separator = '') { global $user; @@ -246,7 +246,7 @@ function h_radio($name, &$input_ary, $input_default = false, $id = false, $key = foreach ($input_ary as $value => $title) { $selected = ($input_default !== false && $value == $input_default) ? ' checked="checked"' : ''; - $html .= '<label><input type="radio" name="' . $name . '"' . (($id && !$id_assigned) ? ' id="' . $id . '"' : '') . ' value="' . $value . '"' . $selected . (($key) ? ' accesskey="' . $key . '"' : '') . ' class="radio" /> ' . $user->lang[$title] . '</label>'; + $html .= '<label><input type="radio" name="' . $name . '"' . (($id && !$id_assigned) ? ' id="' . $id . '"' : '') . ' value="' . $value . '"' . $selected . (($key) ? ' accesskey="' . $key . '"' : '') . ' class="radio" /> ' . $user->lang[$title] . '</label>' . $separator; $id_assigned = true; } @@ -276,7 +276,7 @@ function build_cfg_template($tpl_type, $key, &$new, $config_key, $vars) $size = (int) $tpl_type[1]; $maxlength = (int) $tpl_type[2]; - $tpl = '<input id="' . $key . '" type="' . $tpl_type[0] . '"' . (($size) ? ' size="' . $size . '"' : '') . ' maxlength="' . (($maxlength) ? $maxlength : 255) . '" name="' . $name . '" value="' . $new[$config_key] . '" />'; + $tpl = '<input id="' . $key . '" type="' . $tpl_type[0] . '"' . (($size) ? ' size="' . $size . '"' : '') . ' maxlength="' . (($maxlength) ? $maxlength : 255) . '" name="' . $name . '" value="' . $new[$config_key] . '"' . (($tpl_type[0] === 'password') ? ' autocomplete="off"' : '') . ' />'; break; case 'dimension': @@ -402,7 +402,7 @@ function validate_config_vars($config_vars, &$cfg_array, &$error) switch ($validator[$type]) { case 'string': - $length = strlen($cfg_array[$config_name]); + $length = utf8_strlen($cfg_array[$config_name]); // the column is a VARCHAR $validator[$max] = (isset($validator[$max])) ? min(255, $validator[$max]) : 255; @@ -573,7 +573,11 @@ function validate_range($value_ary, &$error) 'BOOL' => array('php_type' => 'int', 'min' => 0, 'max' => 1), 'USINT' => array('php_type' => 'int', 'min' => 0, 'max' => 65535), 'UINT' => array('php_type' => 'int', 'min' => 0, 'max' => (int) 0x7fffffff), - 'INT' => array('php_type' => 'int', 'min' => (int) 0x80000000, 'max' => (int) 0x7fffffff), + // Do not use (int) 0x80000000 - it evaluates to different + // values on 32-bit and 64-bit systems. + // Apparently -2147483648 is a float on 32-bit systems, + // despite fitting in an int, thus explicit cast is needed. + 'INT' => array('php_type' => 'int', 'min' => (int) -2147483648, 'max' => (int) 0x7fffffff), 'TINT' => array('php_type' => 'int', 'min' => -128, 'max' => 127), 'VCHAR' => array('php_type' => 'string', 'min' => 0, 'max' => 255), @@ -596,7 +600,7 @@ function validate_range($value_ary, &$error) { case 'string' : $max = (isset($column[1])) ? min($column[1],$type['max']) : $type['max']; - if (strlen($value['value']) > $max) + if (utf8_strlen($value['value']) > $max) { $error[] = sprintf($user->lang['SETTING_TOO_LONG'], $user->lang[$value['lang']], $max); } diff --git a/phpBB/adm/style/acp_ban.html b/phpBB/adm/style/acp_ban.html index cf44f4aaa7..0e2e71822e 100644 --- a/phpBB/adm/style/acp_ban.html +++ b/phpBB/adm/style/acp_ban.html @@ -33,7 +33,7 @@ { document.getElementById('acp_unban').unbangivereason.innerHTML = ban_give_reason[option]; document.getElementById('acp_unban').unbanreason.innerHTML = ban_reason[option]; - document.getElementById('acp_unban').unbanlength.innerHTML = ban_length[option]; + document.getElementById('acp_unban').unbanlength.value = ban_length[option]; } // ]]> diff --git a/phpBB/adm/style/acp_email.html b/phpBB/adm/style/acp_email.html index 885809ffe2..ff52500dca 100644 --- a/phpBB/adm/style/acp_email.html +++ b/phpBB/adm/style/acp_email.html @@ -38,6 +38,10 @@ <dt><label for="priority">{L_MAIL_PRIORITY}:</label></dt> <dd><select id="priority" name="mail_priority_flag">{S_PRIORITY_OPTIONS}</select></dd> </dl> +<dl> + <dt><label for="banned">{L_MAIL_BANNED}:</label><br /><span>{L_MAIL_BANNED_EXPLAIN}</span></dt> + <dd><input id="banned" name="mail_banned_flag" type="checkbox" class="radio" /></dd> +</dl> <dl> <dt><label for="send">{L_SEND_IMMEDIATELY}:</label></dt> <dd><input id="send" type="checkbox" class="radio" name="send_immediately" checked="checked" /></dd> diff --git a/phpBB/adm/style/acp_forums.html b/phpBB/adm/style/acp_forums.html index 9f9216a068..8577c08860 100644 --- a/phpBB/adm/style/acp_forums.html +++ b/phpBB/adm/style/acp_forums.html @@ -58,7 +58,7 @@ /** * Init the wanted display functionality if javascript is enabled. - * If javascript is not available, the user is still able to properly administrate. + * If javascript is not available, the user is still able to properly administer. */ onload = function() { @@ -140,6 +140,12 @@ <dt><label for="parent">{L_FORUM_PARENT}:</label></dt> <dd><select id="parent" name="forum_parent_id"><option value="0"<!-- IF not S_FORUM_PARENT_ID --> selected="selected"<!-- ENDIF -->>{L_NO_PARENT}</option>{S_PARENT_OPTIONS}</select></dd> </dl> + <!-- IF S_CAN_COPY_PERMISSIONS --> + <dl> + <dt><label for="forum_perm_from">{L_COPY_PERMISSIONS}:</label><br /><span>{L_COPY_PERMISSIONS_EXPLAIN}</span></dt> + <dd><select id="forum_perm_from" name="forum_perm_from"><option value="0">{L_NO_PERMISSIONS}</option>{S_FORUM_OPTIONS}</select></dd> + </dl> + <!-- ENDIF --> <dl> <dt><label for="forum_name">{L_FORUM_NAME}:</label></dt> <dd><input class="text medium" type="text" id="forum_name" name="forum_name" value="{FORUM_NAME}" maxlength="255" /></dd> @@ -160,11 +166,11 @@ </dl> <dl> <dt><label for="forum_password">{L_FORUM_PASSWORD}:</label><br /><span>{L_FORUM_PASSWORD_EXPLAIN}</span></dt> - <dd><input type="password" id="forum_password" name="forum_password" value="<!-- IF S_FORUM_PASSWORD_SET --> <!-- ENDIF -->" /></dd> + <dd><input type="password" id="forum_password" name="forum_password" value="<!-- IF S_FORUM_PASSWORD_SET --> <!-- ENDIF -->" autocomplete="off" /></dd> </dl> <dl> <dt><label for="forum_password_confirm">{L_FORUM_PASSWORD_CONFIRM}:</label><br /><span>{L_FORUM_PASSWORD_CONFIRM_EXPLAIN}</span></dt> - <dd><input type="password" id="forum_password_confirm" name="forum_password_confirm" value="<!-- IF S_FORUM_PASSWORD_SET --> <!-- ENDIF -->" /></dd> + <dd><input type="password" id="forum_password_confirm" name="forum_password_confirm" value="<!-- IF S_FORUM_PASSWORD_SET --> <!-- ENDIF -->" autocomplete="off" /></dd> </dl> <!-- IF S_FORUM_PASSWORD_SET --> <dl> @@ -176,12 +182,6 @@ <dt><label for="forum_style">{L_FORUM_STYLE}:</label></dt> <dd><select id="forum_style" name="forum_style"><option value="0">{L_DEFAULT_STYLE}</option>{S_STYLES_OPTIONS}</select></dd> </dl> - <!-- IF S_CAN_COPY_PERMISSIONS --> - <dl> - <dt><label for="forum_perm_from">{L_COPY_PERMISSIONS}:</label><br /><span>{L_COPY_PERMISSIONS_EXPLAIN}</span></dt> - <dd><select id="forum_perm_from" name="forum_perm_from"><option value="0">{L_NO_PERMISSIONS}</option>{S_FORUM_OPTIONS}</select></dd> - </dl> - <!-- ENDIF --> </fieldset> <div id="forum_cat_options"> diff --git a/phpBB/adm/style/acp_ranks.html b/phpBB/adm/style/acp_ranks.html index 9306e30269..2ad8b3e8aa 100644 --- a/phpBB/adm/style/acp_ranks.html +++ b/phpBB/adm/style/acp_ranks.html @@ -35,8 +35,8 @@ </dl> <dl> <dt><label for="special_rank">{L_RANK_SPECIAL}:</label></dt> - <dd><label><input onchange="dE('posts', -1)" type="radio" class="radio" name="special_rank" value="1" id="special_rank"<!-- IF S_SPECIAL_RANK --> checked="checked"<!-- ENDIF --> />{L_YES}</label> - <label><input onchange="dE('posts', 1)" type="radio" class="radio" name="special_rank" value="0"<!-- IF not S_SPECIAL_RANK --> checked="checked"<!-- ENDIF --> /> {L_NO}</label></dd> + <dd><label><input onclick="dE('posts', -1)" type="radio" class="radio" name="special_rank" value="1" id="special_rank"<!-- IF S_SPECIAL_RANK --> checked="checked"<!-- ENDIF --> />{L_YES}</label> + <label><input onclick="dE('posts', 1)" type="radio" class="radio" name="special_rank" value="0"<!-- IF not S_SPECIAL_RANK --> checked="checked"<!-- ENDIF --> /> {L_NO}</label></dd> </dl> <!-- IF S_SPECIAL_RANK --><div id="posts" style="display: none;"><!-- ELSE --><div id="posts"><!-- ENDIF --> <dl> diff --git a/phpBB/adm/style/acp_styles.html b/phpBB/adm/style/acp_styles.html index 5bde4008ad..098cc723d9 100644 --- a/phpBB/adm/style/acp_styles.html +++ b/phpBB/adm/style/acp_styles.html @@ -22,6 +22,21 @@ <dt><label for="new_id">{L_REPLACE}:</label><br /><span>{L_REPLACE_EXPLAIN}</span></dt> <dd><select id="new_id" name="new_id">{S_REPLACE_OPTIONS}</select></dd> </dl> + <!-- IF S_DELETE_STYLE --> + <hr /> + <dl> + <dt><label for="new_template_id">{L_DELETE_TEMPLATE}:</label><br /><span>{L_REPLACE_TEMPLATE_EXPLAIN}</span></dt> + <dd><select id="new_template_id" name="new_template_id">{S_REPLACE_TEMPLATE_OPTIONS}</select></dd> + </dl> + <dl> + <dt><label for="new_theme_id">{L_DELETE_THEME}:</label><br /><span>{L_REPLACE_THEME_EXPLAIN}</span></dt> + <dd><select id="new_theme_id" name="new_theme_id">{S_REPLACE_THEME_OPTIONS}</select></dd> + </dl> + <dl> + <dt><label for="new_imageset_id">{L_DELETE_IMAGESET}:</label><br /><span>{L_REPLACE_IMAGESET_EXPLAIN}</span></dt> + <dd><select id="new_imageset_id" name="new_imageset_id">{S_REPLACE_IMAGESET_OPTIONS}</select></dd> + </dl> + <!-- ENDIF --> <p class="quick"> <input class="button1" type="submit" name="update" value="{L_DELETE}" /> @@ -77,7 +92,7 @@ /** * Init the wanted display functionality if javascript is enabled. - * If javascript is not available, the user is still able to properly administrate. + * If javascript is not available, the user is still able to properly administer. */ onload = function() { diff --git a/phpBB/adm/style/acp_users_overview.html b/phpBB/adm/style/acp_users_overview.html index 911dcad293..9237e45daf 100644 --- a/phpBB/adm/style/acp_users_overview.html +++ b/phpBB/adm/style/acp_users_overview.html @@ -43,19 +43,19 @@ </dl> <dl> <dt><label for="user_email">{L_EMAIL}:</label></dt> - <dd><input class="text medium" type="text" id="user_email" name="user_email" value="{USER_EMAIL}" /></dd> + <dd><input class="text medium" type="text" id="user_email" name="user_email" value="{USER_EMAIL}" autocomplete="off" /></dd> </dl> <dl> <dt><label for="email_confirm">{L_CONFIRM_EMAIL}:</label><br /><span>{L_CONFIRM_EMAIL_EXPLAIN}</span></dt> - <dd><input class="text medium" type="text" id="email_confirm" name="email_confirm" value="" /></dd> + <dd><input class="text medium" type="text" id="email_confirm" name="email_confirm" value="" autocomplete="off" /></dd> </dl> <dl> <dt><label for="new_password">{L_NEW_PASSWORD}:</label><br /><span>{L_CHANGE_PASSWORD_EXPLAIN}</span></dt> - <dd><input type="password" id="new_password" name="new_password" value="" /></dd> + <dd><input type="password" id="new_password" name="new_password" value="" autocomplete="off" /></dd> </dl> <dl> <dt><label for="password_confirm">{L_CONFIRM_PASSWORD}:</label><br /><span>{L_CONFIRM_PASSWORD_EXPLAIN}</span></dt> - <dd><input type="password" id="password_confirm" name="password_confirm" value="" /></dd> + <dd><input type="password" id="password_confirm" name="password_confirm" value="" autocomplete="off" /></dd> </dl> <p class="quick"> diff --git a/phpBB/adm/style/captcha_recaptcha.html b/phpBB/adm/style/captcha_recaptcha.html index 586c494868..d3038fd714 100644 --- a/phpBB/adm/style/captcha_recaptcha.html +++ b/phpBB/adm/style/captcha_recaptcha.html @@ -5,7 +5,7 @@ // <![CDATA[ var RecaptchaOptions = { lang : '{LA_RECAPTCHA_LANG}', - theme : 'clean', + theme : 'clean' }; // ]]> </script> diff --git a/phpBB/adm/style/install_footer.html b/phpBB/adm/style/install_footer.html index 4df43eaaa0..26a3c6ab3d 100644 --- a/phpBB/adm/style/install_footer.html +++ b/phpBB/adm/style/install_footer.html @@ -6,20 +6,9 @@ </div> </div> </div> - - <!-- - We request you retain the full copyright notice below including the link to www.phpbb.com. - This not only gives respect to the large amount of time given freely by the developers - but also helps build interest, traffic and use of phpBB. If you (honestly) cannot retain - the full copyright we ask you at least leave in place the "Powered by phpBB" line, with - "phpBB" linked to www.phpbb.com. If you refuse to include even this then support on our - forums may be affected. - - The phpBB Group : 2006 - // --> - + <div id="page-footer"> - Powered by phpBB © 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a> + Powered by <a href="http://www.phpbb.com/">phpBB</a>® Forum Software © phpBB Group </div> </div> diff --git a/phpBB/adm/style/overall_footer.html b/phpBB/adm/style/overall_footer.html index 8af299ad57..b48b449597 100644 --- a/phpBB/adm/style/overall_footer.html +++ b/phpBB/adm/style/overall_footer.html @@ -6,21 +6,10 @@ </div> </div> </div> - - <!-- - We request you retain the full copyright notice below including the link to www.phpbb.com. - This not only gives respect to the large amount of time given freely by the developers - but also helps build interest, traffic and use of phpBB. If you (honestly) cannot retain - the full copyright we ask you at least leave in place the "Powered by phpBB" line, with - "phpBB" linked to www.phpbb.com. If you refuse to include even this then support on our - forums may be affected. - - The phpBB Group : 2006 - // --> - + <div id="page-footer"> <!-- IF S_COPYRIGHT_HTML --> - Powered by phpBB © 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a> + Powered by <a href="http://www.phpbb.com/">phpBB</a>® Forum Software © phpBB Group <!-- IF TRANSLATION_INFO --><br />{TRANSLATION_INFO}<!-- ENDIF --> <!-- ENDIF --> diff --git a/phpBB/adm/style/simple_footer.html b/phpBB/adm/style/simple_footer.html index 65cf724c2f..ac9c26a690 100644 --- a/phpBB/adm/style/simple_footer.html +++ b/phpBB/adm/style/simple_footer.html @@ -2,21 +2,10 @@ <br /><br /> </div> -<!-- - We request you retain the full copyright notice below including the link to www.phpbb.com. - This not only gives respect to the large amount of time given freely by the developers - but also helps build interest, traffic and use of phpBB. If you (honestly) cannot retain - the full copyright we ask you at least leave in place the "Powered by phpBB" line, with - "phpBB" linked to www.phpbb.com. If you refuse to include even this then support on our - forums may be affected. - - The phpBB Group : 2006 -// --> - <div id="page-footer"> <!-- IF S_COPYRIGHT_HTML --> - <br />Powered by phpBB © 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a> + <br />Powered by <a href="http://www.phpbb.com/">phpBB</a>® Forum Software © phpBB Group <!-- IF TRANSLATION_INFO --><br />{TRANSLATION_INFO}<!-- ENDIF --> <!-- ENDIF --> diff --git a/phpBB/common.php b/phpBB/common.php index c8b2fb9609..491addc5e0 100644 --- a/phpBB/common.php +++ b/phpBB/common.php @@ -16,112 +16,7 @@ if (!defined('IN_PHPBB')) exit; } -$starttime = explode(' ', microtime()); -$starttime = $starttime[1] + $starttime[0]; - -// Report all errors, except notices and deprecation messages -if (!defined('E_DEPRECATED')) -{ - define('E_DEPRECATED', 8192); -} -error_reporting(E_ALL ^ E_NOTICE ^ E_DEPRECATED); - -/* -* Remove variables created by register_globals from the global scope -* Thanks to Matt Kavanagh -*/ -function deregister_globals() -{ - $not_unset = array( - 'GLOBALS' => true, - '_GET' => true, - '_POST' => true, - '_COOKIE' => true, - '_REQUEST' => true, - '_SERVER' => true, - '_SESSION' => true, - '_ENV' => true, - '_FILES' => true, - 'phpEx' => true, - 'phpbb_root_path' => true - ); - - // Not only will array_merge and array_keys give a warning if - // a parameter is not an array, array_merge will actually fail. - // So we check if _SESSION has been initialised. - if (!isset($_SESSION) || !is_array($_SESSION)) - { - $_SESSION = array(); - } - - // Merge all into one extremely huge array; unset this later - $input = array_merge( - array_keys($_GET), - array_keys($_POST), - array_keys($_COOKIE), - array_keys($_SERVER), - array_keys($_SESSION), - array_keys($_ENV), - array_keys($_FILES) - ); - - foreach ($input as $varname) - { - if (isset($not_unset[$varname])) - { - // Hacking attempt. No point in continuing unless it's a COOKIE - if ($varname !== 'GLOBALS' || isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_SERVER['GLOBALS']) || isset($_SESSION['GLOBALS']) || isset($_ENV['GLOBALS']) || isset($_FILES['GLOBALS'])) - { - exit; - } - else - { - $cookie = &$_COOKIE; - while (isset($cookie['GLOBALS'])) - { - foreach ($cookie['GLOBALS'] as $registered_var => $value) - { - if (!isset($not_unset[$registered_var])) - { - unset($GLOBALS[$registered_var]); - } - } - $cookie = &$cookie['GLOBALS']; - } - } - } - - unset($GLOBALS[$varname]); - } - - unset($input); -} - -// If we are on PHP >= 6.0.0 we do not need some code -if (version_compare(PHP_VERSION, '6.0.0-dev', '>=')) -{ - /** - * @ignore - */ - define('STRIP', false); -} -else -{ - @set_magic_quotes_runtime(0); - - // Be paranoid with passed vars - if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on' || !function_exists('ini_get')) - { - deregister_globals(); - } - - define('STRIP', (get_magic_quotes_gpc()) ? true : false); -} - -if (defined('IN_CRON')) -{ - $phpbb_root_path = dirname(__FILE__) . DIRECTORY_SEPARATOR; -} +require($phpbb_root_path . 'includes/startup.' . $phpEx); if (file_exists($phpbb_root_path . 'config.' . $phpEx)) { diff --git a/phpBB/cron.php b/phpBB/cron.php index 3993a149b5..8000066c92 100644 --- a/phpBB/cron.php +++ b/phpBB/cron.php @@ -21,7 +21,6 @@ $user->session_begin(false); $auth->acl($user->data); $cron_type = request_var('cron_type', ''); -$use_shutdown_function = (@function_exists('register_shutdown_function')) ? true : false; // Output transparent gif header('Cache-Control: no-cache'); @@ -30,10 +29,9 @@ header('Content-length: 43'); echo base64_decode('R0lGODlhAQABAIAAAP///wAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw=='); -// test without flush ;) -// flush(); +// Flush here to prevent browser from showing the page as loading while running cron. +flush(); -// if (!isset($config['cron_lock'])) { set_config('cron_lock', '0', true); @@ -79,23 +77,10 @@ switch ($cron_type) break; } - // A user reported using the mail() function while using shutdown does not work. We do not want to risk that. - if ($use_shutdown_function && !$config['smtp_delivery']) - { - $use_shutdown_function = false; - } - include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); $queue = new queue(); - if ($use_shutdown_function) - { - register_shutdown_function(array(&$queue, 'process')); - } - else - { - $queue->process(); - } + $queue->process(); break; @@ -106,14 +91,7 @@ switch ($cron_type) break; } - if ($use_shutdown_function) - { - register_shutdown_function(array(&$cache, 'tidy')); - } - else - { - $cache->tidy(); - } + $cache->tidy(); break; @@ -138,14 +116,7 @@ switch ($cron_type) break; } - if ($use_shutdown_function) - { - register_shutdown_function(array(&$search, 'tidy')); - } - else - { - $search->tidy(); - } + $search->tidy(); break; @@ -158,14 +129,7 @@ switch ($cron_type) include_once($phpbb_root_path . 'includes/functions_admin.' . $phpEx); - if ($use_shutdown_function) - { - register_shutdown_function('tidy_warnings'); - } - else - { - tidy_warnings(); - } + tidy_warnings(); break; @@ -178,14 +142,7 @@ switch ($cron_type) include_once($phpbb_root_path . 'includes/functions_admin.' . $phpEx); - if ($use_shutdown_function) - { - register_shutdown_function('tidy_database'); - } - else - { - tidy_database(); - } + tidy_database(); break; @@ -196,14 +153,7 @@ switch ($cron_type) break; } - if ($use_shutdown_function) - { - register_shutdown_function(array(&$user, 'session_gc')); - } - else - { - $user->session_gc(); - } + $user->session_gc(); break; @@ -230,26 +180,12 @@ switch ($cron_type) if ($row['prune_days']) { - if ($use_shutdown_function) - { - register_shutdown_function('auto_prune', $row['forum_id'], 'posted', $row['forum_flags'], $row['prune_days'], $row['prune_freq']); - } - else - { - auto_prune($row['forum_id'], 'posted', $row['forum_flags'], $row['prune_days'], $row['prune_freq']); - } + auto_prune($row['forum_id'], 'posted', $row['forum_flags'], $row['prune_days'], $row['prune_freq']); } if ($row['prune_viewed']) { - if ($use_shutdown_function) - { - register_shutdown_function('auto_prune', $row['forum_id'], 'viewed', $row['forum_flags'], $row['prune_viewed'], $row['prune_freq']); - } - else - { - auto_prune($row['forum_id'], 'viewed', $row['forum_flags'], $row['prune_viewed'], $row['prune_freq']); - } + auto_prune($row['forum_id'], 'viewed', $row['forum_flags'], $row['prune_viewed'], $row['prune_freq']); } } @@ -257,16 +193,8 @@ switch ($cron_type) } // Unloading cache and closing db after having done the dirty work. -if ($use_shutdown_function) -{ - register_shutdown_function('unlock_cron'); - register_shutdown_function('garbage_collection'); -} -else -{ - unlock_cron(); - garbage_collection(); -} +unlock_cron(); +garbage_collection(); exit; diff --git a/phpBB/develop/create_schema_files.php b/phpBB/develop/create_schema_files.php index 0515d801f2..efe8837b26 100644 --- a/phpBB/develop/create_schema_files.php +++ b/phpBB/develop/create_schema_files.php @@ -329,6 +329,15 @@ foreach ($supported_dbms as $dbms) // Write columns one by one... foreach ($table_data['COLUMNS'] as $column_name => $column_data) { + if (strlen($column_name) > 30) + { + trigger_error("Column name '$column_name' on table '$table_name' is too long. The maximum is 30 characters.", E_USER_ERROR); + } + if (isset($column_data[2]) && $column_data[2] == 'auto_increment' && strlen($column_name) > 26) // "${column_name}_gen" + { + trigger_error("Index name '${column_name}_gen' on table '$table_name' is too long. The maximum is 30 characters.", E_USER_ERROR); + } + // Get type if (strpos($column_data[0], ':') !== false) { @@ -632,6 +641,11 @@ foreach ($supported_dbms as $dbms) $key_data[1] = array($key_data[1]); } + if (strlen($table_name . $key_name) > 30) + { + trigger_error("Index name '${table_name}_$key_name' on table '$table_name' is too long. The maximum is 30 characters.", E_USER_ERROR); + } + switch ($dbms) { case 'mysql_40': @@ -926,7 +940,7 @@ function get_schema_struct() $schema_data['phpbb_bbcodes'] = array( 'COLUMNS' => array( - 'bbcode_id' => array('TINT:3', 0), + 'bbcode_id' => array('USINT', 0), 'bbcode_tag' => array('VCHAR:16', ''), 'bbcode_helpline' => array('VCHAR_UNI', ''), 'display_on_posting' => array('BOOL', 0), @@ -1207,6 +1221,24 @@ function get_schema_struct() ), ); + $schema_data['phpbb_login_attempts'] = array( + 'COLUMNS' => array( + 'attempt_ip' => array('VCHAR:40', ''), + 'attempt_browser' => array('VCHAR:150', ''), + 'attempt_forwarded_for' => array('VCHAR:255', ''), + 'attempt_time' => array('TIMESTAMP', 0), + 'user_id' => array('UINT', 0), + 'username' => array('VCHAR_UNI:255', 0), + 'username_clean' => array('VCHAR_CI', 0), + ), + 'KEYS' => array( + 'att_ip' => array('INDEX', array('attempt_ip', 'attempt_time')), + 'att_for' => array('INDEX', array('attempt_forwarded_for', 'attempt_time')), + 'att_time' => array('INDEX', array('attempt_time')), + 'user_id' => array('INDEX', 'user_id'), + ), + ); + $schema_data['phpbb_moderator_cache'] = array( 'COLUMNS' => array( 'forum_id' => array('UINT', 0), @@ -2047,4 +2079,3 @@ EOF; echo 'done'; -?> \ No newline at end of file diff --git a/phpBB/develop/create_variable_overview.php b/phpBB/develop/create_variable_overview.php index 3782f53e4c..fe7cacf0d1 100644 --- a/phpBB/develop/create_variable_overview.php +++ b/phpBB/develop/create_variable_overview.php @@ -83,7 +83,7 @@ $html_skeleton .= '<br><br><a name="ref"></a><b>References: </b>{SEE_FILES}'; $html_skeleton .= ' <br><br> -<div class="copyright" align="center">Powered by phpBB 2.2 © <a href="http://www.phpbb.com/" target="_phpbb" class="copyright">phpBB Group</a>, 2003</div> +<div class="copyright" align="center">Powered by <a href="http://www.phpbb.com/">phpBB</a>® Forum Software © phpBB Group</div> <br clear="all" /></td> </tr> @@ -405,7 +405,7 @@ $html_data .= '<br><li><a href="./lang_index.html" class="gen">Appendix A: Langu $html_data .= ' </ol><br><br> -<div class="copyright" align="center">Powered by phpBB 2.2 © <a href="http://www.phpbb.com/" target="_phpbb" class="copyright">phpBB Group</a>, 2003</div> +<div class="copyright" align="center">Powered by <a href="http://www.phpbb.com/">phpBB</a>® Forum Software © phpBB Group</div> <br clear="all" /></td> </tr> @@ -528,7 +528,7 @@ foreach ($lang_fp as $filepointer) $html_data .= ' <br><br> -<div class="copyright" align="center">Powered by phpBB 2.2 © <a href="http://www.phpbb.com/" target="_phpbb" class="copyright">phpBB Group</a>, 2003</div> +<div class="copyright" align="center">Powered by <a href="http://www.phpbb.com/">phpBB</a>® Forum Software © phpBB Group</div> <br clear="all" /></td> </tr> diff --git a/phpBB/develop/mysql_upgrader.php b/phpBB/develop/mysql_upgrader.php index 57230339e8..dec8f8c210 100644 --- a/phpBB/develop/mysql_upgrader.php +++ b/phpBB/develop/mysql_upgrader.php @@ -21,6 +21,7 @@ die("Please read the first lines of this script for instructions on how to enable it"); define('IN_PHPBB', true); +$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './'; $phpEx = substr(strrchr(__FILE__, '.'), 1); include($phpbb_root_path . 'common.' . $phpEx); @@ -252,7 +253,7 @@ foreach ($schema_data as $table_name => $table_data) // Do we now need to re-add the fulltext index? ;) if ($table_name == ($prefix . 'posts') && $drop_index) { - echo "ALTER TABLE $table_name ADD FULLTEXT (post_subject), ADD FULLTEXT (post_text), ADD FULLTEXT post_content (post_subject, post_text){$newline}"; + echo "ALTER TABLE $table_name ADD FULLTEXT (post_subject), ADD FULLTEXT (post_text), ADD FULLTEXT post_content (post_subject, post_text);{$newline}"; } } @@ -414,7 +415,7 @@ function get_schema_struct() $schema_data['phpbb_bbcodes'] = array( 'COLUMNS' => array( - 'bbcode_id' => array('TINT:3', 0), + 'bbcode_id' => array('USINT', 0), 'bbcode_tag' => array('VCHAR:16', ''), 'bbcode_helpline' => array('VCHAR_UNI', ''), 'display_on_posting' => array('BOOL', 0), diff --git a/phpBB/docs/AUTHORS b/phpBB/docs/AUTHORS index b3166313c3..81bc9f52e6 100644 --- a/phpBB/docs/AUTHORS +++ b/phpBB/docs/AUTHORS @@ -1,6 +1,6 @@ /** * -* phpBB3 © Copyright 2000, 2002, 2005, 2007 phpBB Group +* phpBB3 © Copyright phpBB Group * http://www.phpbb.com * * This program is free software: you can redistribute it and/or modify @@ -22,20 +22,17 @@ involved in phpBB. phpBB Lead Developer: naderman (Nils Adermann) -phpBB Developers: A_Jelly_Doughnut (Josh Woody) - Acyd Burn (Meik Sievertsen) [Lead 09/2005 - 01/2010] - APTX (Marek A. R.) +phpBB Developers: Acyd Burn (Meik Sievertsen) [Lead 09/2005 - 01/2010] bantu (Andreas Fischer) - dhn (Dominik Dröscher) + ckwalsh (Cullen Walsh) igorw (Igor Wiedler) kellanved (Henry Sudhof) nickvergessen (Joas Schilling) + Oleg (Oleg Pudeyev) rxu (Ruslan Uzdenov) - Terrafrost (Jim Wigginton) ToonArmy (Chris Smith) -Contributions by: Brainy (Cullen Walsh) - leviatan21 (Gabriel Vazquez) +Contributions by: leviatan21 (Gabriel Vazquez) Raimon (Raimon Meuldijk) Xore (Robert Hetzler) @@ -47,11 +44,15 @@ phpBB Project Manager: theFinn (James Atkinson) [Founder - 04/2007] phpBB Lead Developer: psoTFX (Paul S. Owen) [2001 - 09/2005] -phpBB Developers: Ashe (Ludovic Arnaud) [10/2002 - 11/2003, 06/2006 - 10/2006] - BartVB (Bart van Bragt) [11/2000 - 03/2006] - DavidMJ (David M.) [12/2005 - 08/2009] - GrahamJE (Graham Eames) [09/2005 - 11/2006] - Vic D'Elfant (Vic D'Elfant) [04/2007 - 04/2009] +phpBB Developers: A_Jelly_Doughnut (Josh Woody) [01/2010 - 11/2010] + APTX (Marek A. Ruszczyński) [12/2007 - 04/2011] + Ashe (Ludovic Arnaud) [10/2002 - 11/2003, 06/2006 - 10/2006] + BartVB (Bart van Bragt) [11/2000 - 03/2006] + DavidMJ (David M.) [12/2005 - 08/2009] + dhn (Dominik Dröscher) [05/2007 - 01/2011] + GrahamJE (Graham Eames) [09/2005 - 11/2006] + TerraFrost (Jim Wigginton) [04/2009 - 01/2011] + Vic D'Elfant (Vic D'Elfant) [04/2007 - 04/2009] -- Copyrights -- diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index 66915b18fa..6437fef1d5 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -8,7 +8,7 @@ <meta http-equiv="imagetoolbar" content="no" /> <meta name="resource-type" content="document" /> <meta name="distribution" content="global" /> -<meta name="copyright" content="2007 phpBB Group" /> +<meta name="copyright" content="phpBB Group" /> <meta name="keywords" content="" /> <meta name="description" content="phpBB 3.0.x Changelog" /> <title>phpBB3 • Changelog @@ -53,6 +53,7 @@
  1. Changelog
      +
    1. Changes since 3.0.8
    2. Changes since 3.0.7-PL1
    3. Changes since 3.0.7
    4. Changes since 3.0.6
      5. @@ -89,7 +90,375 @@
      -

      1.i. Changes since 3.0.7-PL1

      +

      1.i. Changes since 3.0.8

      + +

      Bug +

      +
        +
      • [PHPBB3-217] - Multiline [url] not Converted +
        • +
      • [PHPBB3-6712] - Topic bumping does not create new topic icon on index +
        • +
      • [PHPBB3-7057] - Quicksearch uses POST, thus the page expires! +
        • +
      • [PHPBB3-7778] - Increase limit of custom BBcodes +
        • +
      • [PHPBB3-7834] - Correctly update topic_time when deleting first post in topic +
        • +
      • [PHPBB3-7888] - URL of search results page does not always contain all keywords of the search query +
        • +
      • [PHPBB3-7941] - mistake in description of function generate_board_url +
        • +
      • [PHPBB3-8138] - Browser autocompleton fills wrong fields in ACP +
        • +
      • [PHPBB3-8736] - Honour ACP settings for min/max username length when posting as a guest. +
        • +
      • [PHPBB3-8802] - Wrong confirmation text when clicking "mark forums read" in a category +
        • +
      • [PHPBB3-8904] - Show numeric CPF default value when editing +
        • +
      • [PHPBB3-9166] - Subsilver and prosilver CSS elements out of order. +
        • +
      • [PHPBB3-9348] - Correctly encode default_dateformat when converting from phpBB2 +
        • +
      • [PHPBB3-9575] - The word "administrate" is not correct. +
        • +
      • [PHPBB3-9630] - Naming inconsistency of Merging Posts / Topics in MCP +
        • +
      • [PHPBB3-9675] - Add option to delete template/theme/imageset when deleting style. +
        • +
      • [PHPBB3-9685] - Unable to create "Fulltext native" search index using the mssqlnative DBAL +
        • +
      • [PHPBB3-9751] - Password requirement "Must contain letters and numbers" is not working properly +
        • +
      • [PHPBB3-9764] - Empty value for CONFIG_TABLE config_name= 'mime_triggers' causes functions_fileupload.php->fileupload->check_content() to be too restrictive +
        • +
      • [PHPBB3-9851] - "Search new posts" should require login +
        • +
      • [PHPBB3-9872] - Total topics isn't correct after I deleted a user +
        • +
      • [PHPBB3-9874] - view_log() performs unneeded count query over all log entries. +
        • +
      • [PHPBB3-9892] - Firebird index name length limit is not taken into account +
        • +
      • [PHPBB3-9905] - DSN field should include SQLite +
        • +
      • [PHPBB3-9908] - Send "Moved Permanently" before stripping off session ids for Bots. +
        • +
      • [PHPBB3-9910] - Javascript bug in Subsilver2 PMs +
        • +
      • [PHPBB3-9911] - Incorrect open/close field in Manage ranks ACP +
        • +
      • [PHPBB3-9913] - currunt should be current +
        • +
      • [PHPBB3-9915] - "Length of ban:" is not displayed in ACP +
        • +
      • [PHPBB3-9924] - $template->display hook does not pass $template instance +
        • +
      • [PHPBB3-9925] - prosilver logo margin bug in IE 6-7-8 +
        • +
      • [PHPBB3-9928] - Do not link "login to your board" to the "send statistics" page after completed update. +
        • +
      • [PHPBB3-9930] - Redirect fails with open_basedir enabled +
        • +
      • [PHPBB3-9932] - The Bing bot is not added when converting. +
        • +
      • [PHPBB3-9933] - Wrong handling of consecutive multiple asterisks in word censor +
        • +
      • [PHPBB3-9934] - Mass Mail missing under the system tab on a fresh install +
        • +
      • [PHPBB3-9939] - JavaScript error in recaptcha ACP template +
        • +
      • [PHPBB3-9944] - Extension groups naming don't use users' language in ACP +
        • +
      • [PHPBB3-9946] - $inserts empty in sql_query() for oracle +
        • +
      • [PHPBB3-9948] - Inline quicktime files won't display +
        • +
      • [PHPBB3-9949] - $user->lang() is not handling arguments as per documentation +
        • +
      • [PHPBB3-9950] - Problem with localized button images after uprading from 3.0.7-PL1 to 3.0.8 +
        • +
      • [PHPBB3-9953] - Set focus to password on re-authentication +
        • +
      • [PHPBB3-9954] - u_masspm* permissions are forced to never for certain groups +
        • +
      • [PHPBB3-9961] - Inconsistent activation logs +
        • +
      • [PHPBB3-9966] - Language download in ACP creates index.html and misses captcha_* +
        • +
      • [PHPBB3-9970] - user_lang input not checked during registration +
        • +
      • [PHPBB3-9981] - Fix unit test dependencies on phpBB files +
        • +
      • [PHPBB3-9985] - 3D Wave CAPTCHA mt_rand() does not check order of min/max values +
        • +
      • [PHPBB3-9997] - Inconsistent approve/disapprove button order in modcp +
        • +
      • [PHPBB3-9999] - {forumrow.L_FORUM_FOLDER_ALT} and {SEARCH_IMG} only return a language key. +
        • +
      • [PHPBB3-10005] - users can register without custom profile field correctly entered +
        • +
      • [PHPBB3-10011] - __DIR__ in test suite renders it unusable on php < 5.3 +
        • +
      • [PHPBB3-10016] - set_config_count() fails on PostreSQL 7 +
        • +
      • [PHPBB3-10020] - ACP function validate_range() fails partially on non-32-bit systems +
        • +
      • [PHPBB3-10021] - "Find a member" generates SQL error when large dates are entered +
        • +
      • [PHPBB3-10029] - No such thing as $_SERVER['HTTP_VERSION'] +
        • +
      • [PHPBB3-10033] - "Disallow usernames" does not check already disallowed names +
        • +
      • [PHPBB3-10035] - ACP template edit feature allows to read any files on webserver and to upload/execute any script on it +
        • +
      • [PHPBB3-10036] - Use image from configuration file for displaying online-status. +
        • +
      • [PHPBB3-10038] - download/file.php uses $_GET value instead of function request_var() +
        • +
      • [PHPBB3-10039] - 2.x to 3.x conversion fails when using mssqlnative to connect to destination database +
        • +
      • [PHPBB3-10042] - GD captcha has invalid mt_rand calls +
        • +
      • [PHPBB3-10047] - Session ID always included in URL on posting.php +
        • +
      • [PHPBB3-10049] - Session test files are misnamed, session tests are not run +
        • +
      • [PHPBB3-10052] - Session tests are broken +
        • +
      • [PHPBB3-10056] - Firebird misspelled in database updater +
        • +
      • [PHPBB3-10058] - Root path is undefined in MySQL upgrader +
        • +
      • [PHPBB3-10059] - Consistent is misspelled twice +
        • +
      • [PHPBB3-10060] - Typo in tests database connection manager +
        • +
      • [PHPBB3-10068] - Firefox4 restrictions to :visited +
        • +
      • [PHPBB3-10078] - commit-msg hook prints \n on freebsd +
        • +
      • [PHPBB3-10081] - Cleanup Template Tests +
        • +
      • [PHPBB3-10084] - Add smilie errors out when image is missing +
        • +
      • [PHPBB3-10088] - Cache mock does not unset database versions other than mysqli +
        • +
      • [PHPBB3-10090] - cache/queue.php.lock isn't covered by .gitignore +
        • +
      • [PHPBB3-10092] - commit-msg hook aborts on overlength comment lines +
        • +
      • [PHPBB3-10096] - Wrong whitespace in functions.php +
        • +
      • [PHPBB3-10100] - Race condition in unique_id() on heavily busy database. +
        • +
      • [PHPBB3-10102] - member.S_PENDING_SET in styles/prosilver/template/ucp_groups_manage.html +
        • +
      • [PHPBB3-10104] - missing one intval() along with others already being there +
        • +
      • [PHPBB3-10109] - Errors while copying a topic +
        • +
      • [PHPBB3-10112] - Use of count() in captcha_gd.php and mssqlnative.php +
        • +
      • [PHPBB3-10115] - BBcodes not working if post contains about or more 55000 non-english symbols +
        • +
      • [PHPBB3-10117] - Big posts becomes empty if they have smilies on specified places. +
        • +
      • [PHPBB3-10121] - ICQ profile link leads to a webservice that is no longer active +
        • +
      • [PHPBB3-10123] - Inconsistent use of smilie/smiley +
        • +
      • [PHPBB3-10128] - Error message is on green background when trying to ban a nonexistent user +
        • +
      • [PHPBB3-10137] - Deleting an unintended space at the end of PHP_URL_FOPEN_SUPPORT_EXPLAIN +
        • +
      • [PHPBB3-10146] - Firebird cannot handle DECIMAL(255, 0) +
        • +
      • [PHPBB3-10147] - Typo in code comment in functions_template.php +
        • +
      • [PHPBB3-10149] - deregister_globals causes error when cookie called GLOBALS is set to scalar value +
        • +
      • [PHPBB3-10170] - reCAPTCHA address has changed +
        • +
      • [PHPBB3-10171] - Firefox4 displays grey pixels at PM message rows when message is neither marked nor replied +
        • +
      • [PHPBB3-10177] - phpBB package cannot be built with bsdtar +
        • +
      • [PHPBB3-10178] - build.xml does not specify path to find - breaks on FreeBSD +
        • +
      • [PHPBB3-10188] - Broken compressed output when errors/warnings are handled by phpbb and output_buffering is set to 4096 and phpbb gzip is enabled +
        • +
      • [PHPBB3-10191] - Duplicate output when output_handler is set in php.ini +
        • +
      • [PHPBB3-10192] - Missing semicolon in MySQL Upgrader +
        • +
      • [PHPBB3-10195] - Do not check DNS Blacklists if IPv6 address is passed to session::check_dnsbl(). +
        • +
      • [PHPBB3-10198] - Function validate_config_vars() improperly validates multibyte strings +
        • +
      • [PHPBB3-10203] - Fix quotations and hyphen in language strings for PHPBB3-10067 +
        • +
      • [PHPBB3-10204] - Package build tool does not detect binary file changes +
        • +
      • [PHPBB3-10206] - Normalization tests fail when unicode.org is not reachable +
        • +
      • [PHPBB3-10211] - Missing space on the recent PHPBB3-9992 changes +
        • +
      • [PHPBB3-10213] - IP limit index name too long on Oracle +
        • +
      • [PHPBB3-10214] - Cannot configure Q&A on Oracle +
        • +
      • [PHPBB3-10218] - STRIP is not defined in style.php causing a notice to be thrown +
        • +
      • [PHPBB3-10219] - Inappropriate character in web.config file +
        • +
      • [PHPBB3-10220] - Logging in with Mobile Device triggers SQL error on *_login_attempts. +
        • +
      • [PHPBB3-10221] - Inconsistent usage of "Seconds" in ACP Settings +
        • +
      • [PHPBB3-7729] - Prevent date/time functions from throwing E_WARNING on PHP 5.3 by setting a default timezone +
        • +
      • [PHPBB3-10188] - Broken compressed output when errors/warnings are handled by phpbb and output_buffering is set to 4096 and phpbb gzip is enabled +
        • +
      • [PHPBB3-10223] - Updater references startup.php from board path +
        • +
      • [PHPBB3-10228] - Typo in 3.0.9-RC1 user registration settings +
        • +
      • [PHPBB3-10229] - On languge/acp/styles.php "%s" should be "%s" +
        • +
      • [PHPBB3-10232] - Search within topic/forum searches all posts +
        • +
      • [PHPBB3-10233] - IE Emulation fix breaks posting layout when PMing +
        • +
      • [PHPBB3-10234] - msg_handler() reports E_WARNING as "PHP Notice: " +
        • +
      • [PHPBB3-10247] - mediumint(8) too small for phpbb_login_attempts.attempt_id +
        • +
      • [PHPBB3-10250] - phpBB Logo needs the Registered Trademark Symbol +
        • +
      + +

      Improvement +

      +
        +
      • [PHPBB3-9581] - Banned users get mass emails. +
        • +
      • [PHPBB3-9802] - Optimize session_begin REMOTE_ADDR validation +
        • +
      • [PHPBB3-9878] - Get rid of Internet Explorer 7 emulation +
        • +
      • [PHPBB3-9897] - Language typos in language/en/acp/board.php +
        • +
      • [PHPBB3-9922] - Posting URL in subsilver 2 +
        • +
      • [PHPBB3-9937] - Feed Icon displays on Forum links +
        • +
      • [PHPBB3-9980] - URLs to javascript should be T_SUPER_TEMPLATE_PATH instead of T_TEMPLATE_PATH +
        • +
      • [PHPBB3-9989] - Skip PM popup in overall_header.html, if there are no new PMs. +
        • +
      • [PHPBB3-10007] - Add directive 'internal' to blocked folders in nginx example configuration. +
        • +
      • [PHPBB3-10009] - Differentiate published/updated dates in Atom feed +
        • +
      • [PHPBB3-10014] - Make the error message when cache is not writable clearer +
        • +
      • [PHPBB3-10024] - Allow a Style to present Unread PM in different way than read PM +
        • +
      • [PHPBB3-10040] - Continuous integration on PHP 5.2 +
        • +
      • [PHPBB3-10041] - download/file.php needs more use of send_status_line +
        • +
      • [PHPBB3-10044] - Setup github network improvements +
        • +
      • [PHPBB3-10057] - More informative reporting of errors when database connection fails for Firebird and PostgreSQL. +
        • +
      • [PHPBB3-10067] - ACP options for account activation are confusing when emails are turned off board-wide +
        • +
      • [PHPBB3-10069] - Improvements in sample nginx config file +
        • +
      • [PHPBB3-10072] - Send the post number to the template as it relates to it's position in the topic +
        • +
      • [PHPBB3-10101] - Compatibility with native phpass hashes +
        • +
      • [PHPBB3-10126] - Replace ^ with &~ in error_reporting calls +
        • +
      • [PHPBB3-10141] - Performance improvement for $auth->_fill_acl() +
        • +
      • [PHPBB3-10145] - Ability to force recompilation of all templates on every page load +
        • +
      • [PHPBB3-10154] - Move "copy permissions from" to below "parent" in forum creation form +
        • +
      • [PHPBB3-10158] - Return link not really useful after sending a Private Message +
        • +
      • [PHPBB3-10186] - UCP signature panel displays when not authed for signatures +
        • +
      + +

      New Feature +

      + + +

      Task +

      +
        +
      • [PHPBB3-9788] - Add README for GitHub +
        • +
      • [PHPBB3-9805] - Add a script for setting up git remotes for a github network +
        • +
      • [PHPBB3-9806] - Script for easy merging +
        • +
      • [PHPBB3-9824] - Git hook quirks +
        • +
      • [PHPBB3-9859] - Remove the years from visible copyright in the footer. +
        • +
      • [PHPBB3-9921] - Add sample configuration for lighttpd webserver +
        • +
      • [PHPBB3-9943] - Setup phpDocumentor API documentation generation +
        • +
      • [PHPBB3-9967] - Use phpunit.xml for test suite +
        • +
      • [PHPBB3-9987] - Enforce _test.php suffix for test files +
        • +
      • [PHPBB3-9990] - Integrate utf normalizer tests into test suite +
        • +
      • [PHPBB3-10043] - Refactor phpbb_database_test_case +
        • +
      • [PHPBB3-10046] - Getting rid of register_shutdown_function() in cron.php to prevent path disclosure (reported by lacton) +
        • +
      • [PHPBB3-10075] - Update docs/AUTHORS for 3.0.9-RC1 release +
        • +
      • [PHPBB3-10079] - Add gallery avatars to .gitignore. +
        • +
      • [PHPBB3-10082] - Fix Session Test Issues with CHAR vs. VARCHAR. +
        • +
      • [PHPBB3-10105] - Update AIM express link and "Download Application" links +
        • +
      • [PHPBB3-10107] - Improve docs for non-apache webserver configuration +
        • +
      + +

      Sub-task +

      +
        +
      • [PHPBB3-9732] - Cover session code extensively in tests +
        • +
      • [PHPBB3-9968] - Create unit test for word censor regular expression +
        • +
      • [PHPBB3-9969] - Move word censor regular expression creation into separate function definition in functions.php +
        • +
      + + +

      1.ii. Changes since 3.0.7-PL1

      Security

        @@ -547,13 +916,13 @@
      -

      1.ii. Changes since 3.0.7

      +

      1.iii. Changes since 3.0.7

      • [Sec] Do not expose forum content of forums with ACL entries but no actual permission in ATOM Feeds. (Bug #58595)
      -

      1.iii. Changes since 3.0.6

      +

      1.iv. Changes since 3.0.6

      • [Fix] Allow ban reason and length to be selected and copied in ACP and subsilver2 MCP. (Bug #51095)
        • @@ -657,7 +1026,7 @@
      -

      1.iv. Changes since 3.0.5

      +

      1.v. Changes since 3.0.5

      • [Fix] Allow whitespaces in avatar gallery names. (Bug #44955)
        • @@ -879,7 +1248,7 @@
      • [Feature] Send anonymous statistical information to phpBB on installation and update (optional).
      -

      1.v. Changes since 3.0.4

      +

      1.vi. Changes since 3.0.4

      • [Fix] Delete user entry from ban list table upon user deletion (Bug #40015 - Patch by TerraFrost)
        • @@ -968,7 +1337,7 @@
      • [Sec] Only use forum id supplied for posting if global announcement detected. (Reported by nickvergessen)
      -

      1.vi. Changes since 3.0.3

      +

      1.vii. Changes since 3.0.3

      • [Fix] Allow mixed-case template directories to be inherited (Bug #36725)
        • @@ -1000,7 +1369,7 @@
      • [Sec] Ask for forum password if post within passworded forum quoted in private message. (Reported by nickvergessen)
      -

      1.vii. Changes since 3.0.2

      +

      1.viii. Changes since 3.0.2

      • [Fix] Correctly set topic starter if first post in topic removed (Bug #30575 - Patch by blueray2048)
        • @@ -1099,7 +1468,7 @@
      • [Sec Precaution] Stricter validation of the HTTP_HOST header (Thanks to Techie-Micheal et al for pointing out possible issues in derived code)
      -

      1.viii. Changes since 3.0.1

      +

      1.ix. Changes since 3.0.1

      • [Fix] Ability to set permissions on non-mysql dbms (Bug #24955)
        • @@ -1147,7 +1516,7 @@
      • [Sec] Only allow urls gone through redirect() being used within login_box(). (thanks nookieman)
      -

      1.ix Changes since 3.0.0

      +

      1.x Changes since 3.0.0

      • [Change] Validate birthdays (Bug #15004)
        • @@ -1218,7 +1587,7 @@
      • [Fix] Find and display colliding usernames correctly when converting from one database to another (Bug #23925)
      -

      1.x. Changes since 3.0.RC8

      +

      1.xi. Changes since 3.0.RC8

      • [Fix] Cleaned usernames contain only single spaces, so "a_name" and "a__name" are treated as the same name (Bug #15634)
        • @@ -1227,7 +1596,7 @@
      • [Fix] Call garbage_collection() within database updater to correctly close connections (affects Oracle for example)
      -

      1.xi. Changes since 3.0.RC7

      +

      1.xii. Changes since 3.0.RC7

      • [Fix] Fixed MSSQL related bug in the update system
        • @@ -1262,7 +1631,7 @@
      • [Fix] No duplication of active topics (Bug #15474)
      -

      1.xii. Changes since 3.0.RC6

      +

      1.xiii. Changes since 3.0.RC6

      • [Fix] Submitting language changes using acp_language (Bug #14736)
        • @@ -1272,7 +1641,7 @@
      • [Fix] Able to request new password (Bug #14743)
      -

      1.xiii. Changes since 3.0.RC5

      +

      1.xiv. Changes since 3.0.RC5

      • [Feature] Removing constant PHPBB_EMBEDDED in favor of using an exit_handler(); the constant was meant to achive this more or less.
        • @@ -1335,7 +1704,7 @@
      • [Sec] New password hashing mechanism for storing passwords (#i42)
      -

      1.xiv. Changes since 3.0.RC4

      +

      1.xv. Changes since 3.0.RC4

      • [Fix] MySQL, PostgreSQL and SQLite related database fixes (Bug #13862)
        • @@ -1386,7 +1755,7 @@
      • [Fix] odbc_autocommit causing existing result sets to be dropped (Bug #14182)
      -

      1.xv. Changes since 3.0.RC3

      +

      1.xvi. Changes since 3.0.RC3

      • [Fix] Fixing some subsilver2 and prosilver style issues
        • @@ -1495,7 +1864,7 @@
      -

      1.xvi. Changes since 3.0.RC2

      +

      1.xvii. Changes since 3.0.RC2

      • [Fix] Re-allow searching within the memberlist
        • @@ -1541,7 +1910,7 @@
      -

      1.xvii. Changes since 3.0.RC1

      +

      1.xviii. Changes since 3.0.RC1

      • [Fix] (X)HTML issues within the templates (Bug #11255, #11255)
        • @@ -1676,7 +2045,7 @@
        -

        This application is opensource software released under the GPL. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) 2000, 2002, 2005, 2007 phpBB Group, All Rights Reserved.

        +

        This application is opensource software released under the GPL. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) phpBB Group, All Rights Reserved.

        diff --git a/phpBB/docs/FAQ.html b/phpBB/docs/FAQ.html index f91d4bc223..83d7a342e0 100644 --- a/phpBB/docs/FAQ.html +++ b/phpBB/docs/FAQ.html @@ -8,7 +8,7 @@ - + phpBB3 • FAQ @@ -328,7 +328,7 @@ I want to sue you because i think you host an illegal board!
        -

        This application is opensource software released under the GPL. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) 2000, 2002, 2005, 2007 phpBB Group, All Rights Reserved.

        +

        This application is opensource software released under the GPL. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) phpBB Group, All Rights Reserved.

        diff --git a/phpBB/docs/INSTALL.html b/phpBB/docs/INSTALL.html index 5857163759..3c3ccf9f28 100644 --- a/phpBB/docs/INSTALL.html +++ b/phpBB/docs/INSTALL.html @@ -8,7 +8,7 @@ - + phpBB3 • Install @@ -79,6 +79,7 @@
      • Important (security related) post-Install tasks for all installation methods
        1. Uploadable avatars
          2. +
        2. Webserver configuration
      • Disclaimer
        • @@ -273,7 +274,7 @@

        This package is meant for those wanting to only replace changed files from a previous version to the latest version. This package normally contains the changed files from up to five previous versions.

        -

        This package contains a number of archives, each contains the files changed from a given release to the latest version. You should select the appropriate archive for your current version, e.g. if you currently have 3.0.7-PL1 you should select the phpBB-3.0.7-PL1_to_3.0.8.zip/tar.gz file.

        +

        This package contains a number of archives, each contains the files changed from a given release to the latest version. You should select the appropriate archive for your current version, e.g. if you currently have 3.0.8 you should select the phpBB-3.0.8_to_3.0.9.zip/tar.gz file.

        The directory structure has been preserved enabling you (if you wish) to simply upload the contents of the archive to the appropriate location on your server, i.e. simply overwrite the existing files with the new versions. Do not forget that if you have installed any MODs these files will overwrite the originals possibly destroying them in the process. You will need to re-add MODs to any affected file before uploading.

        @@ -285,7 +286,7 @@

        The patch file is one solution for those with many Modifications (MODs) or other changes who do not want to re-add them back to all the changed files if they use the method explained above. To use this you will need command line access to a standard UNIX type patch application. If you do not have access to such an application but still want to use this update approach, we strongly recommend the Automatic update package explained below. It is also the recommended update method.

        -

        A number of patch files are provided to allow you to update from previous stable releases. Select the correct patch, e.g. if your current version is 3.0.5 you need the phpBB-3.0.7-PL1_to_3.0.8.patch file. Place the correct patch in the parent directory containing the phpBB3 core files (i.e. index.php, viewforum.php, etc.). With this done you should run the following command: patch -cl -d [PHPBB DIRECTORY] -p1 < [PATCH NAME] (where PHPBB DIRECTORY is the directory name your phpBB Installation resides in, for example phpBB3, and where PATCH NAME is the relevant filename of the selected patch file). This should complete quickly, hopefully without any HUNK FAILED comments.

        +

        A number of patch files are provided to allow you to update from previous stable releases. Select the correct patch, e.g. if your current version is 3.0.8 you need the phpBB-3.0.8_to_3.0.9.patch file. Place the correct patch in the parent directory containing the phpBB3 core files (i.e. index.php, viewforum.php, etc.). With this done you should run the following command: patch -cl -d [PHPBB DIRECTORY] -p1 < [PATCH NAME] (where PHPBB DIRECTORY is the directory name your phpBB Installation resides in, for example phpBB3, and where PATCH NAME is the relevant filename of the selected patch file). This should complete quickly, hopefully without any HUNK FAILED comments.

        If you do get failures you should look at using the Changed files only package to replace the files which failed to patch, please note that you will need to manually re-add any Modifications (MODs) to these particular files. Alternatively if you know how you can examine the .rej files to determine what failed where and make manual adjustments to the relevant source.

        @@ -408,6 +409,12 @@

        Please be aware that setting a directories permissions to global write access is a potential security issue. While it is unlikely that anything nasty will occur (such as all the avatars being deleted) there are always people out there to cause trouble. Therefore you should monitor this directory and if possible make regular backups.

        +

        6.ii. Webserver configuration

        + +

        Depending on your web server you may have to configure your server to deny web access to the cache/, files/, store/ and other directories. This is to prevent users from accessing sensitive files.

        + +

        For apache there are .htaccess files already in place to do this for you. For other webservers you will have to adjust the configuration yourself. Sample files for nginx and lighttpd to help you get started may be found in docs directory.

        +
      Back to Top
      @@ -424,7 +431,7 @@
      -

      This application is opensource software released under the GPL. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) 2000, 2002, 2005, 2007 phpBB Group, All Rights Reserved.

      +

      This application is opensource software released under the GPL. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) phpBB Group, All Rights Reserved.

      diff --git a/phpBB/docs/README.html b/phpBB/docs/README.html index bb88fdc01f..7a0a42b34f 100644 --- a/phpBB/docs/README.html +++ b/phpBB/docs/README.html @@ -8,7 +8,7 @@ - + phpBB3 • Readme @@ -339,7 +339,7 @@
      -

      This application is opensource software released under the GPL. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) 2000, 2002, 2005, 2007 phpBB Group, All Rights Reserved.

      +

      This application is opensource software released under the GPL. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) phpBB Group, All Rights Reserved.

      diff --git a/phpBB/docs/auth_api.html b/phpBB/docs/auth_api.html index 8973582bdb..88618fa640 100644 --- a/phpBB/docs/auth_api.html +++ b/phpBB/docs/auth_api.html @@ -8,7 +8,7 @@ - + phpBB3 • Auth API @@ -275,7 +275,7 @@ $auth_admin = new auth_admin();
      -

      This application is opensource software released under the GPL. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) 2000, 2002, 2005, 2007 phpBB Group, All Rights Reserved.

      +

      This application is opensource software released under the GPL. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) phpBB Group, All Rights Reserved.

      diff --git a/phpBB/docs/coding-guidelines.html b/phpBB/docs/coding-guidelines.html index 5a73554741..cd3c09f6fb 100644 --- a/phpBB/docs/coding-guidelines.html +++ b/phpBB/docs/coding-guidelines.html @@ -8,7 +8,7 @@ - + phpBB3 • Coding Guidelines @@ -240,6 +240,11 @@ PHPBB_ACM_MEMCACHE_PORT (overwrite memcached port, default is 11211) PHPBB_ACM_MEMCACHE_COMPRESS (overwrite memcached compress setting, default is disabled) PHPBB_ACM_MEMCACHE_HOST (overwrite memcached host name, default is localhost) +PHPBB_ACM_REDIS_HOST (overwrite redis host name, default is localhost) +PHPBB_ACM_REDIS_PORT (overwrite redis port, default is 6379) +PHPBB_ACM_REDIS_PASSWORD (overwrite redis password, default is empty) +PHPBB_ACM_REDIS_DB (overwrite redis default database) + PHPBB_QA (Set board to QA-Mode, which means the updater also checks for RC-releases) @@ -1018,7 +1023,7 @@ append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group&amp;

      General function usage:

      -

      Some of these functions are only chosen over others because of personal preference and having no other benefit than to be consistant over the code.

      +

      Some of these functions are only chosen over others because of personal preference and having no other benefit than to be consistent over the code.

      • @@ -2369,7 +2374,7 @@ if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
        -

        This application is opensource software released under the GPL. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) 2000, 2002, 2005, 2007 phpBB Group, All Rights Reserved.

        +

        This application is opensource software released under the GPL. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) phpBB Group, All Rights Reserved.

        diff --git a/phpBB/docs/hook_system.html b/phpBB/docs/hook_system.html index 1bf4630a9f..a5fad0d530 100644 --- a/phpBB/docs/hook_system.html +++ b/phpBB/docs/hook_system.html @@ -8,7 +8,7 @@ - + phpBB3 • Hook System @@ -380,6 +380,8 @@ a:active { color: #368AD2; } $template->display($handle, $include_once = true); which is called directly before outputting the (not-yet-compiled) template.
        exit_handler(); which is called at the very end of phpBB3's execution.

        +

        Please note: The $template->display hook takes a third $template argument, which is the template instance being used, which should be used instead of the global.

        +

        There are also valid external constants you may want to use if you embed phpBB3 into your application:

        @@ -865,7 +867,7 @@ function phpbb_hook_register(&$hook)
 
 		
        
 
-	
        This application is opensource software released under the GPL. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) 2000, 2002, 2005, 2007 phpBB Group, All Rights Reserved.
        
+	
        This application is opensource software released under the GPL. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) phpBB Group, All Rights Reserved.
        
 
 		
        
 
diff --git a/phpBB/docs/lighttpd.sample.conf b/phpBB/docs/lighttpd.sample.conf
new file mode 100644
index 0000000000..5873d1c945
--- /dev/null
+++ b/phpBB/docs/lighttpd.sample.conf
@@ -0,0 +1,60 @@
+# Sample lighttpd configuration file for phpBB.
+# Global settings have been removed, copy them
+# from your system's lighttpd.conf.
+# Tested with lighttpd 1.4.26
+
+# Load moules
+server.modules += ( 
+	"mod_access",
+	"mod_fastcgi",
+	"mod_accesslog"
+)
+
+# If you have domains with and without www prefix,
+# redirect one to the other.
+$HTTP["host"] =~ "^(myforums\.com)$" {
+	url.redirect = (
+		".*"	=> "http://www.%1$0"
+	)
+}
+
+$HTTP["host"] == "www.myforums.com" {
+	server.name				= "www.myforums.com"
+	server.document-root	= "/path/to/phpbb"
+	server.dir-listing		= "disable"
+	
+	index-file.names		= ( "index.php", "index.htm", "index.html" )
+	accesslog.filename		= "/var/log/lighttpd/access-www.myforums.com.log"
+	
+	# Deny access to internal phpbb files.	
+	$HTTP["url"] =~ "^/(config\.php|common\.php|includes|cache|files|store|images/avatars/upload)" {
+		url.access-deny = ( "" )
+	}
+
+	# Deny access to version control system directories.
+	$HTTP["url"] =~ "/\.svn|/\.git" {
+		url.access-deny = ( "" )
+	}
+	
+	# Deny access to apache configuration files.
+	$HTTP["url"] =~ "/\.htaccess|/\.htpasswd|/\.htgroups" {
+		url.access-deny = ( "" )
+	}
+
+	fastcgi.server = ( ".php" => 
+		((
+			"bin-path" => "/usr/bin/php-cgi",
+			"socket" => "/tmp/php.socket",
+			"max-procs" => 4,
+			"idle-timeout" => 30,
+			"bin-environment" => ( 
+				"PHP_FCGI_CHILDREN" => "10",
+				"PHP_FCGI_MAX_REQUESTS" => "10000"
+			),
+			"bin-copy-environment" => (
+				"PATH", "SHELL", "USER"
+			),
+			"broken-scriptfilename" => "enable"
+		))
+	)
+}
diff --git a/phpBB/docs/nginx.conf.sample b/phpBB/docs/nginx.sample.conf
similarity index 65%
rename from phpBB/docs/nginx.conf.sample
rename to phpBB/docs/nginx.sample.conf
index a22a126ff4..40b6ee76da 100644
--- a/phpBB/docs/nginx.conf.sample
+++ b/phpBB/docs/nginx.sample.conf
@@ -10,14 +10,23 @@ http {
     gzip_vary on;
     gzip_http_version 1.1;
     gzip_min_length 700;
+    
+    # Compression levels over 6 do not give an appreciable improvement
+    # in compression ratio, but take more resources.
     gzip_comp_level 6;
-    gzip_disable "MSIE [1-6]\.";
+    
+    # IE 6 and lower do not support gzip with Vary correctly.
+    gzip_disable "msie6";
+    # Before nginx 0.7.63:
+    #gzip_disable "MSIE [1-6]\.";
 
     # Catch-all server for requests to invalid hosts.
     # Also catches vulnerability scanners probing IP addresses.
-    # Should be first.
     server {
-        listen 80;
+        # default specifies that this block is to be used when
+        # no other block matches.
+        listen 80 default;
+
         server_name bogus;
         return 444;
         root /var/empty;
@@ -26,14 +35,20 @@ http {
     # If you have domains with and without www prefix,
     # redirect one to the other.
     server {
-        listen 80;
+        # Default port is 80.
+        #listen 80;
+
         server_name myforums.com;
-        rewrite ^(.*)$ http://www.myforums.com$1 permanent;
+
+        # A trick from http://wiki.nginx.org/Pitfalls#Taxing_Rewrites:
+        rewrite ^ http://www.myforums.com$request_uri permanent;
+        # Equivalent to:
+        #rewrite ^(.*)$ http://www.myforums.com$1 permanent;
     }
 
     # The actual board domain.
     server {
-        listen 80;
+        #listen 80;
         server_name www.myforums.com;
 
         root /path/to/phpbb;
@@ -46,6 +61,9 @@ http {
         # Deny access to internal phpbb files.
         location ~ /(config\.php|common\.php|includes|cache|files|store|images/avatars/upload) {
             deny all;
+            # deny was ignored before 0.8.40 for connections over IPv6.
+            # Use internal directive to prohibit access on older versions.
+            internal;
         }
 
         # Pass the php scripts to fastcgi server specified in upstream declaration.
@@ -60,6 +78,7 @@ http {
         # Deny access to version control system directories.
         location ~ /\.svn|/\.git {
             deny all;
+            internal;
         }
     }
 
diff --git a/phpBB/download/file.php b/phpBB/download/file.php
index 5f45b88359..c17f0cf018 100644
--- a/phpBB/download/file.php
+++ b/phpBB/download/file.php
@@ -31,12 +31,7 @@ else if (isset($_SERVER['HTTP_USER_AGENT']) && strpos($_SERVER['HTTP_USER_AGENT'
 
 if (isset($_GET['avatar']))
 {
-	if (!defined('E_DEPRECATED'))
-	{
-		define('E_DEPRECATED', 8192);
-	}
-	error_reporting(E_ALL ^ E_NOTICE ^ E_DEPRECATED);
-
+	require($phpbb_root_path . 'includes/startup.' . $phpEx);
 	require($phpbb_root_path . 'config.' . $phpEx);
 
 	if (!defined('PHPBB_INSTALLED') || empty($dbms) || empty($acm_type))
@@ -64,7 +59,7 @@ if (isset($_GET['avatar']))
 	$browser = (!empty($_SERVER['HTTP_USER_AGENT'])) ? htmlspecialchars((string) $_SERVER['HTTP_USER_AGENT']) : 'msie 6.0';
 
 	$config = $cache->obtain_config();
-	$filename = $_GET['avatar'];
+	$filename = request_var('avatar', '');
 	$avatar_group = false;
 	$exit = false;
 
@@ -125,11 +120,13 @@ $user->setup('viewtopic');
 
 if (!$download_id)
 {
+	send_status_line(404, 'Not Found');
 	trigger_error('NO_ATTACHMENT_SELECTED');
 }
 
 if (!$config['allow_attachments'] && !$config['allow_pm_attach'])
 {
+	send_status_line(404, 'Not Found');
 	trigger_error('ATTACHMENT_FUNCTIONALITY_DISABLED');
 }
 
@@ -142,11 +139,13 @@ $db->sql_freeresult($result);
 
 if (!$attachment)
 {
+	send_status_line(404, 'Not Found');
 	trigger_error('ERROR_NO_ATTACHMENT');
 }
 
 if ((!$attachment['in_message'] && !$config['allow_attachments']) || ($attachment['in_message'] && !$config['allow_pm_attach']))
 {
+	send_status_line(404, 'Not Found');
 	trigger_error('ATTACHMENT_FUNCTIONALITY_DISABLED');
 }
 
@@ -159,6 +158,7 @@ if ($attachment['is_orphan'])
 
 	if (!$own_attachment || ($attachment['in_message'] && !$auth->acl_get('u_pm_download')) || (!$attachment['in_message'] && !$auth->acl_get('u_download')))
 	{
+		send_status_line(404, 'Not Found');
 		trigger_error('ERROR_NO_ATTACHMENT');
 	}
 
@@ -191,6 +191,7 @@ else
 		}
 		else
 		{
+			send_status_line(403, 'Forbidden');
 			trigger_error('SORRY_AUTH_VIEW_ATTACH');
 		}
 	}
@@ -231,6 +232,7 @@ else
 	$extensions = array();
 	if (!extension_allowed($row['forum_id'], $attachment['extension'], $extensions))
 	{
+		send_status_line(404, 'Forbidden');
 		trigger_error(sprintf($user->lang['EXTENSION_DISABLED_AFTER_POSTING'], $attachment['extension']));
 	}
 }
@@ -253,6 +255,7 @@ $db->sql_freeresult($result);
 
 if (!$attachment)
 {
+	send_status_line(404, 'Not Found');
 	trigger_error('ERROR_NO_ATTACHMENT');
 }
 
@@ -295,6 +298,7 @@ else
 		// This presenting method should no longer be used
 		if (!@is_dir($phpbb_root_path . $config['upload_path']))
 		{
+			send_status_line(500, 'Internal Server Error');
 			trigger_error($user->lang['PHYSICAL_DOWNLOAD_NOT_POSSIBLE']);
 		}
 
@@ -419,6 +423,7 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 
 	if (!@file_exists($filename))
 	{
+		send_status_line(404, 'Not Found');
 		trigger_error($user->lang['ERROR_NO_ATTACHMENT'] . '

        ' . sprintf($user->lang['FILE_NOT_FOUND_404'], $filename));
 	}
 
@@ -445,9 +450,11 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 		// PHP track_errors setting On?
 		if (!empty($php_errormsg))
 		{
+			send_status_line(500, 'Internal Server Error');
 			trigger_error($user->lang['UNABLE_TO_DELIVER_FILE'] . '
        ' . sprintf($user->lang['TRACKED_PHP_ERROR'], $php_errormsg));
 		}
 
+		send_status_line(500, 'Internal Server Error');
 		trigger_error('UNABLE_TO_DELIVER_FILE');
 	}
 
diff --git a/phpBB/feed.php b/phpBB/feed.php
index c4b71f3a26..d737b8e10c 100644
--- a/phpBB/feed.php
+++ b/phpBB/feed.php
@@ -95,11 +95,13 @@ while ($row = $feed->get_item())
 
 	$title = (isset($row[$feed->get('title')]) && $row[$feed->get('title')] !== '') ? $row[$feed->get('title')] : ((isset($row[$feed->get('title2')])) ? $row[$feed->get('title2')] : '');
 
-	$item_time = (int) $row[$feed->get('date')];
+	$published = ($feed->get('published') !== NULL) ? (int) $row[$feed->get('published')] : 0;
+	$updated = ($feed->get('updated') !== NULL) ? (int) $row[$feed->get('updated')] : 0;
 
 	$item_row = array(
 		'author'		=> ($feed->get('creator') !== NULL) ? $row[$feed->get('creator')] : '',
-		'pubdate'		=> feed_format_date($item_time),
+		'published'		=> ($published > 0) ? feed_format_date($published) : '',
+		'updated'		=> ($updated > 0) ? feed_format_date($updated) : '',
 		'link'			=> '',
 		'title'			=> censor_text($title),
 		'category'		=> ($config['feed_item_statistics'] && !empty($row['forum_id'])) ? $board_url . '/viewforum.' . $phpEx . '?f=' . $row['forum_id'] : '',
@@ -113,7 +115,7 @@ while ($row = $feed->get_item())
 
 	$item_vars[] = $item_row;
 
-	$feed_updated_time = max($feed_updated_time, $item_time);
+	$feed_updated_time = max($feed_updated_time, $published, $updated);
 }
 
 // If we do not have any items at all, sending the current time is better than sending no time.
@@ -192,7 +194,13 @@ foreach ($item_vars as $row)
 		echo '' . "\n";
 	}
 
-	echo '' . $row['pubdate'] . '' . "\n";
+	echo '' . ((!empty($row['updated'])) ? $row['updated'] : $row['published']) . '' . "\n";
+
+	if (!empty($row['published']))
+	{
+		echo '' . $row['published'] . '' . "\n";
+	}
+
 	echo '' . $row['link'] . '' . "\n";
 	echo '' . "\n";
 	echo '<![CDATA[' . $row['title'] . ']]>' . "\n\n";
@@ -675,7 +683,8 @@ class phpbb_feed_post_base extends phpbb_feed_base
 
 		$this->set('author_id',	'user_id');
 		$this->set('creator',	'username');
-		$this->set('date',		'post_time');
+		$this->set('published',	'post_time');
+		$this->set('updated',	'post_edit_time');
 		$this->set('text',		'post_text');
 
 		$this->set('bitfield',	'bbcode_bitfield');
@@ -695,7 +704,7 @@ class phpbb_feed_post_base extends phpbb_feed_base
 		if ($config['feed_item_statistics'])
 		{
 			$item_row['statistics'] = $user->lang['POSTED'] . ' ' . $user->lang['POST_BY_AUTHOR'] . ' ' . $this->user_viewprofile($row)
-				. ' ' . $this->separator_stats . ' ' . $user->format_date($row['post_time'])
+				. ' ' . $this->separator_stats . ' ' . $user->format_date($row[$this->get('published')])
 				. (($this->is_moderator_approve_forum($row['forum_id']) && !$row['post_approved']) ? ' ' . $this->separator_stats . ' ' . $user->lang['POST_UNAPPROVED'] : '');
 		}
 	}
@@ -717,7 +726,8 @@ class phpbb_feed_topic_base extends phpbb_feed_base
 
 		$this->set('author_id',	'topic_poster');
 		$this->set('creator',	'topic_first_poster_name');
-		$this->set('date',		'topic_time');
+		$this->set('published',	'post_time');
+		$this->set('updated',	'post_edit_time');
 		$this->set('text',		'post_text');
 
 		$this->set('bitfield',	'bbcode_bitfield');
@@ -737,7 +747,7 @@ class phpbb_feed_topic_base extends phpbb_feed_base
 		if ($config['feed_item_statistics'])
 		{
 			$item_row['statistics'] = $user->lang['POSTED'] . ' ' . $user->lang['POST_BY_AUTHOR'] . ' ' . $this->user_viewprofile($row)
-				. ' ' . $this->separator_stats . ' ' . $user->format_date($row[$this->get('date')])
+				. ' ' . $this->separator_stats . ' ' . $user->format_date($row[$this->get('published')])
 				. ' ' . $this->separator_stats . ' ' . $user->lang['REPLIES'] . ' ' . (($this->is_moderator_approve_forum($row['forum_id'])) ? $row['topic_replies_real'] : $row['topic_replies'])
 				. ' ' . $this->separator_stats . ' ' . $user->lang['VIEWS'] . ' ' . $row['topic_views']
 				. (($this->is_moderator_approve_forum($row['forum_id']) && ($row['topic_replies_real'] != $row['topic_replies'])) ? ' ' . $this->separator_stats . ' ' . $user->lang['POSTS_UNAPPROVED'] : '');
@@ -800,7 +810,7 @@ class phpbb_feed_overall extends phpbb_feed_post_base
 		// Get the actual data
 		$this->sql = array(
 			'SELECT'	=>	'f.forum_id, f.forum_name, ' .
-							'p.post_id, p.topic_id, p.post_time, p.post_approved, p.post_subject, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url, ' .
+							'p.post_id, p.topic_id, p.post_time, p.post_edit_time, p.post_approved, p.post_subject, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url, ' .
 							'u.username, u.user_id',
 			'FROM'		=> array(
 				USERS_TABLE		=> 'u',
@@ -932,7 +942,7 @@ class phpbb_feed_forum extends phpbb_feed_post_base
 		}
 
 		$this->sql = array(
-			'SELECT'	=>	'p.post_id, p.topic_id, p.post_time, p.post_approved, p.post_subject, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url, ' .
+			'SELECT'	=>	'p.post_id, p.topic_id, p.post_time, p.post_edit_time, p.post_approved, p.post_subject, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url, ' .
 							'u.username, u.user_id',
 			'FROM'		=> array(
 				POSTS_TABLE		=> 'p',
@@ -1097,7 +1107,7 @@ class phpbb_feed_topic extends phpbb_feed_post_base
 		global $auth, $db;
 
 		$this->sql = array(
-			'SELECT'	=>	'p.post_id, p.post_time, p.post_approved, p.post_subject, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url, ' .
+			'SELECT'	=>	'p.post_id, p.post_time, p.post_edit_time, p.post_approved, p.post_subject, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url, ' .
 							'u.username, u.user_id',
 			'FROM'		=> array(
 				POSTS_TABLE		=> 'p',
@@ -1136,7 +1146,7 @@ class phpbb_feed_forums extends phpbb_feed_base
 		$this->set('text',		'forum_desc');
 		$this->set('bitfield',	'forum_desc_bitfield');
 		$this->set('bbcode_uid','forum_desc_uid');
-		$this->set('date',		'forum_last_post_time');
+		$this->set('updated',	'forum_last_post_time');
 		$this->set('options',	'forum_desc_options');
 	}
 
@@ -1261,8 +1271,8 @@ class phpbb_feed_news extends phpbb_feed_topic_base
 
 		$this->sql = array(
 			'SELECT'	=> 'f.forum_id, f.forum_name,
-							t.topic_id, t.topic_title, t.topic_poster, t.topic_first_poster_name, t.topic_replies, t.topic_replies_real, t.topic_views, t.topic_time,
-							p.post_id, p.post_time, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url',
+							t.topic_id, t.topic_title, t.topic_poster, t.topic_first_poster_name, t.topic_replies, t.topic_replies_real, t.topic_views, t.topic_time, t.topic_last_post_time,
+							p.post_id, p.post_time, p.post_edit_time, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url',
 			'FROM'		=> array(
 				TOPICS_TABLE	=> 't',
 				POSTS_TABLE		=> 'p',
@@ -1334,8 +1344,8 @@ class phpbb_feed_topics extends phpbb_feed_topic_base
 
 		$this->sql = array(
 			'SELECT'	=> 'f.forum_id, f.forum_name,
-							t.topic_id, t.topic_title, t.topic_poster, t.topic_first_poster_name, t.topic_replies, t.topic_replies_real, t.topic_views, t.topic_time,
-							p.post_id, p.post_time, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url',
+							t.topic_id, t.topic_title, t.topic_poster, t.topic_first_poster_name, t.topic_replies, t.topic_replies_real, t.topic_views, t.topic_time, t.topic_last_post_time,
+							p.post_id, p.post_time, p.post_edit_time, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url',
 			'FROM'		=> array(
 				TOPICS_TABLE	=> 't',
 				POSTS_TABLE		=> 'p',
@@ -1381,8 +1391,6 @@ class phpbb_feed_topics_active extends phpbb_feed_topic_base
 
 		$this->set('author_id',	'topic_last_poster_id');
 		$this->set('creator',	'topic_last_poster_name');
-		$this->set('date',		'topic_last_post_time');
-		$this->set('text',		'post_text');
 	}
 
 	function get_sql()
@@ -1434,7 +1442,7 @@ class phpbb_feed_topics_active extends phpbb_feed_topic_base
 			'SELECT'	=> 'f.forum_id, f.forum_name,
 							t.topic_id, t.topic_title, t.topic_replies, t.topic_replies_real, t.topic_views,
 							t.topic_last_poster_id, t.topic_last_poster_name, t.topic_last_post_time,
-							p.post_id, p.post_time, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url',
+							p.post_id, p.post_time, p.post_edit_time, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url',
 			'FROM'		=> array(
 				TOPICS_TABLE	=> 't',
 				POSTS_TABLE		=> 'p',
diff --git a/phpBB/includes/acm/acm_file.php b/phpBB/includes/acm/acm_file.php
index 5c1876d006..524a28561e 100644
--- a/phpBB/includes/acm/acm_file.php
+++ b/phpBB/includes/acm/acm_file.php
@@ -88,11 +88,11 @@ class acm
 			if (!phpbb_is_writable($this->cache_dir))
 			{
 				// We need to use die() here, because else we may encounter an infinite loop (the message handler calls $cache->unload())
-				die($this->cache_dir . ' is NOT writable.');
+				die('Fatal: ' . $this->cache_dir . ' is NOT writable.');
 				exit;
 			}
 
-			die('Not able to open ' . $this->cache_dir . 'data_global.' . $phpEx);
+			die('Fatal: Not able to open ' . $this->cache_dir . 'data_global.' . $phpEx);
 			exit;
 		}
 
diff --git a/phpBB/includes/acm/acm_redis.php b/phpBB/includes/acm/acm_redis.php
new file mode 100644
index 0000000000..41533eaacb
--- /dev/null
+++ b/phpBB/includes/acm/acm_redis.php
@@ -0,0 +1,145 @@
+redis = new Redis();
+		$this->redis->connect(PHPBB_ACM_REDIS_HOST, PHPBB_ACM_REDIS_PORT);
+
+		if (defined('PHPBB_ACM_REDIS_PASSWORD'))
+		{
+			if (!$this->redis->auth(PHPBB_ACM_REDIS_PASSWORD))
+			{
+				global $acm_type;
+
+				trigger_error("Incorrect password for the ACM module $acm_type.", E_USER_ERROR);
+			}
+		}
+
+		$this->redis->setOption(Redis::OPT_SERIALIZER, Redis::SERIALIZER_PHP);
+		$this->redis->setOption(Redis::OPT_PREFIX, $this->key_prefix);
+
+		if (defined('PHPBB_ACM_REDIS_DB'))
+		{
+			if (!$this->redis->select(PHPBB_ACM_REDIS_DB))
+			{
+				global $acm_type;
+
+				trigger_error("Incorrect database for the ACM module $acm_type.", E_USER_ERROR);
+			}
+		}
+	}
+
+	/**
+	* Unload the cache resources
+	*
+	* @return void
+	*/
+	function unload()
+	{
+		parent::unload();
+
+		$this->redis->close();
+	}
+
+	/**
+	* Purge cache data
+	*
+	* @return void
+	*/
+	function purge()
+	{
+		$this->redis->flushDB();
+
+		parent::purge();
+	}
+
+	/**
+	* Fetch an item from the cache
+	*
+	* @access protected
+	* @param string $var Cache key
+	* @return mixed Cached data
+	*/
+	function _read($var)
+	{
+		return $this->redis->get($var);
+	}
+
+	/**
+	* Store data in the cache
+	*
+	* @access protected
+	* @param string $var Cache key
+	* @param mixed $data Data to store
+	* @param int $ttl Time-to-live of cached data
+	* @return bool True if the operation succeeded
+	*/
+	function _write($var, $data, $ttl = 2592000)
+	{
+		return $this->redis->setex($var, $ttl, $data);
+	}
+
+	/**
+	* Remove an item from the cache
+	*
+	* @access protected
+	* @param string $var Cache key
+	* @return bool True if the operation succeeded
+	*/
+	function _delete($var)
+	{
+		if ($this->redis->delete($var) > 0)
+		{
+			return true;
+		}
+		return false;
+	}
+}
diff --git a/phpBB/includes/acm/acm_wincache.php b/phpBB/includes/acm/acm_wincache.php
new file mode 100644
index 0000000000..0501ab74c5
--- /dev/null
+++ b/phpBB/includes/acm/acm_wincache.php
@@ -0,0 +1,84 @@
+key_prefix . $var, $success);
+
+		return ($success) ? $result : false;
+	}
+
+	/**
+	* Store data in the cache
+	*
+	* @access protected
+	* @param string $var Cache key
+	* @param mixed $data Data to store
+	* @param int $ttl Time-to-live of cached data
+	* @return bool True if the operation succeeded
+	*/
+	function _write($var, $data, $ttl = 2592000)
+	{
+		return wincache_ucache_set($this->key_prefix . $var, $data, $ttl);
+	}
+
+	/**
+	* Remove an item from the cache
+	*
+	* @access protected
+	* @param string $var Cache key
+	* @return bool True if the operation succeeded
+	*/
+	function _delete($var)
+	{
+		return wincache_ucache_delete($this->key_prefix . $var);
+	}
+}
diff --git a/phpBB/includes/acp/acp_bbcodes.php b/phpBB/includes/acp/acp_bbcodes.php
index 2b706394c4..0644b38eb1 100644
--- a/phpBB/includes/acp/acp_bbcodes.php
+++ b/phpBB/includes/acp/acp_bbcodes.php
@@ -213,7 +213,7 @@ class acp_bbcodes
 							$bbcode_id = NUM_CORE_BBCODES + 1;
 						}
 
-						if ($bbcode_id > 1511)
+						if ($bbcode_id > BBCODE_LIMIT)
 						{
 							trigger_error($user->lang['TOO_MANY_BBCODES'] . adm_back_link($this->u_action), E_USER_WARNING);
 						}
diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php
index a5e80e1f6d..d8ab42ed2d 100644
--- a/phpBB/includes/acp/acp_board.php
+++ b/phpBB/includes/acp/acp_board.php
@@ -386,6 +386,9 @@ class acp_board
 						'pass_complex'			=> array('lang' => 'PASSWORD_TYPE',			'validate' => 'string',	'type' => 'select', 'method' => 'select_password_chars', 'explain' => true),
 						'chg_passforce'			=> array('lang' => 'FORCE_PASS_CHANGE',		'validate' => 'int:0',	'type' => 'text:3:3', 'explain' => true, 'append' => ' ' . $user->lang['DAYS']),
 						'max_login_attempts'	=> array('lang' => 'MAX_LOGIN_ATTEMPTS',	'validate' => 'int:0',	'type' => 'text:3:3', 'explain' => true),
+						'ip_login_limit_max'	=> array('lang' => 'IP_LOGIN_LIMIT_MAX',	'validate' => 'int:0',	'type' => 'text:3:3', 'explain' => true),
+						'ip_login_limit_time'	=> array('lang' => 'IP_LOGIN_LIMIT_TIME',	'validate' => 'int:0',	'type' => 'text:5:5', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
+						'ip_login_limit_use_forwarded'	=> array('lang' => 'IP_LOGIN_LIMIT_USE_FORWARDED',	'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
 						'tpl_allow_php'			=> array('lang' => 'TPL_ALLOW_PHP',			'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
 						'form_token_lifetime'	=> array('lang' => 'FORM_TIME_MAX',			'validate' => 'int:-1',	'type' => 'text:5:5', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
 						'form_token_sid_guests'	=> array('lang' => 'FORM_SID_GUESTS',		'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
@@ -769,13 +772,20 @@ class acp_board
 	{
 		global $user, $config;
 
-		$radio_ary = array(USER_ACTIVATION_DISABLE => 'ACC_DISABLE', USER_ACTIVATION_NONE => 'ACC_NONE');
+		$radio_ary = array(
+			USER_ACTIVATION_DISABLE => 'ACC_DISABLE',
+			USER_ACTIVATION_NONE => 'ACC_NONE',
+		);
+
 		if ($config['email_enable'])
 		{
-			$radio_ary += array(USER_ACTIVATION_SELF => 'ACC_USER', USER_ACTIVATION_ADMIN => 'ACC_ADMIN');
+			$radio_ary[USER_ACTIVATION_SELF] = 'ACC_USER';
+			$radio_ary[USER_ACTIVATION_ADMIN] = 'ACC_ADMIN';
 		}
 
-		return h_radio('config[require_activation]', $radio_ary, $value, $key);
+		$radio_text = h_radio('config[require_activation]', $radio_ary, $value, 'require_activation', $key, '
        ');
+
+		return $radio_text;
 	}
 
 	/**
diff --git a/phpBB/includes/acp/acp_disallow.php b/phpBB/includes/acp/acp_disallow.php
index 9549955cc8..e2176b7bcd 100644
--- a/phpBB/includes/acp/acp_disallow.php
+++ b/phpBB/includes/acp/acp_disallow.php
@@ -56,6 +56,18 @@ class acp_disallow
 				trigger_error($user->lang['NO_USERNAME_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);
 			}
 
+			$sql = 'SELECT disallow_id
+				FROM ' . DISALLOW_TABLE . "
+				WHERE disallow_username = '" . $db->sql_escape($disallowed_user) . "'";
+			$result = $db->sql_query($sql);
+			$row = $db->sql_fetchrow($result);
+			$db->sql_freeresult($result);
+
+			if ($row)
+			{
+				trigger_error($user->lang['DISALLOWED_ALREADY'] . adm_back_link($this->u_action), E_USER_WARNING);
+			}
+
 			$sql = 'INSERT INTO ' . DISALLOW_TABLE . ' ' . $db->sql_build_array('INSERT', array('disallow_username' => $disallowed_user));
 			$db->sql_query($sql);
 
diff --git a/phpBB/includes/acp/acp_email.php b/phpBB/includes/acp/acp_email.php
index 350693a630..133fe47e09 100644
--- a/phpBB/includes/acp/acp_email.php
+++ b/phpBB/includes/acp/acp_email.php
@@ -82,23 +82,48 @@ class acp_email
 				{
 					if ($group_id)
 					{
-						$sql = 'SELECT u.user_email, u.username, u.username_clean, u.user_lang, u.user_jabber, u.user_notify_type
-							FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . ' ug
-							WHERE ug.group_id = ' . $group_id . '
+						$sql_ary = array(
+							'SELECT'	=> 'u.user_email, u.username, u.username_clean, u.user_lang, u.user_jabber, u.user_notify_type',
+							'FROM'		=> array(
+								USERS_TABLE			=> 'u',
+								USER_GROUP_TABLE	=> 'ug',
+							),
+							'WHERE'		=> 'ug.group_id = ' . $group_id . '
 								AND ug.user_pending = 0
 								AND u.user_id = ug.user_id
 								AND u.user_allow_massemail = 1
-								AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')
-							ORDER BY u.user_lang, u.user_notify_type';
+								AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')',
+							'ORDER_BY'	=> 'u.user_lang, u.user_notify_type',
+						);
 					}
 					else
 					{
-						$sql = 'SELECT username, username_clean, user_email, user_jabber, user_notify_type, user_lang
-							FROM ' . USERS_TABLE . '
-							WHERE user_allow_massemail = 1
-								AND user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')
-							ORDER BY user_lang, user_notify_type';
+						$sql_ary = array(
+							'SELECT'	=> 'u.username, u.username_clean, u.user_email, u.user_jabber, u.user_lang, u.user_notify_type',
+							'FROM'		=> array(
+								USERS_TABLE	=> 'u',
+							),
+							'WHERE'		=> 'u.user_allow_massemail = 1
+								AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')',
+							'ORDER_BY'	=> 'u.user_lang, u.user_notify_type',
+						);
 					}
+
+					// Mail banned or not
+					if (!isset($_REQUEST['mail_banned_flag']))
+					{
+						$sql_ary['WHERE'] .= ' AND (b.ban_id IS NULL
+						        OR b.ban_exclude = 1)';
+						$sql_ary['LEFT_JOIN'] = array(
+							array(
+								'FROM'	=> array(
+									BANLIST_TABLE	=> 'b',
+								),
+								'ON'	=> 'u.user_id = b.ban_userid',
+							),
+						);
+					}
+					$sql = $db->sql_build_query('SELECT', $sql_ary);
 				}
 				$result = $db->sql_query($sql);
 				$row = $db->sql_fetchrow($result);
diff --git a/phpBB/includes/acp/acp_icons.php b/phpBB/includes/acp/acp_icons.php
index 3d64a2acda..24f6cbbcbf 100644
--- a/phpBB/includes/acp/acp_icons.php
+++ b/phpBB/includes/acp/acp_icons.php
@@ -394,6 +394,10 @@ class acp_icons
 					{
 						// skip images where add wasn't checked
 					}
+					else if (!file_exists($phpbb_root_path . $img_path . '/' . $image))
+					{
+						$errors[$image] = 'SMILIE_NO_FILE';
+					}
 					else
 					{
 						if ($image_width[$image] == 0 || $image_height[$image] == 0)
diff --git a/phpBB/includes/acp/acp_language.php b/phpBB/includes/acp/acp_language.php
index c2cb2f9c11..598b390302 100644
--- a/phpBB/includes/acp/acp_language.php
+++ b/phpBB/includes/acp/acp_language.php
@@ -1055,14 +1055,14 @@ class acp_language
 				$iso_src .= htmlspecialchars_decode($row['lang_author']);
 				$compress->add_data($iso_src, 'language/' . $row['lang_iso'] . '/iso.txt');
 
-				// index.html files
-				$compress->add_data('', 'language/' . $row['lang_iso'] . '/index.html');
-				$compress->add_data('', 'language/' . $row['lang_iso'] . '/email/index.html');
-				$compress->add_data('', 'language/' . $row['lang_iso'] . '/acp/index.html');
+				// index.htm files
+				$compress->add_data('', 'language/' . $row['lang_iso'] . '/index.htm');
+				$compress->add_data('', 'language/' . $row['lang_iso'] . '/email/index.htm');
+				$compress->add_data('', 'language/' . $row['lang_iso'] . '/acp/index.htm');
 
 				if (sizeof($mod_files))
 				{
-					$compress->add_data('', 'language/' . $row['lang_iso'] . '/mods/index.html');
+					$compress->add_data('', 'language/' . $row['lang_iso'] . '/mods/index.htm');
 				}
 
 				$compress->close();
@@ -1217,7 +1217,7 @@ $lang = array_merge($lang, array(
 ';
 
 		// Language files in language root directory
-		$this->main_files = array("common.$phpEx", "groups.$phpEx", "install.$phpEx", "mcp.$phpEx", "memberlist.$phpEx", "posting.$phpEx", "search.$phpEx", "ucp.$phpEx", "viewforum.$phpEx", "viewtopic.$phpEx", "help_bbcode.$phpEx", "help_faq.$phpEx");
+		$this->main_files = array("captcha_qa.$phpEx", "captcha_recaptcha.$phpEx", "common.$phpEx", "groups.$phpEx", "install.$phpEx", "mcp.$phpEx", "memberlist.$phpEx", "posting.$phpEx", "search.$phpEx", "ucp.$phpEx", "viewforum.$phpEx", "viewtopic.$phpEx", "help_bbcode.$phpEx", "help_faq.$phpEx");
 	}
 
 	/**
diff --git a/phpBB/includes/acp/acp_main.php b/phpBB/includes/acp/acp_main.php
index b8712b2a3d..60cebe3c08 100644
--- a/phpBB/includes/acp/acp_main.php
+++ b/phpBB/includes/acp/acp_main.php
@@ -529,7 +529,7 @@ class acp_main
 		);
 
 		$log_data = array();
-		$log_count = 0;
+		$log_count = false;
 
 		if ($auth->acl_get('a_viewlogs'))
 		{
diff --git a/phpBB/includes/acp/acp_profile.php b/phpBB/includes/acp/acp_profile.php
index 2288a0728b..2e43b0545a 100644
--- a/phpBB/includes/acp/acp_profile.php
+++ b/phpBB/includes/acp/acp_profile.php
@@ -512,7 +512,7 @@ class acp_profile
 					else if ($field_type == FIELD_INT && $key == 'field_default_value')
 					{
 						// Permit an empty string
-						if (request_var('field_default_value', '') === '')
+						if ($action == 'create' && request_var('field_default_value', '') === '')
 						{
 							$var = '';
 						}
diff --git a/phpBB/includes/acp/acp_search.php b/phpBB/includes/acp/acp_search.php
index 930c8d2a26..0cd67b1c34 100644
--- a/phpBB/includes/acp/acp_search.php
+++ b/phpBB/includes/acp/acp_search.php
@@ -392,7 +392,18 @@ class acp_search
 									AND post_id <= ' . (int) ($post_counter + $this->batch_size);
 							$result = $db->sql_query($sql);
 
-							while ($row = $db->sql_fetchrow($result))
+							$buffer = $db->sql_buffer_nested_transactions();
+
+							if ($buffer)
+							{
+								$rows = $db->sql_fetchrowset($result);
+								$rows[] = false; // indicate end of array for while loop below
+
+								$db->sql_freeresult($result);
+							}
+
+							$i = 0;
+							while ($row = ($buffer ? $rows[$i++] : $db->sql_fetchrow($result)))
 							{
 								// Indexing enabled for this forum or global announcement?
 								// Global announcements get indexed by default.
@@ -402,7 +413,10 @@ class acp_search
 								}
 								$row_count++;
 							}
-							$db->sql_freeresult($result);
+							if (!$buffer)
+							{
+								$db->sql_freeresult($result);
+							}
 
 							$post_counter += $this->batch_size;
 						}
diff --git a/phpBB/includes/acp/acp_styles.php b/phpBB/includes/acp/acp_styles.php
index 2ccc728031..3bc8c86500 100644
--- a/phpBB/includes/acp/acp_styles.php
+++ b/phpBB/includes/acp/acp_styles.php
@@ -510,6 +510,7 @@ parse_css_file = {PARSE_CSS_FILE}
 							$db->sql_transaction('commit');
 
 							$cache->destroy('sql', STYLES_IMAGESET_DATA_TABLE);
+							$cache->destroy('imageset_site_logo_md5');
 
 							add_log('admin', 'LOG_IMAGESET_REFRESHED', $imageset_row['imageset_name']);
 							trigger_error($user->lang['IMAGESET_REFRESHED'] . adm_back_link($this->u_action));
@@ -716,7 +717,7 @@ parse_css_file = {PARSE_CSS_FILE}
 		$save_changes	= (isset($_POST['save'])) ? true : false;
 
 		// make sure template_file path doesn't go upwards
-		$template_file = str_replace('..', '.', $template_file);
+		$template_file = preg_replace('#\.{2,}#', '.', $template_file);
 
 		// Retrieve some information about the template
 		$sql = 'SELECT template_storedb, template_path, template_name
@@ -1587,23 +1588,23 @@ parse_css_file = {PARSE_CSS_FILE}
 		{
 			case 'style':
 				$sql_from = STYLES_TABLE;
-				$sql_select = 'style_name';
+				$sql_select = 'style_id, style_name, template_id, theme_id, imageset_id';
 				$sql_where = 'AND style_active = 1';
 			break;
 
 			case 'template':
 				$sql_from = STYLES_TEMPLATE_TABLE;
-				$sql_select = 'template_name, template_path, template_storedb';
+				$sql_select = 'template_id, template_name, template_path, template_storedb';
 			break;
 
 			case 'theme':
 				$sql_from = STYLES_THEME_TABLE;
-				$sql_select = 'theme_name, theme_path, theme_storedb';
+				$sql_select = 'theme_id, theme_name, theme_path, theme_storedb';
 			break;
 
 			case 'imageset':
 				$sql_from = STYLES_IMAGESET_TABLE;
-				$sql_select = 'imageset_name, imageset_path';
+				$sql_select = 'imageset_id, imageset_name, imageset_path';
 			break;
 		}
 
@@ -1633,37 +1634,14 @@ parse_css_file = {PARSE_CSS_FILE}
 			trigger_error($user->lang['NO_' . $l_prefix] . adm_back_link($this->u_action), E_USER_WARNING);
 		}
 
-		$sql = "SELECT {$mode}_id, {$mode}_name
-			FROM $sql_from
-			WHERE {$mode}_id <> $style_id
-			$sql_where
-			ORDER BY {$mode}_name ASC";
-		$result = $db->sql_query($sql);
-
-		$s_options = '';
-
-		if ($row = $db->sql_fetchrow($result))
-		{
-			do
-			{
-				$s_options .= '';
-			}
-			while ($row = $db->sql_fetchrow($result));
-		}
-		else
-		{
-			trigger_error($user->lang['ONLY_' . $l_prefix] . adm_back_link($this->u_action), E_USER_WARNING);
-		}
-		$db->sql_freeresult($result);
-
 		if ($update)
 		{
-			$sql = "DELETE FROM $sql_from
-				WHERE {$mode}_id = $style_id";
-			$db->sql_query($sql);
-
 			if ($mode == 'style')
 			{
+				$sql = "DELETE FROM $sql_from
+					WHERE {$mode}_id = $style_id";
+				$db->sql_query($sql);
+
 				$sql = 'UPDATE ' . USERS_TABLE . "
 					SET user_style = $new_id
 					WHERE user_style = $style_id";
@@ -1678,19 +1656,19 @@ parse_css_file = {PARSE_CSS_FILE}
 				{
 					set_config('default_style', $new_id);
 				}
+
+				// Remove the components
+				$components = array('template', 'theme', 'imageset');
+				foreach ($components as $component)
+				{
+					$new_id = request_var('new_' . $component . '_id', 0);
+					$component_id = $style_row[$component . '_id'];
+					$this->remove_component($component, $component_id, $new_id, $style_id);
+				}
 			}
 			else
 			{
-				if ($mode == 'imageset')
-				{
-					$sql = 'DELETE FROM ' . STYLES_IMAGESET_DATA_TABLE . "
-						WHERE imageset_id = $style_id";
-					$db->sql_query($sql);
-				}
-				$sql = 'UPDATE ' . STYLES_TABLE . "
-					SET {$mode}_id = $new_id
-					WHERE {$mode}_id = $style_id";
-				$db->sql_query($sql);
+				$this->remove_component($mode, $style_id, $new_id);
 			}
 
 			$cache->destroy('sql', STYLES_TABLE);
@@ -1700,11 +1678,12 @@ parse_css_file = {PARSE_CSS_FILE}
 			trigger_error($user->lang[$message] . adm_back_link($this->u_action));
 		}
 
+		$this->display_component_options($mode, $style_row[$mode . '_id'], $style_row);
+
 		$this->page_title = 'DELETE_' . $l_prefix;
 
 		$template->assign_vars(array(
 			'S_DELETE'			=> true,
-			'S_REPLACE_OPTIONS'	=> $s_options,
 
 			'L_TITLE'			=> $user->lang[$this->page_title],
 			'L_EXPLAIN'			=> $user->lang[$this->page_title . '_EXPLAIN'],
@@ -1718,6 +1697,202 @@ parse_css_file = {PARSE_CSS_FILE}
 			'NAME'			=> $style_row[$mode . '_name'],
 			)
 		);
+
+		if ($mode == 'style')
+		{
+			$template->assign_vars(array(
+				'S_DELETE_STYLE'		=> true,
+			));
+		}
+	}
+
+	/**
+	* Remove template/theme/imageset entry from the database
+	*/
+	function remove_component($component, $component_id, $new_id, $style_id = false)
+	{
+		global $db;
+
+		if (($new_id == 0) || ($component === 'template' && ($conflicts = $this->check_inheritance($component, $component_id))))
+		{
+			// We can not delete the template, as the user wants to keep the component or an other template is inheriting from this one.
+			return;
+		}
+
+		$component_in_use = array();
+		if ($component != 'style')
+		{
+			$component_in_use = $this->component_in_use($component, $component_id, $style_id);
+		}
+
+		if (($new_id == -1) && !empty($component_in_use))
+		{
+			// We can not delete the component, as it is still in use
+			return;
+		}
+
+		if ($component == 'imageset')
+		{
+			$sql = 'DELETE FROM ' . STYLES_IMAGESET_DATA_TABLE . "
+				WHERE imageset_id = $component_id";
+			$db->sql_query($sql);
+		}
+
+		switch ($component)
+		{
+			case 'template':
+				$sql_from = STYLES_TEMPLATE_TABLE;
+			break;
+
+			case 'theme':
+				$sql_from = STYLES_THEME_TABLE;
+			break;
+
+			case 'imageset':
+				$sql_from = STYLES_IMAGESET_TABLE;;
+			break;
+		}
+
+		$sql = "DELETE FROM $sql_from
+			WHERE {$component}_id = $component_id";
+		$db->sql_query($sql);
+
+		$sql = 'UPDATE ' . STYLES_TABLE . "
+			SET {$component}_id = $new_id
+			WHERE {$component}_id = $component_id";
+		$db->sql_query($sql);
+	}
+
+	/**
+	* Display the options which can be used to replace a style/template/theme/imageset
+	*/
+	function display_component_options($component, $component_id, $style_row = false, $style_id = false)
+	{
+		global $db, $template, $user;
+
+		$component_in_use = array();
+		if ($component != 'style')
+		{
+			$component_in_use = $this->component_in_use($component, $component_id, $style_id);
+		}
+
+		$sql_where = '';
+		switch ($component)
+		{
+			case 'style':
+				$sql_from = STYLES_TABLE;
+				$sql_where = 'WHERE style_active = 1';
+			break;
+
+			case 'template':
+				$sql_from = STYLES_TEMPLATE_TABLE;
+				$sql_where = 'WHERE template_inherits_id <> ' . $component_id;
+			break;
+
+			case 'theme':
+				$sql_from = STYLES_THEME_TABLE;
+			break;
+
+			case 'imageset':
+				$sql_from = STYLES_IMAGESET_TABLE;
+			break;
+		}
+
+		$s_options = '';
+		if (($component != 'style') && empty($component_in_use))
+		{
+			$sql = "SELECT {$component}_id, {$component}_name
+				FROM $sql_from
+				WHERE {$component}_id = {$component_id}";
+			$result = $db->sql_query($sql);
+			$row = $db->sql_fetchrow($result);
+			$db->sql_freeresult($result);
+
+			$s_options .= '';
+			$s_options .= '';
+		}
+		else
+		{
+			$sql = "SELECT {$component}_id, {$component}_name
+				FROM $sql_from
+				$sql_where
+				ORDER BY {$component}_name ASC";
+			$result = $db->sql_query($sql);
+
+			$s_keep_option = $s_options = '';
+			while ($row = $db->sql_fetchrow($result))
+			{
+				if ($row[$component . '_id'] != $component_id)
+				{
+					$s_options .= '';
+				}
+				else if ($component != 'style')
+				{
+					$s_keep_option = '';
+				}
+			}
+			$db->sql_freeresult($result);
+			$s_options = $s_keep_option . $s_options;
+		}
+
+		if (!$style_row)
+		{
+			$template->assign_var('S_REPLACE_' . strtoupper($component) . '_OPTIONS', $s_options);
+		}
+		else
+		{
+			$template->assign_var('S_REPLACE_OPTIONS', $s_options);
+			if ($component == 'style')
+			{
+				$components = array('template', 'theme', 'imageset');
+				foreach ($components as $component)
+				{
+					$this->display_component_options($component, $style_row[$component . '_id'], false, $component_id, true);
+				}
+			}
+		}
+	}
+
+	/**
+	* Check whether the component is still used by another style or component
+	*/
+	function component_in_use($component, $component_id, $style_id = false)
+	{
+		global $db;
+
+		$component_in_use = array();
+
+		if ($style_id)
+		{
+			$sql = 'SELECT style_id, style_name
+				FROM ' . STYLES_TABLE . "
+				WHERE {$component}_id = {$component_id}
+					AND style_id <> {$style_id}
+				ORDER BY style_name ASC";
+		}
+		else
+		{
+			$sql = 'SELECT style_id, style_name
+				FROM ' . STYLES_TABLE . "
+				WHERE {$component}_id = {$component_id}
+				ORDER BY style_name ASC";
+		}
+		$result = $db->sql_query($sql);
+		while ($row = $db->sql_fetchrow($result))
+		{
+			$component_in_use[] = $row['style_name'];
+		}
+		$db->sql_freeresult($result);
+
+		if ($component === 'template' && ($conflicts = $this->check_inheritance($component, $component_id)))
+		{
+			foreach ($conflicts as $temp_id => $conflict_data)
+			{
+				$component_in_use[] = $conflict_data['template_name'];
+			}
+		}
+
+		return $component_in_use;
 	}
 
 	/**
diff --git a/phpBB/includes/acp/acp_words.php b/phpBB/includes/acp/acp_words.php
index 1cb9545967..88c5bbe592 100644
--- a/phpBB/includes/acp/acp_words.php
+++ b/phpBB/includes/acp/acp_words.php
@@ -95,6 +95,9 @@ class acp_words
 					trigger_error($user->lang['ENTER_WORD'] . adm_back_link($this->u_action), E_USER_WARNING);
 				}
 
+				// Replace multiple consecutive asterisks with single one as those are not needed
+				$word = preg_replace('#\*{2,}#', '*', $word);
+
 				$sql_ary = array(
 					'word'			=> $word,
 					'replacement'	=> $replacement
diff --git a/phpBB/includes/auth.php b/phpBB/includes/auth.php
index 02819f9e78..5564de2943 100644
--- a/phpBB/includes/auth.php
+++ b/phpBB/includes/auth.php
@@ -109,6 +109,7 @@ class auth
 	*/
 	function _fill_acl($user_permissions)
 	{
+		$seq_cache = array();
 		$this->acl = array();
 		$user_permissions = explode("\n", $user_permissions);
 
@@ -125,8 +126,17 @@ class auth
 
 				while ($subseq = substr($seq, $i, 6))
 				{
+					if (isset($seq_cache[$subseq]))
+					{
+						$converted = $seq_cache[$subseq];
+					}
+					else
+					{
+						$converted = $seq_cache[$subseq] = str_pad(base_convert($subseq, 36, 2), 31, 0, STR_PAD_LEFT);
+					}
+
 					// We put the original bitstring into the acl array
-					$this->acl[$f] .= str_pad(base_convert($subseq, 36, 2), 31, 0, STR_PAD_LEFT);
+					$this->acl[$f] .= $converted;
 					$i += 6;
 				}
 			}
@@ -898,7 +908,7 @@ class auth
 		$method = 'login_' . $method;
 		if (function_exists($method))
 		{
-			$login = $method($username, $password);
+			$login = $method($username, $password, $user->ip, $user->browser, $user->forwarded_for);
 
 			// If the auth module wants us to create an empty profile do so and then treat the status as LOGIN_SUCCESS
 			if ($login['status'] == LOGIN_SUCCESS_CREATE_PROFILE)
diff --git a/phpBB/includes/auth/auth_db.php b/phpBB/includes/auth/auth_db.php
index e04a6307e9..6ca69d9174 100644
--- a/phpBB/includes/auth/auth_db.php
+++ b/phpBB/includes/auth/auth_db.php
@@ -23,8 +23,21 @@ if (!defined('IN_PHPBB'))
 
 /**
 * Login function
+*
+* @param string $username
+* @param string $password
+* @param string $ip			IP address the login is taking place from. Used to
+*							limit the number of login attempts per IP address.
+* @param string $browser	The user agent used to login
+* @param string $forwarded_for X_FORWARDED_FOR header sent with login request
+* @return array				A associative array of the format
+*							array(
+*								'status' => status constant
+*								'error_msg' => string
+*								'user_row' => array
+*							)
 */
-function login_db(&$username, &$password)
+function login_db($username, $password, $ip = '', $browser = '', $forwarded_for = '')
 {
 	global $db, $config;
 
@@ -47,13 +60,51 @@ function login_db(&$username, &$password)
 		);
 	}
 
+	$username_clean = utf8_clean_string($username);
+
 	$sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts
 		FROM ' . USERS_TABLE . "
-		WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
+		WHERE username_clean = '" . $db->sql_escape($username_clean) . "'";
 	$result = $db->sql_query($sql);
 	$row = $db->sql_fetchrow($result);
 	$db->sql_freeresult($result);
 
+	if (($ip && !$config['ip_login_limit_use_forwarded']) ||
+		($forwarded_for && $config['ip_login_limit_use_forwarded']))
+	{
+		$sql = 'SELECT COUNT(*) AS attempts
+			FROM ' . LOGIN_ATTEMPT_TABLE . '
+			WHERE attempt_time > ' . (time() - (int) $config['ip_login_limit_time']);
+		if ($config['ip_login_limit_use_forwarded'])
+		{
+			$sql .= " AND attempt_forwarded_for = '" . $db->sql_escape($forwarded_for) . "'";
+		}
+		else
+		{
+			$sql .= " AND attempt_ip = '" . $db->sql_escape($ip) . "' ";
+		}
+
+		$result = $db->sql_query($sql);
+		$attempts = (int) $db->sql_fetchfield('attempts');
+		$db->sql_freeresult($result);
+
+		$attempt_data = array(
+			'attempt_ip'			=> $ip,
+			'attempt_browser'		=> trim(substr($browser, 0, 149)),
+			'attempt_forwarded_for'	=> $forwarded_for,
+			'attempt_time'			=> time(),
+			'user_id'				=> ($row) ? (int) $row['user_id'] : 0,
+			'username'				=> $username,
+			'username_clean'		=> $username_clean,
+		);
+		$sql = 'INSERT INTO ' . LOGIN_ATTEMPT_TABLE . $db->sql_build_array('INSERT', $attempt_data);
+		$result = $db->sql_query($sql);
+	}
+	else
+	{
+		$attempts = 0;
+	}
+
 	if (!$row)
 	{
 		return array(
@@ -62,7 +113,9 @@ function login_db(&$username, &$password)
 			'user_row'	=> array('user_id' => ANONYMOUS),
 		);
 	}
-	$show_captcha = $config['max_login_attempts'] && $row['user_login_attempts'] >= $config['max_login_attempts'];
+
+	$show_captcha = ($config['max_login_attempts'] && $row['user_login_attempts'] >= $config['max_login_attempts']) ||
+		($config['ip_login_limit_max'] && $attempts >= $config['ip_login_limit_max']);
 
 	// If there are too much login attempts, we need to check for an confirm image
 	// Every auth module is able to define what to do by itself...
@@ -90,7 +143,7 @@ function login_db(&$username, &$password)
 		{
 			$captcha->reset();
 		}
-		
+
 	}
 
 	// If the password convert flag is set we need to convert it
@@ -165,6 +218,10 @@ function login_db(&$username, &$password)
 			$row['user_password'] = $hash;
 		}
 
+		$sql = 'DELETE FROM ' . LOGIN_ATTEMPT_TABLE . '
+			WHERE user_id = ' . $row['user_id'];
+		$db->sql_query($sql);
+
 		if ($row['user_login_attempts'] != 0)
 		{
 			// Successful, reset login attempts (the user passed all stages)
diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php
index e8c957aaa3..5dfa74ddab 100644
--- a/phpBB/includes/auth/auth_ldap.php
+++ b/phpBB/includes/auth/auth_ldap.php
@@ -335,7 +335,7 @@ function acp_ldap(&$new)
 	
 	
        
 		

        ' . $user->lang['LDAP_PASSWORD_EXPLAIN'] . '
        
-		
        
+		
        
 	
        
 	';
 
diff --git a/phpBB/includes/cache.php b/phpBB/includes/cache.php
index b50fab4ca2..612adcca4f 100644
--- a/phpBB/includes/cache.php
+++ b/phpBB/includes/cache.php
@@ -82,26 +82,9 @@ class cache extends acm
 			$result = $db->sql_query($sql);
 
 			$censors = array();
-			$unicode = ((version_compare(PHP_VERSION, '5.1.0', '>=') || (version_compare(PHP_VERSION, '5.0.0-dev', '<=') && version_compare(PHP_VERSION, '4.4.0', '>='))) && @preg_match('/\p{L}/u', 'a') !== false) ? true : false;
-
 			while ($row = $db->sql_fetchrow($result))
 			{
-				if ($unicode)
-				{
-					// Unescape the asterisk to simplify further conversions
-					$row['word'] = str_replace('\*', '*', preg_quote($row['word'], '#'));
-					
-					// Replace the asterisk inside the pattern, at the start and at the end of it with regexes
-					$row['word'] = preg_replace(array('#(?<=[\p{Nd}\p{L}_])\*(?=[\p{Nd}\p{L}_])#iu', '#^\*#', '#\*$#'), array('([\x20]*?|[\p{Nd}\p{L}_-]*?)', '[\p{Nd}\p{L}_-]*?', '[\p{Nd}\p{L}_-]*?'), $row['word']);
-
-					// Generate the final substitution
-					$censors['match'][] = '#(?sql_freeresult($result);
diff --git a/phpBB/includes/captcha/captcha_gd.php b/phpBB/includes/captcha/captcha_gd.php
index 96e39af85b..ecdad43978 100644
--- a/phpBB/includes/captcha/captcha_gd.php
+++ b/phpBB/includes/captcha/captcha_gd.php
@@ -77,7 +77,7 @@ class captcha
 		{
 			$denom = ($code_len - $i);
 			$denom = max(1.3, $denom);
-			$offset[$i] = mt_rand(0, (1.5 * $width_avail) / $denom);
+			$offset[$i] = phpbb_mt_rand(0, (int) round((1.5 * $width_avail) / $denom));
 			$width_avail -= $offset[$i];
 		}
 
@@ -112,7 +112,7 @@ class captcha
 			$noise_bitmaps = $this->captcha_noise_bg_bitmaps();
 			for ($i = 0; $i < $code_len; ++$i)
 			{
-				$noise[$i] = new char_cube3d($noise_bitmaps, mt_rand(1, count($noise_bitmaps['data'])));
+				$noise[$i] = new char_cube3d($noise_bitmaps, mt_rand(1, sizeof($noise_bitmaps['data'])));
 
 				list($min, $max) = $noise[$i]->range();
 				//$box = $noise[$i]->dimensions($sizes[$i]);
@@ -1669,32 +1669,32 @@ class captcha
 			'height'	=> 15,
 			'data'		=> array(
 
-			'A' =>	$chars['A'][mt_rand(0, min(count($chars['A']), $config['captcha_gd_fonts']) -1)],
-			'B' =>	$chars['B'][mt_rand(0, min(count($chars['B']), $config['captcha_gd_fonts']) -1)],
-			'C' =>	$chars['C'][mt_rand(0, min(count($chars['C']), $config['captcha_gd_fonts']) -1)],
-			'D' =>	$chars['D'][mt_rand(0, min(count($chars['D']), $config['captcha_gd_fonts']) -1)],
-			'E' =>	$chars['E'][mt_rand(0, min(count($chars['E']), $config['captcha_gd_fonts']) -1)],
-			'F' =>	$chars['F'][mt_rand(0, min(count($chars['F']), $config['captcha_gd_fonts']) -1)],
-			'G' =>	$chars['G'][mt_rand(0, min(count($chars['G']), $config['captcha_gd_fonts']) -1)],
-			'H' =>	$chars['H'][mt_rand(0, min(count($chars['H']), $config['captcha_gd_fonts']) -1)],
-			'I' =>	$chars['I'][mt_rand(0, min(count($chars['I']), $config['captcha_gd_fonts']) -1)],
-			'J' =>	$chars['J'][mt_rand(0, min(count($chars['J']), $config['captcha_gd_fonts']) -1)],
-			'K' =>	$chars['K'][mt_rand(0, min(count($chars['K']), $config['captcha_gd_fonts']) -1)],
-			'L' =>	$chars['L'][mt_rand(0, min(count($chars['L']), $config['captcha_gd_fonts']) -1)],
-			'M' =>	$chars['M'][mt_rand(0, min(count($chars['M']), $config['captcha_gd_fonts']) -1)],  
-			'N' =>	$chars['N'][mt_rand(0, min(count($chars['N']), $config['captcha_gd_fonts']) -1)],
-			'O' =>	$chars['O'][mt_rand(0, min(count($chars['O']), $config['captcha_gd_fonts']) -1)],
-			'P' =>	$chars['P'][mt_rand(0, min(count($chars['P']), $config['captcha_gd_fonts']) -1)],
-			'Q' =>	$chars['Q'][mt_rand(0, min(count($chars['Q']), $config['captcha_gd_fonts']) -1)],
-			'R' =>	$chars['R'][mt_rand(0, min(count($chars['R']), $config['captcha_gd_fonts']) -1)],
-			'S' =>	$chars['S'][mt_rand(0, min(count($chars['S']), $config['captcha_gd_fonts']) -1)],
-			'T' =>	$chars['T'][mt_rand(0, min(count($chars['T']), $config['captcha_gd_fonts']) -1)],
-			'U' =>	$chars['U'][mt_rand(0, min(count($chars['U']), $config['captcha_gd_fonts']) -1)],
-			'V' =>	$chars['V'][mt_rand(0, min(count($chars['V']), $config['captcha_gd_fonts']) -1)],
-			'W' =>	$chars['W'][mt_rand(0, min(count($chars['W']), $config['captcha_gd_fonts']) -1)],
-			'X' =>	$chars['X'][mt_rand(0, min(count($chars['X']), $config['captcha_gd_fonts']) -1)],
-			'Y' =>	$chars['Y'][mt_rand(0, min(count($chars['Y']), $config['captcha_gd_fonts']) -1)],
-			'Z' =>	$chars['Z'][mt_rand(0, min(count($chars['Z']), $config['captcha_gd_fonts']) -1)],
+			'A' =>	$chars['A'][mt_rand(0, min(sizeof($chars['A']), $config['captcha_gd_fonts']) -1)],
+			'B' =>	$chars['B'][mt_rand(0, min(sizeof($chars['B']), $config['captcha_gd_fonts']) -1)],
+			'C' =>	$chars['C'][mt_rand(0, min(sizeof($chars['C']), $config['captcha_gd_fonts']) -1)],
+			'D' =>	$chars['D'][mt_rand(0, min(sizeof($chars['D']), $config['captcha_gd_fonts']) -1)],
+			'E' =>	$chars['E'][mt_rand(0, min(sizeof($chars['E']), $config['captcha_gd_fonts']) -1)],
+			'F' =>	$chars['F'][mt_rand(0, min(sizeof($chars['F']), $config['captcha_gd_fonts']) -1)],
+			'G' =>	$chars['G'][mt_rand(0, min(sizeof($chars['G']), $config['captcha_gd_fonts']) -1)],
+			'H' =>	$chars['H'][mt_rand(0, min(sizeof($chars['H']), $config['captcha_gd_fonts']) -1)],
+			'I' =>	$chars['I'][mt_rand(0, min(sizeof($chars['I']), $config['captcha_gd_fonts']) -1)],
+			'J' =>	$chars['J'][mt_rand(0, min(sizeof($chars['J']), $config['captcha_gd_fonts']) -1)],
+			'K' =>	$chars['K'][mt_rand(0, min(sizeof($chars['K']), $config['captcha_gd_fonts']) -1)],
+			'L' =>	$chars['L'][mt_rand(0, min(sizeof($chars['L']), $config['captcha_gd_fonts']) -1)],
+			'M' =>	$chars['M'][mt_rand(0, min(sizeof($chars['M']), $config['captcha_gd_fonts']) -1)],  
+			'N' =>	$chars['N'][mt_rand(0, min(sizeof($chars['N']), $config['captcha_gd_fonts']) -1)],
+			'O' =>	$chars['O'][mt_rand(0, min(sizeof($chars['O']), $config['captcha_gd_fonts']) -1)],
+			'P' =>	$chars['P'][mt_rand(0, min(sizeof($chars['P']), $config['captcha_gd_fonts']) -1)],
+			'Q' =>	$chars['Q'][mt_rand(0, min(sizeof($chars['Q']), $config['captcha_gd_fonts']) -1)],
+			'R' =>	$chars['R'][mt_rand(0, min(sizeof($chars['R']), $config['captcha_gd_fonts']) -1)],
+			'S' =>	$chars['S'][mt_rand(0, min(sizeof($chars['S']), $config['captcha_gd_fonts']) -1)],
+			'T' =>	$chars['T'][mt_rand(0, min(sizeof($chars['T']), $config['captcha_gd_fonts']) -1)],
+			'U' =>	$chars['U'][mt_rand(0, min(sizeof($chars['U']), $config['captcha_gd_fonts']) -1)],
+			'V' =>	$chars['V'][mt_rand(0, min(sizeof($chars['V']), $config['captcha_gd_fonts']) -1)],
+			'W' =>	$chars['W'][mt_rand(0, min(sizeof($chars['W']), $config['captcha_gd_fonts']) -1)],
+			'X' =>	$chars['X'][mt_rand(0, min(sizeof($chars['X']), $config['captcha_gd_fonts']) -1)],
+			'Y' =>	$chars['Y'][mt_rand(0, min(sizeof($chars['Y']), $config['captcha_gd_fonts']) -1)],
+			'Z' =>	$chars['Z'][mt_rand(0, min(sizeof($chars['Z']), $config['captcha_gd_fonts']) -1)],
 
 			'1' => array(
 				array(0,0,0,1,1,0,0,0,0),
diff --git a/phpBB/includes/captcha/captcha_gd_wave.php b/phpBB/includes/captcha/captcha_gd_wave.php
index f706c98d43..27422513d9 100644
--- a/phpBB/includes/captcha/captcha_gd_wave.php
+++ b/phpBB/includes/captcha/captcha_gd_wave.php
@@ -62,8 +62,8 @@ class captcha
 				'y' => mt_rand(10, 17)
 			),
 			'lower_left'	=> array(
-				'x' => mt_rand($img_x - 5, $img_x - 45),
-				'y' => mt_rand($img_y - 0, $img_y - 15)
+				'x' => mt_rand($img_x - 45, $img_x - 5),
+				'y' => mt_rand($img_y - 15, $img_y - 0),
 			),
 		);
 
diff --git a/phpBB/includes/captcha/plugins/phpbb_captcha_qa_plugin.php b/phpBB/includes/captcha/plugins/phpbb_captcha_qa_plugin.php
index 49a64b9339..45f76bd676 100644
--- a/phpBB/includes/captcha/plugins/phpbb_captcha_qa_plugin.php
+++ b/phpBB/includes/captcha/plugins/phpbb_captcha_qa_plugin.php
@@ -319,7 +319,7 @@ class phpbb_captcha_qa
 					),
 					'PRIMARY_KEY'		=> 'question_id',
 					'KEYS'				=> array(
-						'lang_iso'			=> array('INDEX', 'lang_iso'),
+						'lang'			=> array('INDEX', 'lang_iso'),
 					),
 				),
 				CAPTCHA_ANSWERS_TABLE		=> array (
@@ -328,7 +328,7 @@ class phpbb_captcha_qa
 						'answer_text'	=> array('STEXT_UNI', ''),
 					),
 					'KEYS'				=> array(
-						'question_id'			=> array('INDEX', 'question_id'),
+						'qid'			=> array('INDEX', 'question_id'),
 					),
 				),
 				CAPTCHA_QA_CONFIRM_TABLE		=> array (
diff --git a/phpBB/includes/captcha/plugins/phpbb_recaptcha_plugin.php b/phpBB/includes/captcha/plugins/phpbb_recaptcha_plugin.php
index ea171dbe2c..0b0270f568 100644
--- a/phpBB/includes/captcha/plugins/phpbb_recaptcha_plugin.php
+++ b/phpBB/includes/captcha/plugins/phpbb_recaptcha_plugin.php
@@ -27,9 +27,14 @@ if (!class_exists('phpbb_default_captcha'))
 */
 class phpbb_recaptcha extends phpbb_default_captcha
 {
-	var $recaptcha_server = 'http://api.recaptcha.net';
-	var $recaptcha_server_secure = 'https://api-secure.recaptcha.net'; // class constants :(
-	var $recaptcha_verify_server = 'api-verify.recaptcha.net';
+	var $recaptcha_server = 'http://www.google.com/recaptcha/api';
+	var $recaptcha_server_secure = 'https://www.google.com/recaptcha/api'; // class constants :(
+
+	// We are opening a socket to port 80 of this host and send
+	// the POST request asking for verification to the path specified here.
+	var $recaptcha_verify_server = 'www.google.com';
+	var $recaptcha_verify_path = '/recaptcha/api/verify';
+
 	var $challenge;
 	var $response;
 
@@ -296,7 +301,7 @@ class phpbb_recaptcha extends phpbb_default_captcha
 			return $user->lang['RECAPTCHA_INCORRECT'];
 		}
 
-		$response = $this->_recaptcha_http_post($this->recaptcha_verify_server, '/verify',
+		$response = $this->_recaptcha_http_post($this->recaptcha_verify_server, $this->recaptcha_verify_path,
 			array(
 				'privatekey'	=> $config['recaptcha_privkey'],
 				'remoteip'		=> $user->ip,
diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php
index af2a6ebd24..3940888216 100644
--- a/phpBB/includes/constants.php
+++ b/phpBB/includes/constants.php
@@ -25,7 +25,7 @@ if (!defined('IN_PHPBB'))
 */
 
 // phpBB Version
-define('PHPBB_VERSION', '3.0.8');
+define('PHPBB_VERSION', '3.0.9');
 
 // QA-related
 // define('PHPBB_QA', 1);
@@ -173,6 +173,9 @@ define('BBCODE_UID_LEN', 8);
 // Number of core BBCodes
 define('NUM_CORE_BBCODES', 12);
 
+// BBCode hard limit
+define('BBCODE_LIMIT', 1511);
+
 // Smiley hard limit
 define('SMILEY_LIMIT', 1000);
 
@@ -233,6 +236,7 @@ define('GROUPS_TABLE',				$table_prefix . 'groups');
 define('ICONS_TABLE',				$table_prefix . 'icons');
 define('LANG_TABLE',				$table_prefix . 'lang');
 define('LOG_TABLE',					$table_prefix . 'log');
+define('LOGIN_ATTEMPT_TABLE',		$table_prefix . 'login_attempts');
 define('MODERATOR_CACHE_TABLE',		$table_prefix . 'moderator_cache');
 define('MODULES_TABLE',				$table_prefix . 'modules');
 define('POLL_OPTIONS_TABLE',		$table_prefix . 'poll_options');
@@ -275,4 +279,4 @@ define('ZEBRA_TABLE',				$table_prefix . 'zebra');
 // Additional tables
 
 
-?>
\ No newline at end of file
+?>
diff --git a/phpBB/includes/db/db_tools.php b/phpBB/includes/db/db_tools.php
index f4b181c6ad..50e308dea2 100644
--- a/phpBB/includes/db/db_tools.php
+++ b/phpBB/includes/db/db_tools.php
@@ -417,6 +417,11 @@ class phpbb_db_tools
 			// here lies an array, filled with information compiled on the column's data
 			$prepared_column = $this->sql_prepare_column_data($table_name, $column_name, $column_data);
 
+			if (isset($prepared_column['auto_increment']) && strlen($column_name) > 26) // "${column_name}_gen"
+			{
+				trigger_error("Index name '${column_name}_gen' on table '$table_name' is too long. The maximum auto increment column length is 26 characters.", E_USER_ERROR);
+			}
+
 			// here we add the definition of the new column to the list of columns
 			switch ($this->sql_layer)
 			{
@@ -538,7 +543,7 @@ class phpbb_db_tools
 			break;
 
 			case 'oracle':
-				$table_sql .= "\n);";
+				$table_sql .= "\n)";
 				$statements[] = $table_sql;
 
 				// do we need to add a sequence and a tigger for auto incrementing columns?
@@ -556,7 +561,7 @@ class phpbb_db_tools
 					$trigger .= "BEGIN\n";
 					$trigger .= "\tSELECT {$table_name}_seq.nextval\n";
 					$trigger .= "\tINTO :new.{$create_sequence}\n";
-					$trigger .= "\tFROM dual\n";
+					$trigger .= "\tFROM dual;\n";
 					$trigger .= "END;";
 
 					$statements[] = $trigger;
@@ -566,7 +571,13 @@ class phpbb_db_tools
 			case 'firebird':
 				if ($create_sequence)
 				{
-					$statements[] = "CREATE SEQUENCE {$table_name}_seq;";
+					$statements[] = "CREATE GENERATOR {$table_name}_gen;";
+					$statements[] = "SET GENERATOR {$table_name}_gen TO 0;";
+
+					$trigger = "CREATE TRIGGER t_$table_name FOR $table_name\n";
+					$trigger .= "BEFORE INSERT\nAS\nBEGIN\n";
+					$trigger .= "\tNEW.{$create_sequence} = GEN_ID({$table_name}_gen, 1);\nEND;";
+					$statements[] = $trigger;
 				}
 			break;
 		}
@@ -638,6 +649,19 @@ class phpbb_db_tools
 			$sqlite = true;
 		}
 
+		// Add tables?
+		if (!empty($schema_changes['add_tables']))
+		{
+			foreach ($schema_changes['add_tables'] as $table => $table_data)
+			{
+				$result = $this->sql_create_table($table, $table_data);
+				if ($this->return_statements)
+				{
+					$statements = array_merge($statements, $result);
+				}
+			}
+		}
+
 		// Change columns?
 		if (!empty($schema_changes['change_columns']))
 		{
@@ -681,10 +705,12 @@ class phpbb_db_tools
 			{
 				foreach ($columns as $column_name => $column_data)
 				{
-					// Only add the column if it does not exist yet, else change it (to be consistent)
+					// Only add the column if it does not exist yet
 					if ($column_exists = $this->sql_column_exists($table, $column_name))
 					{
-						$result = $this->sql_column_change($table, $column_name, $column_data, true);
+						continue;
+						// This is commented out here because it can take tremendous time on updates
+//						$result = $this->sql_column_change($table, $column_name, $column_data, true);
 					}
 					else
 					{
@@ -695,7 +721,8 @@ class phpbb_db_tools
 					{
 						if ($column_exists)
 						{
-							$sqlite_data[$table]['change_columns'][] = $result;
+							continue;
+//							$sqlite_data[$table]['change_columns'][] = $result;
 						}
 						else
 						{
@@ -717,6 +744,11 @@ class phpbb_db_tools
 			{
 				foreach ($indexes as $index_name)
 				{
+					if (!$this->sql_index_exists($table, $index_name))
+					{
+						continue;
+					}
+
 					$result = $this->sql_index_drop($table, $index_name);
 
 					if ($this->return_statements)
@@ -777,6 +809,11 @@ class phpbb_db_tools
 			{
 				foreach ($index_array as $index_name => $column)
 				{
+					if ($this->sql_unique_index_exists($table, $index_name))
+					{
+						continue;
+					}
+
 					$result = $this->sql_create_unique_index($table, $index_name, $column);
 
 					if ($this->return_statements)
@@ -794,6 +831,11 @@ class phpbb_db_tools
 			{
 				foreach ($index_array as $index_name => $column)
 				{
+					if ($this->sql_index_exists($table, $index_name))
+					{
+						continue;
+					}
+
 					$result = $this->sql_create_index($table, $index_name, $column);
 
 					if ($this->return_statements)
@@ -1102,6 +1144,236 @@ class phpbb_db_tools
 		}
 	}
 
+	/**
+	* Check if a specified index exists in table. Does not return PRIMARY KEY and UNIQUE indexes.
+	*
+	* @param string	$table_name		Table to check the index at
+	* @param string	$index_name		The index name to check
+	*
+	* @return bool True if index exists, else false
+	*/
+	function sql_index_exists($table_name, $index_name)
+	{
+		if ($this->sql_layer == 'mssql' || $this->sql_layer == 'mssqlnative')
+		{
+			$sql = "EXEC sp_statistics '$table_name'";
+			$result = $this->db->sql_query($sql);
+
+			while ($row = $this->db->sql_fetchrow($result))
+			{
+				if ($row['TYPE'] == 3)
+				{
+					if (strtolower($row['INDEX_NAME']) == strtolower($index_name))
+					{
+						$this->db->sql_freeresult($result);
+						return true;
+					}
+				}
+			}
+			$this->db->sql_freeresult($result);
+
+			return false;
+		}
+
+		switch ($this->sql_layer)
+		{
+			case 'firebird':
+				$sql = "SELECT LOWER(RDB\$INDEX_NAME) as index_name
+					FROM RDB\$INDICES
+					WHERE RDB\$RELATION_NAME = '" . strtoupper($table_name) . "'
+						AND RDB\$UNIQUE_FLAG IS NULL
+						AND RDB\$FOREIGN_KEY IS NULL";
+				$col = 'index_name';
+			break;
+
+			case 'postgres':
+				$sql = "SELECT ic.relname as index_name
+					FROM pg_class bc, pg_class ic, pg_index i
+					WHERE (bc.oid = i.indrelid)
+						AND (ic.oid = i.indexrelid)
+						AND (bc.relname = '" . $table_name . "')
+						AND (i.indisunique != 't')
+						AND (i.indisprimary != 't')";
+				$col = 'index_name';
+			break;
+
+			case 'mysql_40':
+			case 'mysql_41':
+				$sql = 'SHOW KEYS
+					FROM ' . $table_name;
+				$col = 'Key_name';
+			break;
+
+			case 'oracle':
+				$sql = "SELECT index_name
+					FROM user_indexes
+					WHERE table_name = '" . strtoupper($table_name) . "'
+						AND generated = 'N'
+						AND uniqueness = 'NONUNIQUE'";
+				$col = 'index_name';
+			break;
+
+			case 'sqlite':
+				$sql = "PRAGMA index_list('" . $table_name . "');";
+				$col = 'name';
+			break;
+		}
+
+		$result = $this->db->sql_query($sql);
+		while ($row = $this->db->sql_fetchrow($result))
+		{
+			if (($this->sql_layer == 'mysql_40' || $this->sql_layer == 'mysql_41') && !$row['Non_unique'])
+			{
+				continue;
+			}
+
+			// These DBMS prefix index name with the table name
+			switch ($this->sql_layer)
+			{
+				case 'firebird':
+				case 'oracle':
+				case 'postgres':
+				case 'sqlite':
+					$row[$col] = substr($row[$col], strlen($table_name) + 1);
+				break;
+			}
+
+			if (strtolower($row[$col]) == strtolower($index_name))
+			{
+				$this->db->sql_freeresult($result);
+				return true;
+			}
+		}
+		$this->db->sql_freeresult($result);
+
+		return false;
+	}
+
+	/**
+	* Check if a specified index exists in table. Does not return PRIMARY KEY and UNIQUE indexes.
+	*
+	* @param string	$table_name		Table to check the index at
+	* @param string	$index_name		The index name to check
+	*
+	* @return bool True if index exists, else false
+	*/
+	function sql_unique_index_exists($table_name, $index_name)
+	{
+		if ($this->sql_layer == 'mssql' || $this->sql_layer == 'mssqlnative')
+		{
+			$sql = "EXEC sp_statistics '$table_name'";
+			$result = $this->db->sql_query($sql);
+
+			while ($row = $this->db->sql_fetchrow($result))
+			{
+				// Usually NON_UNIQUE is the column we want to check, but we allow for both
+				if ($row['TYPE'] == 3)
+				{
+					if (strtolower($row['INDEX_NAME']) == strtolower($index_name))
+					{
+						$this->db->sql_freeresult($result);
+						return true;
+					}
+				}
+			}
+			$this->db->sql_freeresult($result);
+			return false;
+		}
+
+		switch ($this->sql_layer)
+		{
+			case 'firebird':
+				$sql = "SELECT LOWER(RDB\$INDEX_NAME) as index_name
+					FROM RDB\$INDICES
+					WHERE RDB\$RELATION_NAME = '" . strtoupper($table_name) . "'
+						AND RDB\$UNIQUE_FLAG IS NOT NULL
+						AND RDB\$FOREIGN_KEY IS NULL";
+				$col = 'index_name';
+			break;
+
+			case 'postgres':
+				$sql = "SELECT ic.relname as index_name, i.indisunique
+					FROM pg_class bc, pg_class ic, pg_index i
+					WHERE (bc.oid = i.indrelid)
+						AND (ic.oid = i.indexrelid)
+						AND (bc.relname = '" . $table_name . "')
+						AND (i.indisprimary != 't')";
+				$col = 'index_name';
+			break;
+
+			case 'mysql_40':
+			case 'mysql_41':
+				$sql = 'SHOW KEYS
+					FROM ' . $table_name;
+				$col = 'Key_name';
+			break;
+
+			case 'oracle':
+				$sql = "SELECT index_name, table_owner
+					FROM user_indexes
+					WHERE table_name = '" . strtoupper($table_name) . "'
+						AND generated = 'N'
+						AND uniqueness = 'UNIQUE'";
+				$col = 'index_name';
+			break;
+
+			case 'sqlite':
+				$sql = "PRAGMA index_list('" . $table_name . "');";
+				$col = 'name';
+			break;
+		}
+
+		$result = $this->db->sql_query($sql);
+		while ($row = $this->db->sql_fetchrow($result))
+		{
+			if (($this->sql_layer == 'mysql_40' || $this->sql_layer == 'mysql_41') && ($row['Non_unique'] || $row[$col] == 'PRIMARY'))
+			{
+				continue;
+			}
+
+			if ($this->sql_layer == 'sqlite' && !$row['unique'])
+			{
+				continue;
+			}
+
+			if ($this->sql_layer == 'postgres' && $row['indisunique'] != 't')
+			{
+				continue;
+			}
+
+			// These DBMS prefix index name with the table name
+			switch ($this->sql_layer)
+			{
+				case 'oracle':
+					// Two cases here... prefixed with U_[table_owner] and not prefixed with table_name
+					if (strpos($row[$col], 'U_') === 0)
+					{
+						$row[$col] = substr($row[$col], strlen('U_' . $row['table_owner']) + 1);
+					}
+					else if (strpos($row[$col], strtoupper($table_name)) === 0)
+					{
+						$row[$col] = substr($row[$col], strlen($table_name) + 1);
+					}
+				break;
+
+				case 'firebird':
+				case 'postgres':
+				case 'sqlite':
+					$row[$col] = substr($row[$col], strlen($table_name) + 1);
+				break;
+			}
+
+			if (strtolower($row[$col]) == strtolower($index_name))
+			{
+				$this->db->sql_freeresult($result);
+				return true;
+			}
+		}
+		$this->db->sql_freeresult($result);
+
+		return false;
+	}
+
 	/**
 	* Private method for performing sql statements (either execute them or return them)
 	* @access private
@@ -1139,6 +1411,11 @@ class phpbb_db_tools
 	*/
 	function sql_prepare_column_data($table_name, $column_name, $column_data)
 	{
+		if (strlen($column_name) > 30)
+		{
+			trigger_error("Column name '$column_name' on table '$table_name' is too long. The maximum is 30 characters.", E_USER_ERROR);
+		}
+
 		// Get type
 		if (strpos($column_data[0], ':') !== false)
 		{
@@ -1371,24 +1648,29 @@ class phpbb_db_tools
 		switch ($this->sql_layer)
 		{
 			case 'firebird':
+				// Does not support AFTER statement, only POSITION (and there you need the column position)
 				$statements[] = 'ALTER TABLE ' . $table_name . ' ADD "' . strtoupper($column_name) . '" ' . $column_data['column_type_sql'];
 			break;
 
 			case 'mssql':
 			case 'mssqlnative':
+				// Does not support AFTER, only through temporary table
 				$statements[] = 'ALTER TABLE [' . $table_name . '] ADD [' . $column_name . '] ' . $column_data['column_type_sql_default'];
 			break;
 
 			case 'mysql_40':
 			case 'mysql_41':
-				$statements[] = 'ALTER TABLE `' . $table_name . '` ADD COLUMN `' . $column_name . '` ' . $column_data['column_type_sql'];
+				$after = (!empty($column_data['after'])) ? ' AFTER ' . $column_data['after'] : '';
+				$statements[] = 'ALTER TABLE `' . $table_name . '` ADD COLUMN `' . $column_name . '` ' . $column_data['column_type_sql'] . $after;
 			break;
 
 			case 'oracle':
+				// Does not support AFTER, only through temporary table
 				$statements[] = 'ALTER TABLE ' . $table_name . ' ADD ' . $column_name . ' ' . $column_data['column_type_sql'];
 			break;
 
 			case 'postgres':
+				// Does not support AFTER, only through temporary table
 				if (version_compare($this->db->sql_server_info(true), '8.0', '>='))
 				{
 					$statements[] = 'ALTER TABLE ' . $table_name . ' ADD COLUMN "' . $column_name . '" ' . $column_data['column_type_sql'];
@@ -1774,6 +2056,13 @@ class phpbb_db_tools
 	{
 		$statements = array();
 
+		$table_prefix = substr(CONFIG_TABLE, 0, -6); // strlen(config)
+		if (strlen($table_name . $index_name) - strlen($table_prefix) > 24)
+		{
+			$max_length = $table_prefix + 24;
+			trigger_error("Index name '{$table_name}_$index_name' on table '$table_name' is too long. The maximum is $max_length characters.", E_USER_ERROR);
+		}
+
 		switch ($this->sql_layer)
 		{
 			case 'firebird':
@@ -1804,6 +2093,13 @@ class phpbb_db_tools
 	{
 		$statements = array();
 
+		$table_prefix = substr(CONFIG_TABLE, 0, -6); // strlen(config)
+		if (strlen($table_name . $index_name) - strlen($table_prefix) > 24)
+		{
+			$max_length = $table_prefix + 24;
+			trigger_error("Index name '{$table_name}_$index_name' on table '$table_name' is too long. The maximum is $max_length characters.", E_USER_ERROR);
+		}
+
 		// remove index length unless MySQL4
 		if ('mysql_40' != $this->sql_layer)
 		{
@@ -1957,6 +2253,7 @@ class phpbb_db_tools
 				}
 				else
 				{
+					// TODO: try to change pkey without removing trigger, generator or constraints. ATM this query may fail.
 					$statements[] = 'ALTER TABLE ' . $table_name . ' ALTER COLUMN "' . strtoupper($column_name) . '" TYPE ' . ' ' . $column_data['column_type_sql_type'];
 				}
 			break;
diff --git a/phpBB/includes/db/dbal.php b/phpBB/includes/db/dbal.php
index eeddf1f41b..9b45c085a2 100644
--- a/phpBB/includes/db/dbal.php
+++ b/phpBB/includes/db/dbal.php
@@ -241,6 +241,16 @@ class dbal
 		return $this->_sql_like_expression('LIKE \'' . $this->sql_escape($expression) . '\'');
 	}
 
+	/**
+	* Returns whether results of a query need to be buffered to run a transaction while iterating over them.
+	*
+	* @return bool Whether buffering is required.
+	*/
+	function sql_buffer_nested_transactions()
+	{
+		return false;
+	}
+
 	/**
 	* SQL Transaction
 	* @access private
@@ -767,7 +777,7 @@ class dbal
        - Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group + Powered by phpBB® Forum Software © phpBB Group
        diff --git a/phpBB/includes/db/firebird.php b/phpBB/includes/db/firebird.php index 6f60dd5dad..7e3f15ed1d 100644 --- a/phpBB/includes/db/firebird.php +++ b/phpBB/includes/db/firebird.php @@ -28,6 +28,7 @@ class dbal_firebird extends dbal var $last_query_text = ''; var $service_handle = false; var $affected_rows = 0; + var $connect_error = ''; /** * Connect to server @@ -53,9 +54,35 @@ class dbal_firebird extends dbal $use_database = $this->server . ':' . $this->dbname; } - $this->db_connect_id = ($this->persistency) ? @ibase_pconnect($use_database, $this->user, $sqlpassword, false, false, 3) : @ibase_connect($use_database, $this->user, $sqlpassword, false, false, 3); + if ($this->persistency) + { + if (!function_exists('ibase_pconnect')) + { + $this->connect_error = 'ibase_pconnect function does not exist, is interbase extension installed?'; + return $this->sql_error(''); + } + $this->db_connect_id = @ibase_pconnect($use_database, $this->user, $sqlpassword, false, false, 3); + } + else + { + if (!function_exists('ibase_connect')) + { + $this->connect_error = 'ibase_connect function does not exist, is interbase extension installed?'; + return $this->sql_error(''); + } + $this->db_connect_id = @ibase_connect($use_database, $this->user, $sqlpassword, false, false, 3); + } - $this->service_handle = (function_exists('ibase_service_attach') && $this->server) ? @ibase_service_attach($this->server, $this->user, $sqlpassword) : false; + // Do not call ibase_service_attach if connection failed, + // otherwise error message from ibase_(p)connect call will be clobbered. + if ($this->db_connect_id && function_exists('ibase_service_attach') && $this->server) + { + $this->service_handle = @ibase_service_attach($this->server, $this->user, $sqlpassword); + } + else + { + $this->service_handle = false; + } return ($this->db_connect_id) ? $this->db_connect_id : $this->sql_error(''); } @@ -471,8 +498,24 @@ class dbal_firebird extends dbal */ function _sql_error() { + // Need special handling here because ibase_errmsg returns + // connection errors, however if the interbase extension + // is not installed then ibase_errmsg does not exist and + // we cannot call it. + if (function_exists('ibase_errmsg')) + { + $msg = @ibase_errmsg(); + if (!$msg) + { + $msg = $this->connect_error; + } + } + else + { + $msg = $this->connect_error; + } return array( - 'message' => @ibase_errmsg(), + 'message' => $msg, 'code' => (@function_exists('ibase_errcode') ? @ibase_errcode() : '') ); } diff --git a/phpBB/includes/db/mssqlnative.php b/phpBB/includes/db/mssqlnative.php index 7ed4146f27..6810562d17 100644 --- a/phpBB/includes/db/mssqlnative.php +++ b/phpBB/includes/db/mssqlnative.php @@ -50,7 +50,7 @@ class result_mssqlnative } } - $this->m_row_count = count($this->m_rows); + $this->m_row_count = sizeof($this->m_rows); } private function array_to_obj($array, &$obj) @@ -258,6 +258,14 @@ class dbal_mssqlnative extends dbal return ($this->sql_server_version) ? 'MSSQL
        ' . $this->sql_server_version : 'MSSQL'; } + /** + * {@inheritDoc} + */ + function sql_buffer_nested_transactions() + { + return true; + } + /** * SQL Transaction * @access private @@ -628,7 +636,7 @@ class dbal_mssqlnative extends dbal return false; } } - + /** * Allows setting mssqlnative specific query options passed to sqlsrv_query as 4th parameter. */ diff --git a/phpBB/includes/db/oracle.php b/phpBB/includes/db/oracle.php index c8a9a5f604..62b36aa8bf 100644 --- a/phpBB/includes/db/oracle.php +++ b/phpBB/includes/db/oracle.php @@ -269,11 +269,12 @@ class dbal_oracle extends dbal { $cols = explode(', ', $regs[2]); + preg_match_all('/\'(?:[^\']++|\'\')*+\'|[\d-.]+/', $regs[3], $vals, PREG_PATTERN_ORDER); + /* The code inside this comment block breaks clob handling, but does allow the database restore script to work. If you want to allow no posts longer than 4KB and/or need the db restore script, uncomment this. - preg_match_all('/\'(?:[^\']++|\'\')*+\'|[\d-.]+/', $regs[3], $vals, PREG_PATTERN_ORDER); if (sizeof($cols) !== sizeof($vals)) { diff --git a/phpBB/includes/db/postgres.php b/phpBB/includes/db/postgres.php index 4360c790a1..bb116e0763 100644 --- a/phpBB/includes/db/postgres.php +++ b/phpBB/includes/db/postgres.php @@ -18,6 +18,11 @@ if (!defined('IN_PHPBB')) include_once($phpbb_root_path . 'includes/db/dbal.' . $phpEx); +if (!class_exists('phpbb_error_collector')) +{ + include($phpbb_root_path . 'includes/error_collector.' . $phpEx); +} + /** * PostgreSQL Database Abstraction Layer * Minimum Requirement is Version 7.3+ @@ -26,6 +31,7 @@ include_once($phpbb_root_path . 'includes/db/dbal.' . $phpEx); class dbal_postgres extends dbal { var $last_query_text = ''; + var $connect_error = ''; /** * Connect to server @@ -81,13 +87,29 @@ class dbal_postgres extends dbal if ($this->persistency) { + if (!function_exists('pg_pconnect')) + { + $this->connect_error = 'pg_pconnect function does not exist, is pgsql extension installed?'; + return $this->sql_error(''); + } + $collector = new phpbb_error_collector; + $collector->install(); $this->db_connect_id = (!$new_link) ? @pg_pconnect($connect_string) : @pg_pconnect($connect_string, PGSQL_CONNECT_FORCE_NEW); } else { + if (!function_exists('pg_connect')) + { + $this->connect_error = 'pg_connect function does not exist, is pgsql extension installed?'; + return $this->sql_error(''); + } + $collector = new phpbb_error_collector; + $collector->install(); $this->db_connect_id = (!$new_link) ? @pg_connect($connect_string) : @pg_connect($connect_string, PGSQL_CONNECT_FORCE_NEW); } + $collector->uninstall(); + if ($this->db_connect_id) { if (version_compare($this->sql_server_info(true), '8.2', '>=')) @@ -102,6 +124,7 @@ class dbal_postgres extends dbal return $this->db_connect_id; } + $this->connect_error = $collector->format_errors(); return $this->sql_error(''); } @@ -371,8 +394,19 @@ class dbal_postgres extends dbal */ function _sql_error() { + // pg_last_error only works when there is an established connection. + // Connection errors have to be tracked by us manually. + if ($this->db_connect_id) + { + $message = @pg_last_error($this->db_connect_id); + } + else + { + $message = $this->connect_error; + } + return array( - 'message' => (!$this->db_connect_id) ? @pg_last_error() : @pg_last_error($this->db_connect_id), + 'message' => $message, 'code' => '' ); } diff --git a/phpBB/includes/error_collector.php b/phpBB/includes/error_collector.php new file mode 100644 index 0000000000..55834f354c --- /dev/null +++ b/phpBB/includes/error_collector.php @@ -0,0 +1,61 @@ +errors = array(); + } + + function install() + { + set_error_handler(array(&$this, 'error_handler')); + } + + function uninstall() + { + restore_error_handler(); + } + + function error_handler($errno, $msg_text, $errfile, $errline) + { + $this->errors[] = array($errno, $msg_text, $errfile, $errline); + } + + function format_errors() + { + $text = ''; + foreach ($this->errors as $error) + { + if (!empty($text)) + { + $text .= "
        \n"; + } + list($errno, $msg_text, $errfile, $errline) = $error; + $text .= "Errno $errno: $msg_text"; + if (defined('DEBUG_EXTRA') || defined('IN_INSTALL')) + { + $text .= " at $errfile line $errline"; + } + } + return $text; + } +} diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 561a9906c4..b1c1c14d0c 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -175,8 +175,13 @@ function set_config_count($config_name, $increment, $is_dynamic = false) switch ($db->sql_layer) { case 'firebird': + // Precision must be from 1 to 18 + $sql_update = 'CAST(CAST(config_value as DECIMAL(18, 0)) + ' . (int) $increment . ' as VARCHAR(255))'; + break; + case 'postgres': - $sql_update = 'CAST(CAST(config_value as DECIMAL(255, 0)) + ' . (int) $increment . ' as VARCHAR(255))'; + // Need to cast to text first for PostgreSQL 7.x + $sql_update = 'CAST(CAST(config_value::text as DECIMAL(255, 0)) + ' . (int) $increment . ' as VARCHAR(255))'; break; // MySQL, SQlite, mssql, mssql_odbc, oracle @@ -236,14 +241,30 @@ function unique_id($extra = 'c') if ($dss_seeded !== true && ($config['rand_seed_last_update'] < time() - rand(1,10))) { - set_config('rand_seed', $config['rand_seed'], true); set_config('rand_seed_last_update', time(), true); + set_config('rand_seed', $config['rand_seed'], true); $dss_seeded = true; } return substr($val, 4, 16); } +/** +* Wrapper for mt_rand() which allows swapping $min and $max parameters. +* +* PHP does not allow us to swap the order of the arguments for mt_rand() anymore. +* (since PHP 5.3.4, see http://bugs.php.net/46587) +* +* @param int $min Lowest value to be returned +* @param int $max Highest value to be returned +* +* @return int Random integer between $min and $max (or $max and $min) +*/ +function phpbb_mt_rand($min, $max) +{ + return ($min > $max) ? mt_rand($max, $min) : mt_rand($min, $max); +} + /** * Return formatted string for filesizes * @@ -512,7 +533,7 @@ function _hash_crypt_private($password, $setting, &$itoa64) $output = '*'; // Check for correct hash - if (substr($setting, 0, 3) != '$H$') + if (substr($setting, 0, 3) != '$H$' && substr($setting, 0, 3) != '$P$') { return $output; } @@ -1698,7 +1719,7 @@ function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $s if ($config['load_db_lastread'] && $user->data['is_registered']) { // Get list of the unread topics - $last_mark = $user->data['user_lastmark']; + $last_mark = (int) $user->data['user_lastmark']; $sql_array = array( 'SELECT' => 't.topic_id, t.topic_last_post_time, tt.mark_time as topic_mark_time, ft.mark_time as forum_mark_time', @@ -1717,10 +1738,11 @@ function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $s ), 'WHERE' => " + t.topic_last_post_time > $last_mark AND ( (tt.mark_time IS NOT NULL AND t.topic_last_post_time > tt.mark_time) OR (tt.mark_time IS NULL AND ft.mark_time IS NOT NULL AND t.topic_last_post_time > ft.mark_time) OR - (tt.mark_time IS NULL AND ft.mark_time IS NULL AND t.topic_last_post_time > $last_mark) + (tt.mark_time IS NULL AND ft.mark_time IS NULL) ) $sql_extra $sql_sort", @@ -2248,7 +2270,10 @@ function append_sid($url, $params = false, $is_amp = true, $session_id = false) /** * Generate board url (example: http://www.example.com/phpBB) +* * @param bool $without_script_path if set to true the script path gets not appended (example: http://www.example.com) +* +* @return string the generated board url */ function generate_board_url($without_script_path = false) { @@ -2353,12 +2378,12 @@ function redirect($url, $return = false, $disable_cd_check = false) // Relative uri $pathinfo = pathinfo($url); - if (!$disable_cd_check && !file_exists($pathinfo['dirname'])) + if (!$disable_cd_check && !file_exists($pathinfo['dirname'] . '/')) { $url = str_replace('../', '', $url); $pathinfo = pathinfo($url); - if (!file_exists($pathinfo['dirname'])) + if (!file_exists($pathinfo['dirname'] . '/')) { // fallback to "last known user page" // at least this way we know the user does not leave the phpBB root @@ -2630,8 +2655,14 @@ function send_status_line($code, $message) } else { - if (isset($_SERVER['HTTP_VERSION'])) + if (!empty($_SERVER['SERVER_PROTOCOL'])) { + $version = $_SERVER['SERVER_PROTOCOL']; + } + else if (!empty($_SERVER['HTTP_VERSION'])) + { + // I cannot remember where I got this from. + // This code path may never be reachable in reality. $version = $_SERVER['HTTP_VERSION']; } else @@ -3428,6 +3459,48 @@ function get_preg_expression($mode) return ''; } +/** +* Generate regexp for naughty words censoring +* Depends on whether installed PHP version supports unicode properties +* +* @param string $word word template to be replaced +* @param bool $use_unicode whether or not to take advantage of PCRE supporting unicode +* +* @return string $preg_expr regex to use with word censor +*/ +function get_censor_preg_expression($word, $use_unicode = true) +{ + static $unicode_support = null; + + // Check whether PHP version supports unicode properties + if (is_null($unicode_support)) + { + $unicode_support = ((version_compare(PHP_VERSION, '5.1.0', '>=') || (version_compare(PHP_VERSION, '5.0.0-dev', '<=') && version_compare(PHP_VERSION, '4.4.0', '>='))) && @preg_match('/\p{L}/u', 'a') !== false) ? true : false; + } + + // Unescape the asterisk to simplify further conversions + $word = str_replace('\*', '*', preg_quote($word, '#')); + + if ($use_unicode && $unicode_support) + { + // Replace asterisk(s) inside the pattern, at the start and at the end of it with regexes + $word = preg_replace(array('#(?<=[\p{Nd}\p{L}_])\*+(?=[\p{Nd}\p{L}_])#iu', '#^\*+#', '#\*+$#'), array('([\x20]*?|[\p{Nd}\p{L}_-]*?)', '[\p{Nd}\p{L}_-]*?', '[\p{Nd}\p{L}_-]*?'), $word); + + // Generate the final substitution + $preg_expr = '#(?[phpBB Debug] PHP Notice: in file ' . $errfile . ' on line ' . $errline . ': ' . $msg_text . '
        ' . "\n"; + $error_name = ($errno === E_WARNING) ? 'PHP Warning' : 'PHP Notice'; + echo '[phpBB Debug] ' . $error_name . ': in file ' . $errfile . ' on line ' . $errline . ': ' . $msg_text . '
        ' . "\n"; // we are writing an image - the user won't see the debug, so let's place it in the log if (defined('IMAGE_OUTPUT') || defined('IN_CRON')) @@ -3792,7 +3851,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline) echo ' '; echo ' '; echo '
        '; - echo ' Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group'; + echo ' Powered by phpBB® Forum Software © phpBB Group'; echo '
        '; echo ''; echo ''; @@ -4208,7 +4267,7 @@ function phpbb_http_login($param) if (!is_null($username) && is_null($password) && strpos($username, 'Basic ') === 0) { list($username, $password) = explode(':', base64_decode(substr($username, 6)), 2); - } + } if (!is_null($username) && !is_null($password)) { @@ -4258,7 +4317,21 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 // gzip_compression if ($config['gzip_compress']) { - if (@extension_loaded('zlib') && !headers_sent()) + // to avoid partially compressed output resulting in blank pages in + // the browser or error messages, compression is disabled in a few cases: + // + // 1) if headers have already been sent, this indicates plaintext output + // has been started so further content must not be compressed + // 2) the length of the current output buffer is non-zero. This means + // there is already some uncompressed content in this output buffer + // so further output must not be compressed + // 3) if more than one level of output buffering is used because we + // cannot test all output buffer level content lengths. One level + // could be caused by php.ini output_buffering. Anything + // beyond that is manual, so the code wrapping phpBB in output buffering + // can easily compress the output itself. + // + if (@extension_loaded('zlib') && !headers_sent() && ob_get_level() <= 1 && ob_get_length() == 0) { ob_start('ob_gzhandler'); } @@ -4379,6 +4452,12 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 $user_lang = substr($user_lang, 0, strpos($user_lang, '-x-')); } + $s_search_hidden_fields = array(); + if ($_SID) + { + $s_search_hidden_fields['sid'] = $_SID; + } + // The following assigns all _common_ variables that may be used at any point in a template. $template->assign_vars(array( 'SITENAME' => $config['sitename'], @@ -4468,11 +4547,13 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 'S_LOAD_UNREADS' => ($config['load_unreads_search'] && ($config['load_anon_lastread'] || $user->data['is_registered'])) ? true : false, + 'S_SEARCH_HIDDEN_FIELDS' => build_hidden_fields($s_search_hidden_fields), + 'T_THEME_PATH' => "{$web_path}styles/" . $user->theme['theme_path'] . '/theme', 'T_TEMPLATE_PATH' => "{$web_path}styles/" . $user->theme['template_path'] . '/template', 'T_SUPER_TEMPLATE_PATH' => (isset($user->theme['template_inherit_path']) && $user->theme['template_inherit_path']) ? "{$web_path}styles/" . $user->theme['template_inherit_path'] . '/template' : "{$web_path}styles/" . $user->theme['template_path'] . '/template', 'T_IMAGESET_PATH' => "{$web_path}styles/" . $user->theme['imageset_path'] . '/imageset', - 'T_IMAGESET_LANG_PATH' => "{$web_path}styles/" . $user->theme['imageset_path'] . '/imageset/' . $user->data['user_lang'], + 'T_IMAGESET_LANG_PATH' => "{$web_path}styles/" . $user->theme['imageset_path'] . '/imageset/' . $user->lang_name, 'T_IMAGES_PATH' => "{$web_path}images/", 'T_SMILIES_PATH' => "{$web_path}{$config['smilies_path']}/", 'T_AVATAR_PATH' => "{$web_path}{$config['avatar_path']}/", @@ -4480,7 +4561,7 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 'T_ICONS_PATH' => "{$web_path}{$config['icons_path']}/", 'T_RANKS_PATH' => "{$web_path}{$config['ranks_path']}/", 'T_UPLOAD_PATH' => "{$web_path}{$config['upload_path']}/", - 'T_STYLESHEET_LINK' => (!$user->theme['theme_storedb']) ? "{$web_path}styles/" . $user->theme['theme_path'] . '/theme/stylesheet.css' : append_sid("{$phpbb_root_path}style.$phpEx", 'id=' . $user->theme['style_id'] . '&lang=' . $user->data['user_lang']), + 'T_STYLESHEET_LINK' => (!$user->theme['theme_storedb']) ? "{$web_path}styles/" . $user->theme['theme_path'] . '/theme/stylesheet.css' : append_sid("{$phpbb_root_path}style.$phpEx", 'id=' . $user->theme['style_id'] . '&lang=' . $user->lang_name), 'T_STYLESHEET_NAME' => $user->theme['theme_name'], 'T_THEME_NAME' => $user->theme['theme_path'], @@ -4558,7 +4639,7 @@ function page_footer($run_cron = true) // Call cron-type script $call_cron = false; - if (!defined('IN_CRON') && $run_cron && !$config['board_disable']) + if (!defined('IN_CRON') && $run_cron && !$config['board_disable'] && !$user->data['is_bot']) { $call_cron = true; $time_now = (!empty($user->time_now) && is_int($user->time_now)) ? $user->time_now : time(); @@ -4662,7 +4743,7 @@ function exit_handler() } // As a pre-caution... some setups display a blank page if the flush() is not there. - (empty($config['gzip_compress'])) ? @flush() : @ob_flush(); + (ob_get_level() > 0) ? @ob_flush() : @flush(); exit; } diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index 2aa12adb2e..cb0cf34e69 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -2506,6 +2506,7 @@ function cache_moderators() /** * View log +* If $log_count is set to false, we will skip counting all entries in the database. */ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id = 0, $topic_id = 0, $user_id = 0, $limit_days = 0, $sort_by = 'l.log_time DESC', $keywords = '') { @@ -2761,16 +2762,19 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id } } - $sql = 'SELECT COUNT(l.log_id) AS total_entries - FROM ' . LOG_TABLE . ' l, ' . USERS_TABLE . " u - WHERE l.log_type = $log_type - AND l.user_id = u.user_id - AND l.log_time >= $limit_days - $sql_keywords - $sql_forum"; - $result = $db->sql_query($sql); - $log_count = (int) $db->sql_fetchfield('total_entries'); - $db->sql_freeresult($result); + if ($log_count !== false) + { + $sql = 'SELECT COUNT(l.log_id) AS total_entries + FROM ' . LOG_TABLE . ' l, ' . USERS_TABLE . " u + WHERE l.log_type = $log_type + AND l.user_id = u.user_id + AND l.log_time >= $limit_days + $sql_keywords + $sql_forum"; + $result = $db->sql_query($sql); + $log_count = (int) $db->sql_fetchfield('total_entries'); + $db->sql_freeresult($result); + } return; } diff --git a/phpBB/includes/functions_convert.php b/phpBB/includes/functions_convert.php index 9e26043b39..4a359dcade 100644 --- a/phpBB/includes/functions_convert.php +++ b/phpBB/includes/functions_convert.php @@ -1816,6 +1816,7 @@ function add_bots() 'Alta Vista [Bot]' => array('Scooter/', ''), 'Ask Jeeves [Bot]' => array('Ask Jeeves', ''), 'Baidu [Spider]' => array('Baiduspider+(', ''), + 'Bing [Bot]' => array('bingbot/', ''), 'Exabot [Bot]' => array('Exabot/', ''), 'FAST Enterprise [Crawler]' => array('FAST Enterprise Crawler', ''), 'FAST WebCrawler [Crawler]' => array('FAST-WebCrawler/', ''), diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php index 2de7e1b169..d7422aa2c9 100644 --- a/phpBB/includes/functions_display.php +++ b/phpBB/includes/functions_display.php @@ -456,7 +456,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod 'S_LOCKED_FORUM' => ($row['forum_status'] == ITEM_LOCKED) ? true : false, 'S_LIST_SUBFORUMS' => ($row['display_subforum_list']) ? true : false, 'S_SUBFORUMS' => (sizeof($subforums_list)) ? true : false, - 'S_FEED_ENABLED' => ($config['feed_forum'] && !phpbb_optionget(FORUM_OPTION_FEED_EXCLUDE, $row['forum_options'])) ? true : false, + 'S_FEED_ENABLED' => ($config['feed_forum'] && !phpbb_optionget(FORUM_OPTION_FEED_EXCLUDE, $row['forum_options']) && $row['forum_type'] == FORUM_POST) ? true : false, 'FORUM_ID' => $row['forum_id'], 'FORUM_NAME' => $row['forum_name'], @@ -477,7 +477,6 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod 'SUBFORUMS' => $s_subforums_list, 'L_SUBFORUM_STR' => $l_subforums, - 'L_FORUM_FOLDER_ALT' => $folder_alt, 'L_MODERATOR_STR' => $l_moderator, 'U_UNAPPROVED_TOPICS' => ($row['forum_id_unapproved_topics']) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&mode=unapproved_topics&f=' . $row['forum_id_unapproved_topics']) : '', diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index 6fd87db663..a641afbaed 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -388,7 +388,7 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage include_once($phpbb_root_path . 'includes/functions_upload.' . $phpEx); $upload = new fileupload(); - if ($config['check_attachment_content']) + if ($config['check_attachment_content'] && isset($config['mime_triggers'])) { $upload->set_disallowed_content(explode('|', $config['mime_triggers'])); } @@ -1479,7 +1479,7 @@ function delete_post($forum_id, $topic_id, $post_id, &$data) break; case 'delete_first_post': - $sql = 'SELECT p.post_id, p.poster_id, p.post_username, u.username, u.user_colour + $sql = 'SELECT p.post_id, p.poster_id, p.post_time, p.post_username, u.username, u.user_colour FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . " u WHERE p.topic_id = $topic_id AND p.poster_id = u.user_id @@ -1493,7 +1493,7 @@ function delete_post($forum_id, $topic_id, $post_id, &$data) $sql_data[FORUMS_TABLE] = ($data['post_approved']) ? 'forum_posts = forum_posts - 1' : ''; } - $sql_data[TOPICS_TABLE] = 'topic_poster = ' . intval($row['poster_id']) . ', topic_first_post_id = ' . intval($row['post_id']) . ", topic_first_poster_colour = '" . $db->sql_escape($row['user_colour']) . "', topic_first_poster_name = '" . (($row['poster_id'] == ANONYMOUS) ? $db->sql_escape($row['post_username']) : $db->sql_escape($row['username'])) . "'"; + $sql_data[TOPICS_TABLE] = 'topic_poster = ' . intval($row['poster_id']) . ', topic_first_post_id = ' . intval($row['post_id']) . ", topic_first_poster_colour = '" . $db->sql_escape($row['user_colour']) . "', topic_first_poster_name = '" . (($row['poster_id'] == ANONYMOUS) ? $db->sql_escape($row['post_username']) : $db->sql_escape($row['username'])) . "', topic_time = " . (int) $row['post_time']; // Decrementing topic_replies here is fine because this case only happens if there is more than one post within the topic - basically removing one "reply" $sql_data[TOPICS_TABLE] .= ', topic_replies_real = topic_replies_real - 1' . (($data['post_approved']) ? ', topic_replies = topic_replies - 1' : ''); @@ -2611,4 +2611,106 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u return $url; } +/** +* Handle topic bumping +* @param int $forum_id The ID of the forum the topic is being bumped belongs to +* @param int $topic_id The ID of the topic is being bumping +* @param array $post_data Passes some topic parameters: +* - 'topic_title' +* - 'topic_last_post_id' +* - 'topic_last_poster_id' +* - 'topic_last_post_subject' +* - 'topic_last_poster_name' +* - 'topic_last_poster_colour' +* @param int $bump_time The time at which topic was bumped, usually it is a current time as obtained via time(). +* @return string An URL to the bumped topic, example: ./viewtopic.php?forum_id=1&topic_id=2&p=3#p3 +*/ +function phpbb_bump_topic($forum_id, $topic_id, $post_data, $bump_time = false) +{ + global $config, $db, $user, $phpEx, $phpbb_root_path; + + if ($bump_time === false) + { + $bump_time = time(); + } + + // Begin bumping + $db->sql_transaction('begin'); + + // Update the topic's last post post_time + $sql = 'UPDATE ' . POSTS_TABLE . " + SET post_time = $bump_time + WHERE post_id = {$post_data['topic_last_post_id']} + AND topic_id = $topic_id"; + $db->sql_query($sql); + + // Sync the topic's last post time, the rest of the topic's last post data isn't changed + $sql = 'UPDATE ' . TOPICS_TABLE . " + SET topic_last_post_time = $bump_time, + topic_bumped = 1, + topic_bumper = " . $user->data['user_id'] . " + WHERE topic_id = $topic_id"; + $db->sql_query($sql); + + // Update the forum's last post info + $sql = 'UPDATE ' . FORUMS_TABLE . " + SET forum_last_post_id = " . $post_data['topic_last_post_id'] . ", + forum_last_poster_id = " . $post_data['topic_last_poster_id'] . ", + forum_last_post_subject = '" . $db->sql_escape($post_data['topic_last_post_subject']) . "', + forum_last_post_time = $bump_time, + forum_last_poster_name = '" . $db->sql_escape($post_data['topic_last_poster_name']) . "', + forum_last_poster_colour = '" . $db->sql_escape($post_data['topic_last_poster_colour']) . "' + WHERE forum_id = $forum_id"; + $db->sql_query($sql); + + // Update bumper's time of the last posting to prevent flood + $sql = 'UPDATE ' . USERS_TABLE . " + SET user_lastpost_time = $bump_time + WHERE user_id = " . $user->data['user_id']; + $db->sql_query($sql); + + $db->sql_transaction('commit'); + + // Mark this topic as posted to + markread('post', $forum_id, $topic_id, $bump_time); + + // Mark this topic as read + markread('topic', $forum_id, $topic_id, $bump_time); + + // Update forum tracking info + if ($config['load_db_lastread'] && $user->data['is_registered']) + { + $sql = 'SELECT mark_time + FROM ' . FORUMS_TRACK_TABLE . ' + WHERE user_id = ' . $user->data['user_id'] . ' + AND forum_id = ' . $forum_id; + $result = $db->sql_query($sql); + $f_mark_time = (int) $db->sql_fetchfield('mark_time'); + $db->sql_freeresult($result); + } + else if ($config['load_anon_lastread'] || $user->data['is_registered']) + { + $f_mark_time = false; + } + + if (($config['load_db_lastread'] && $user->data['is_registered']) || $config['load_anon_lastread'] || $user->data['is_registered']) + { + // Update forum info + $sql = 'SELECT forum_last_post_time + FROM ' . FORUMS_TABLE . ' + WHERE forum_id = ' . $forum_id; + $result = $db->sql_query($sql); + $forum_last_post_time = (int) $db->sql_fetchfield('forum_last_post_time'); + $db->sql_freeresult($result); + + update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_time, false); + } + + add_log('mod', $forum_id, $topic_id, 'LOG_BUMP_TOPIC', $post_data['topic_title']); + + $url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id&p={$post_data['topic_last_post_id']}") . "#p{$post_data['topic_last_post_id']}"; + + return $url; +} + ?> \ No newline at end of file diff --git a/phpBB/includes/functions_profile_fields.php b/phpBB/includes/functions_profile_fields.php index 78fe049f40..1eae2a9ad6 100644 --- a/phpBB/includes/functions_profile_fields.php +++ b/phpBB/includes/functions_profile_fields.php @@ -149,7 +149,18 @@ class custom_profile case FIELD_DROPDOWN: $field_value = (int) $field_value; - + + // retrieve option lang data if necessary + if (!isset($this->options_lang[$field_data['field_id']]) || !isset($this->options_lang[$field_data['field_id']][$field_data['lang_id']]) || !sizeof($this->options_lang[$file_data['field_id']][$field_data['lang_id']])) + { + $this->get_option_lang($field_data['field_id'], $field_data['lang_id'], FIELD_DROPDOWN, false); + } + + if (!isset($this->options_lang[$field_data['field_id']][$field_data['lang_id']][$field_value])) + { + return 'FIELD_INVALID_VALUE'; + } + if ($field_value == $field_data['field_novalue'] && $field_data['field_required']) { return 'FIELD_REQUIRED'; @@ -302,6 +313,7 @@ class custom_profile switch ($cp_result) { case 'FIELD_INVALID_DATE': + case 'FIELD_INVALID_VALUE': case 'FIELD_REQUIRED': $error = sprintf($user->lang[$cp_result], $row['lang_name']); break; diff --git a/phpBB/includes/functions_template.php b/phpBB/includes/functions_template.php index 1d3a4d74f8..8636dfe010 100644 --- a/phpBB/includes/functions_template.php +++ b/phpBB/includes/functions_template.php @@ -322,7 +322,7 @@ class template_compile // Is the designer wanting to call another loop in a loop? if (strpos($tag_args, '!') === 0) { - // Count the number if ! occurrences (not allowed in vars) + // Count the number of ! occurrences (not allowed in vars) $no_nesting = substr_count($tag_args, '!'); $tag_args = substr($tag_args, $no_nesting); } diff --git a/phpBB/includes/functions_upload.php b/phpBB/includes/functions_upload.php index 7f09cc1640..d5bbd80242 100644 --- a/phpBB/includes/functions_upload.php +++ b/phpBB/includes/functions_upload.php @@ -458,7 +458,7 @@ class fileerror extends filespec class fileupload { var $allowed_extensions = array(); - var $disallowed_content = array(); + var $disallowed_content = array('body', 'head', 'html', 'img', 'plaintext', 'a href', 'pre', 'script', 'table', 'title'); var $max_filesize = 0; var $min_width = 0; var $min_height = 0; @@ -539,7 +539,7 @@ class fileupload { if ($disallowed_content !== false && is_array($disallowed_content)) { - $this->disallowed_content = $disallowed_content; + $this->disallowed_content = array_diff($disallowed_content, array('')); } } diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index f2c80705ba..6b5cca8abb 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -482,44 +482,6 @@ function user_delete($mode, $user_id, $post_username = false) include($phpbb_root_path . 'includes/functions_admin.' . $phpEx); } - $sql = 'SELECT topic_id, COUNT(post_id) AS total_posts - FROM ' . POSTS_TABLE . " - WHERE poster_id = $user_id - GROUP BY topic_id"; - $result = $db->sql_query($sql); - - $topic_id_ary = array(); - while ($row = $db->sql_fetchrow($result)) - { - $topic_id_ary[$row['topic_id']] = $row['total_posts']; - } - $db->sql_freeresult($result); - - if (sizeof($topic_id_ary)) - { - $sql = 'SELECT topic_id, topic_replies, topic_replies_real - FROM ' . TOPICS_TABLE . ' - WHERE ' . $db->sql_in_set('topic_id', array_keys($topic_id_ary)); - $result = $db->sql_query($sql); - - $del_topic_ary = array(); - while ($row = $db->sql_fetchrow($result)) - { - if (max($row['topic_replies'], $row['topic_replies_real']) + 1 == $topic_id_ary[$row['topic_id']]) - { - $del_topic_ary[] = $row['topic_id']; - } - } - $db->sql_freeresult($result); - - if (sizeof($del_topic_ary)) - { - $sql = 'DELETE FROM ' . TOPICS_TABLE . ' - WHERE ' . $db->sql_in_set('topic_id', $del_topic_ary); - $db->sql_query($sql); - } - } - // Delete posts, attachments, etc. delete_posts('poster_id', $user_id); @@ -771,7 +733,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas } else { - trigger_error('LENGTH_BAN_INVALID'); + trigger_error('LENGTH_BAN_INVALID', E_USER_WARNING); } } } @@ -831,7 +793,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas // Make sure we have been given someone to ban if (!sizeof($sql_usernames)) { - trigger_error('NO_USER_SPECIFIED'); + trigger_error('NO_USER_SPECIFIED', E_USER_WARNING); } $sql = 'SELECT user_id @@ -862,7 +824,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas else { $db->sql_freeresult($result); - trigger_error('NO_USERS'); + trigger_error('NO_USERS', E_USER_WARNING); } $db->sql_freeresult($result); break; @@ -964,7 +926,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas if (empty($banlist_ary)) { - trigger_error('NO_IPS_DEFINED'); + trigger_error('NO_IPS_DEFINED', E_USER_WARNING); } } break; @@ -992,12 +954,12 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas if (sizeof($ban_list) == 0) { - trigger_error('NO_EMAILS_DEFINED'); + trigger_error('NO_EMAILS_DEFINED', E_USER_WARNING); } break; default: - trigger_error('NO_MODE'); + trigger_error('NO_MODE', E_USER_WARNING); break; } @@ -1459,6 +1421,31 @@ function validate_match($string, $optional = false, $match = '') return false; } +/** +* Validate Language Pack ISO Name +* +* Tests whether a language name is valid and installed +* +* @param string $lang_iso The language string to test +* +* @return bool|string Either false if validation succeeded or +* a string which will be used as the error message +* (with the variable name appended) +*/ +function validate_language_iso_name($lang_iso) +{ + global $db; + + $sql = 'SELECT lang_id + FROM ' . LANG_TABLE . " + WHERE lang_iso = '" . $db->sql_escape($lang_iso) . "'"; + $result = $db->sql_query($sql); + $lang_id = (int) $db->sql_fetchfield('lang_id'); + $db->sql_freeresult($result); + + return ($lang_id) ? false : 'WRONG_DATA'; +} + /** * Check to see if the username has been taken, or if it is disallowed. * Also checks if it includes the " character, which we don't allow in usernames. @@ -1618,8 +1605,9 @@ function validate_password($password) { global $config, $db, $user; - if (!$password) + if ($password === '' || $config['pass_complex'] === 'PASS_TYPE_ANY') { + // Password empty or no password complexity required. return false; } @@ -1630,7 +1618,6 @@ function validate_password($password) { $upp = '\p{Lu}'; $low = '\p{Ll}'; - $let = '\p{L}'; $num = '\p{N}'; $sym = '[^\p{Lu}\p{Ll}\p{N}]'; $pcre = true; @@ -1640,7 +1627,6 @@ function validate_password($password) mb_regex_encoding('UTF-8'); $upp = '[[:upper:]]'; $low = '[[:lower:]]'; - $let = '[[:lower:][:upper:]]'; $num = '[[:digit:]]'; $sym = '[^[:upper:][:lower:][:digit:]]'; $mbstring = true; @@ -1649,7 +1635,6 @@ function validate_password($password) { $upp = '[A-Z]'; $low = '[a-z]'; - $let = '[a-zA-Z]'; $num = '[0-9]'; $sym = '[^A-Za-z0-9]'; $pcre = true; @@ -1659,22 +1644,22 @@ function validate_password($password) switch ($config['pass_complex']) { + // No break statements below ... + // We require strong passwords in case pass_complex is not set or is invalid + default: + + // Require mixed case letters, numbers and symbols + case 'PASS_TYPE_SYMBOL': + $chars[] = $sym; + + // Require mixed case letters and numbers + case 'PASS_TYPE_ALPHA': + $chars[] = $num; + + // Require mixed case letters case 'PASS_TYPE_CASE': $chars[] = $low; $chars[] = $upp; - break; - - case 'PASS_TYPE_ALPHA': - $chars[] = $let; - $chars[] = $num; - break; - - case 'PASS_TYPE_SYMBOL': - $chars[] = $low; - $chars[] = $upp; - $chars[] = $num; - $chars[] = $sym; - break; } if ($pcre) @@ -2080,7 +2065,7 @@ function avatar_upload($data, &$error) // Init upload class include_once($phpbb_root_path . 'includes/functions_upload.' . $phpEx); - $upload = new fileupload('AVATAR_', array('jpg', 'jpeg', 'gif', 'png'), $config['avatar_filesize'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], explode('|', $config['mime_triggers'])); + $upload = new fileupload('AVATAR_', array('jpg', 'jpeg', 'gif', 'png'), $config['avatar_filesize'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], (isset($config['mime_triggers']) ? explode('|', $config['mime_triggers']) : false)); if (!empty($_FILES['uploadfile']['name'])) { diff --git a/phpBB/includes/mcp/mcp_front.php b/phpBB/includes/mcp/mcp_front.php index 50e14b9336..af262baa29 100644 --- a/phpBB/includes/mcp/mcp_front.php +++ b/phpBB/includes/mcp/mcp_front.php @@ -350,7 +350,7 @@ function mcp_front_view($id, $mode, $action) // Add forum_id 0 for global announcements $forum_list[] = 0; - $log_count = 0; + $log_count = false; $log = array(); view_log('mod', $log, $log_count, 5, 0, $forum_list); diff --git a/phpBB/includes/mcp/mcp_main.php b/phpBB/includes/mcp/mcp_main.php index d5551f5114..ad10a52705 100644 --- a/phpBB/includes/mcp/mcp_main.php +++ b/phpBB/includes/mcp/mcp_main.php @@ -1048,37 +1048,38 @@ function mcp_fork_topic($topic_ids) $total_posts = 0; $new_topic_id_list = array(); - if ($topic_data['enable_indexing']) - { - // Select the search method and do some additional checks to ensure it can actually be utilised - $search_type = basename($config['search_type']); - - if (!file_exists($phpbb_root_path . 'includes/search/' . $search_type . '.' . $phpEx)) - { - trigger_error('NO_SUCH_SEARCH_MODULE'); - } - - if (!class_exists($search_type)) - { - include("{$phpbb_root_path}includes/search/$search_type.$phpEx"); - } - - $error = false; - $search = new $search_type($error); - $search_mode = 'post'; - - if ($error) - { - trigger_error($error); - } - } - else - { - $search_type = false; - } foreach ($topic_data as $topic_id => $topic_row) { + if (!isset($search_type) && $topic_row['enable_indexing']) + { + // Select the search method and do some additional checks to ensure it can actually be utilised + $search_type = basename($config['search_type']); + + if (!file_exists($phpbb_root_path . 'includes/search/' . $search_type . '.' . $phpEx)) + { + trigger_error('NO_SUCH_SEARCH_MODULE'); + } + + if (!class_exists($search_type)) + { + include("{$phpbb_root_path}includes/search/$search_type.$phpEx"); + } + + $error = false; + $search = new $search_type($error); + $search_mode = 'post'; + + if ($error) + { + trigger_error($error); + } + } + else if (!isset($search_type) && !$topic_row['enable_indexing']) + { + $search_type = false; + } + $sql_ary = array( 'forum_id' => (int) $to_forum_id, 'icon_id' => (int) $topic_row['icon_id'], @@ -1187,9 +1188,9 @@ function mcp_fork_topic($topic_ids) // Copy whether the topic is dotted markread('post', $to_forum_id, $new_topic_id, 0, $row['poster_id']); - if ($search_type) + if (!empty($search_type)) { - $search->index($search_mode, $sql_ary['post_id'], $sql_ary['post_text'], $sql_ary['post_subject'], $sql_ary['poster_id'], ($topic_row['topic_type'] == POST_GLOBAL) ? 0 : $to_forum_id); + $search->index($search_mode, $new_post_id, $sql_ary['post_text'], $sql_ary['post_subject'], $sql_ary['poster_id'], ($topic_row['topic_type'] == POST_GLOBAL) ? 0 : $to_forum_id); $search_mode = 'reply'; // After one we index replies } diff --git a/phpBB/includes/mcp/mcp_post.php b/phpBB/includes/mcp/mcp_post.php index 7098b4bbce..de7f3e63ee 100644 --- a/phpBB/includes/mcp/mcp_post.php +++ b/phpBB/includes/mcp/mcp_post.php @@ -227,10 +227,10 @@ function mcp_post_details($id, $mode, $action) // Get User Notes $log_data = array(); - $log_count = 0; + $log_count = false; view_log('user', $log_data, $log_count, $config['posts_per_page'], 0, 0, 0, $post_info['user_id']); - if ($log_count) + if (!empty($log_data)) { $template->assign_var('S_USER_NOTES', true); diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index b2d0b6c566..a134fab5d3 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -102,27 +102,29 @@ class bbcode_firstpass extends bbcode /** * Init bbcode data for later parsing */ - function bbcode_init() + function bbcode_init($allow_custom_bbcode = true) { static $rowset; // This array holds all bbcode data. BBCodes will be processed in this // order, so it is important to keep [code] in first position and // [quote] in second position. + // To parse multiline URL we enable dotall option setting only for URL text + // but not for link itself, thus [url][/url] is not affected. $this->bbcodes = array( - 'code' => array('bbcode_id' => 8, 'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#ise' => "\$this->bbcode_code('\$1', '\$2')")), - 'quote' => array('bbcode_id' => 0, 'regexp' => array('#\[quote(?:="(.*?)")?\](.+)\[/quote\]#ise' => "\$this->bbcode_quote('\$0')")), - 'attachment' => array('bbcode_id' => 12, 'regexp' => array('#\[attachment=([0-9]+)\](.*?)\[/attachment\]#ise' => "\$this->bbcode_attachment('\$1', '\$2')")), - 'b' => array('bbcode_id' => 1, 'regexp' => array('#\[b\](.*?)\[/b\]#ise' => "\$this->bbcode_strong('\$1')")), - 'i' => array('bbcode_id' => 2, 'regexp' => array('#\[i\](.*?)\[/i\]#ise' => "\$this->bbcode_italic('\$1')")), - 'url' => array('bbcode_id' => 3, 'regexp' => array('#\[url(=(.*))?\](.*)\[/url\]#iUe' => "\$this->validate_url('\$2', '\$3')")), - 'img' => array('bbcode_id' => 4, 'regexp' => array('#\[img\](.*)\[/img\]#iUe' => "\$this->bbcode_img('\$1')")), - 'size' => array('bbcode_id' => 5, 'regexp' => array('#\[size=([\-\+]?\d+)\](.*?)\[/size\]#ise' => "\$this->bbcode_size('\$1', '\$2')")), - 'color' => array('bbcode_id' => 6, 'regexp' => array('!\[color=(#[0-9a-f]{3}|#[0-9a-f]{6}|[a-z\-]+)\](.*?)\[/color\]!ise' => "\$this->bbcode_color('\$1', '\$2')")), - 'u' => array('bbcode_id' => 7, 'regexp' => array('#\[u\](.*?)\[/u\]#ise' => "\$this->bbcode_underline('\$1')")), - 'list' => array('bbcode_id' => 9, 'regexp' => array('#\[list(?:=(?:[a-z0-9]|disc|circle|square))?].*\[/list]#ise' => "\$this->bbcode_parse_list('\$0')")), - 'email' => array('bbcode_id' => 10, 'regexp' => array('#\[email=?(.*?)?\](.*?)\[/email\]#ise' => "\$this->validate_email('\$1', '\$2')")), - 'flash' => array('bbcode_id' => 11, 'regexp' => array('#\[flash=([0-9]+),([0-9]+)\](.*?)\[/flash\]#ie' => "\$this->bbcode_flash('\$1', '\$2', '\$3')")) + 'code' => array('bbcode_id' => 8, 'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#uise' => "\$this->bbcode_code('\$1', '\$2')")), + 'quote' => array('bbcode_id' => 0, 'regexp' => array('#\[quote(?:="(.*?)")?\](.+)\[/quote\]#uise' => "\$this->bbcode_quote('\$0')")), + 'attachment' => array('bbcode_id' => 12, 'regexp' => array('#\[attachment=([0-9]+)\](.*?)\[/attachment\]#uise' => "\$this->bbcode_attachment('\$1', '\$2')")), + 'b' => array('bbcode_id' => 1, 'regexp' => array('#\[b\](.*?)\[/b\]#uise' => "\$this->bbcode_strong('\$1')")), + 'i' => array('bbcode_id' => 2, 'regexp' => array('#\[i\](.*?)\[/i\]#uise' => "\$this->bbcode_italic('\$1')")), + 'url' => array('bbcode_id' => 3, 'regexp' => array('#\[url(=(.*))?\](?(1)((?s).*(?-s))|(.*))\[/url\]#uiUe' => "\$this->validate_url('\$2', ('\$3') ? '\$3' : '\$4')")), + 'img' => array('bbcode_id' => 4, 'regexp' => array('#\[img\](.*)\[/img\]#uiUe' => "\$this->bbcode_img('\$1')")), + 'size' => array('bbcode_id' => 5, 'regexp' => array('#\[size=([\-\+]?\d+)\](.*?)\[/size\]#uise' => "\$this->bbcode_size('\$1', '\$2')")), + 'color' => array('bbcode_id' => 6, 'regexp' => array('!\[color=(#[0-9a-f]{3}|#[0-9a-f]{6}|[a-z\-]+)\](.*?)\[/color\]!uise' => "\$this->bbcode_color('\$1', '\$2')")), + 'u' => array('bbcode_id' => 7, 'regexp' => array('#\[u\](.*?)\[/u\]#uise' => "\$this->bbcode_underline('\$1')")), + 'list' => array('bbcode_id' => 9, 'regexp' => array('#\[list(?:=(?:[a-z0-9]|disc|circle|square))?].*\[/list]#uise' => "\$this->bbcode_parse_list('\$0')")), + 'email' => array('bbcode_id' => 10, 'regexp' => array('#\[email=?(.*?)?\](.*?)\[/email\]#uise' => "\$this->validate_email('\$1', '\$2')")), + 'flash' => array('bbcode_id' => 11, 'regexp' => array('#\[flash=([0-9]+),([0-9]+)\](.*?)\[/flash\]#uie' => "\$this->bbcode_flash('\$1', '\$2', '\$3')")) ); // Zero the parsed items array @@ -133,6 +135,11 @@ class bbcode_firstpass extends bbcode $this->parsed_items[$tag] = 0; } + if (!$allow_custom_bbcode) + { + return; + } + if (!is_array($rowset)) { global $db; @@ -1332,7 +1339,9 @@ class parse_message extends bbcode_firstpass { if ($max_smilies) { - $num_matches = preg_match_all('#(?<=^|[\n .])(?:' . implode('|', $match) . ')(?![^<>]*>)#', $this->message, $matches); + // 'u' modifier has been added to correctly parse smilies within unicode strings + // For details: http://tracker.phpbb.com/browse/PHPBB3-10117 + $num_matches = preg_match_all('#(?<=^|[\n .])(?:' . implode('|', $match) . ')(?![^<>]*>)#u', $this->message, $matches); unset($matches); if ($num_matches !== false && $num_matches > $max_smilies) @@ -1343,7 +1352,10 @@ class parse_message extends bbcode_firstpass } // Make sure the delimiter # is added in front and at the end of every element within $match - $this->message = trim(preg_replace(explode(chr(0), '#(?<=^|[\n .])' . implode('(?![^<>]*>)#' . chr(0) . '#(?<=^|[\n .])', $match) . '(?![^<>]*>)#'), $replace, $this->message)); + // 'u' modifier has been added to correctly parse smilies within unicode strings + // For details: http://tracker.phpbb.com/browse/PHPBB3-10117 + + $this->message = trim(preg_replace(explode(chr(0), '#(?<=^|[\n .])' . implode('(?![^<>]*>)#u' . chr(0) . '#(?<=^|[\n .])', $match) . '(?![^<>]*>)#u'), $replace, $this->message)); } } diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 5f5b39fe27..e9e706e2b8 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -221,7 +221,7 @@ class session // if the forwarded for header shall be checked we have to validate its contents if ($config['forwarded_for_check']) { - $this->forwarded_for = preg_replace('#[ ]{2,}#', ' ', str_replace(array(',', ' '), ' ', $this->forwarded_for)); + $this->forwarded_for = preg_replace('# {2,}#', ' ', str_replace(',', ' ', $this->forwarded_for)); // split the list of IPs $ips = explode(' ', $this->forwarded_for); @@ -267,37 +267,42 @@ class session // Why no forwarded_for et al? Well, too easily spoofed. With the results of my recent requests // it's pretty clear that in the majority of cases you'll at least be left with a proxy/cache ip. - $this->ip = (!empty($_SERVER['REMOTE_ADDR'])) ? htmlspecialchars((string) $_SERVER['REMOTE_ADDR']) : ''; - $this->ip = preg_replace('#[ ]{2,}#', ' ', str_replace(array(',', ' '), ' ', $this->ip)); + $this->ip = (!empty($_SERVER['REMOTE_ADDR'])) ? (string) $_SERVER['REMOTE_ADDR'] : ''; + $this->ip = preg_replace('# {2,}#', ' ', str_replace(',', ' ', $this->ip)); // split the list of IPs - $ips = explode(' ', $this->ip); + $ips = explode(' ', trim($this->ip)); // Default IP if REMOTE_ADDR is invalid $this->ip = '127.0.0.1'; foreach ($ips as $ip) { - // check IPv4 first, the IPv6 is hopefully only going to be used very seldomly - if (!empty($ip) && !preg_match(get_preg_expression('ipv4'), $ip) && !preg_match(get_preg_expression('ipv6'), $ip)) + if (preg_match(get_preg_expression('ipv4'), $ip)) { - // Just break + $this->ip = $ip; + } + else if (preg_match(get_preg_expression('ipv6'), $ip)) + { + // Quick check for IPv4-mapped address in IPv6 + if (stripos($ip, '::ffff:') === 0) + { + $ipv4 = substr($ip, 7); + + if (preg_match(get_preg_expression('ipv4'), $ipv4)) + { + $ip = $ipv4; + } + } + + $this->ip = $ip; + } + else + { + // We want to use the last valid address in the chain + // Leave foreach loop when address is invalid break; } - - // Quick check for IPv4-mapped address in IPv6 - if (stripos($ip, '::ffff:') === 0) - { - $ipv4 = substr($ip, 7); - - if (preg_match(get_preg_expression('ipv4'), $ipv4)) - { - $ip = $ipv4; - } - } - - // Use the last in chain - $this->ip = $ip; } $this->load = false; @@ -583,6 +588,14 @@ class session $bot = false; } + // Bot user, if they have a SID in the Request URI we need to get rid of it + // otherwise they'll index this page with the SID, duplicate content oh my! + if ($bot && isset($_GET['sid'])) + { + send_status_line(301, 'Moved Permanently'); + redirect(build_url(array('sid'))); + } + // If no data was returned one or more of the following occurred: // Key didn't match one in the DB // User does not exist @@ -619,12 +632,6 @@ class session } else { - // Bot user, if they have a SID in the Request URI we need to get rid of it - // otherwise they'll index this page with the SID, duplicate content oh my! - if (isset($_GET['sid'])) - { - redirect(build_url(array('sid'))); - } $this->data['session_last_visit'] = $this->time_now; } @@ -999,6 +1006,10 @@ class session include($phpbb_root_path . "includes/captcha/captcha_factory." . $phpEx); } phpbb_captcha_factory::garbage_collect($config['captcha_plugin']); + + $sql = 'DELETE FROM ' . LOGIN_ATTEMPT_TABLE . ' + WHERE attempt_time < ' . (time() - (int) $config['ip_login_limit_time']); + $db->sql_query($sql); } return; @@ -1237,6 +1248,12 @@ class session $ip = $this->ip; } + // Neither Spamhaus nor Spamcop supports IPv6 addresses. + if (strpos($ip, ':') !== false) + { + return false; + } + $dnsbl_check = array( 'sbl.spamhaus.org' => 'http://www.spamhaus.org/query/bl?ip=', ); @@ -1966,6 +1983,7 @@ class user extends session $key_found = $num; } + break; } } @@ -2254,9 +2272,44 @@ class user extends session // Use URL if told so $root_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? generate_board_url() . '/' : $phpbb_root_path; - $img_data['src'] = $root_path . 'styles/' . rawurlencode($this->theme['imageset_path']) . '/imageset/' . ($this->img_array[$img]['image_lang'] ? $this->img_array[$img]['image_lang'] .'/' : '') . $this->img_array[$img]['image_filename']; + $path = 'styles/' . rawurlencode($this->theme['imageset_path']) . '/imageset/' . ($this->img_array[$img]['image_lang'] ? $this->img_array[$img]['image_lang'] .'/' : '') . $this->img_array[$img]['image_filename']; + + $img_data['src'] = $root_path . $path; $img_data['width'] = $this->img_array[$img]['image_width']; $img_data['height'] = $this->img_array[$img]['image_height']; + + // We overwrite the width and height to the phpbb logo's width + // and height here if the contents of the site_logo file are + // really equal to the phpbb_logo + // This allows us to change the dimensions of the phpbb_logo without + // modifying the imageset.cfg and causing a conflict for everyone + // who modified it for their custom logo on updating + if ($img == 'site_logo' && file_exists($phpbb_root_path . $path)) + { + global $cache; + + $img_file_hashes = $cache->get('imageset_site_logo_md5'); + + if ($img_file_hashes === false) + { + $img_file_hashes = array(); + } + + $key = $this->theme['imageset_path'] . '::' . $this->img_array[$img]['image_lang']; + if (!isset($img_file_hashes[$key])) + { + $img_file_hashes[$key] = md5(file_get_contents($phpbb_root_path . $path)); + $cache->put('imageset_site_logo_md5', $img_file_hashes); + } + + $phpbb_logo_hash = '0c461a32cd3621643105f0d02a772c10'; + + if ($phpbb_logo_hash == $img_file_hashes[$key]) + { + $img_data['width'] = '149'; + $img_data['height'] = '52'; + } + } } $alt = (!empty($this->lang[$alt])) ? $this->lang[$alt] : $alt; diff --git a/phpBB/includes/startup.php b/phpBB/includes/startup.php new file mode 100644 index 0000000000..ca9665da29 --- /dev/null +++ b/phpBB/includes/startup.php @@ -0,0 +1,150 @@ + true, + '_GET' => true, + '_POST' => true, + '_COOKIE' => true, + '_REQUEST' => true, + '_SERVER' => true, + '_SESSION' => true, + '_ENV' => true, + '_FILES' => true, + 'phpEx' => true, + 'phpbb_root_path' => true + ); + + // Not only will array_merge and array_keys give a warning if + // a parameter is not an array, array_merge will actually fail. + // So we check if _SESSION has been initialised. + if (!isset($_SESSION) || !is_array($_SESSION)) + { + $_SESSION = array(); + } + + // Merge all into one extremely huge array; unset this later + $input = array_merge( + array_keys($_GET), + array_keys($_POST), + array_keys($_COOKIE), + array_keys($_SERVER), + array_keys($_SESSION), + array_keys($_ENV), + array_keys($_FILES) + ); + + foreach ($input as $varname) + { + if (isset($not_unset[$varname])) + { + // Hacking attempt. No point in continuing unless it's a COOKIE (so a cookie called GLOBALS doesn't lock users out completely) + if ($varname !== 'GLOBALS' || isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_SERVER['GLOBALS']) || isset($_SESSION['GLOBALS']) || isset($_ENV['GLOBALS']) || isset($_FILES['GLOBALS'])) + { + exit; + } + else + { + $cookie = &$_COOKIE; + while (isset($cookie['GLOBALS'])) + { + if (!is_array($cookie['GLOBALS'])) + { + break; + } + + foreach ($cookie['GLOBALS'] as $registered_var => $value) + { + if (!isset($not_unset[$registered_var])) + { + unset($GLOBALS[$registered_var]); + } + } + $cookie = &$cookie['GLOBALS']; + } + } + } + + unset($GLOBALS[$varname]); + } + + unset($input); +} + +// If we are on PHP >= 6.0.0 we do not need some code +if (version_compare(PHP_VERSION, '6.0.0-dev', '>=')) +{ + /** + * @ignore + */ + define('STRIP', false); +} +else +{ + @set_magic_quotes_runtime(0); + + // Be paranoid with passed vars + if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on' || !function_exists('ini_get')) + { + deregister_globals(); + } + + define('STRIP', (get_magic_quotes_gpc()) ? true : false); +} + +// Prevent date/time functions from throwing E_WARNING on PHP 5.3 by setting a default timezone +if (function_exists('date_default_timezone_set') && function_exists('date_default_timezone_get')) +{ + // For PHP 5.1.0 the date/time functions have been rewritten + // and setting a timezone is required prior to calling any date/time function. + + // Since PHP 5.2.0 calls to date/time functions without having a timezone set + // result in E_STRICT errors being thrown. + // Note: We already exclude E_STRICT errors + // (to be exact: they are not included in E_ALL in PHP 5.2) + + // In PHP 5.3.0 the error level has been raised to E_WARNING which causes problems + // because we show E_WARNING errors and do not set a default timezone. + // This is because we have our own timezone handling and work in UTC only anyway. + + // So what we basically want to do is set our timezone to UTC, + // but we don't know what other scripts (such as bridges) are involved, + // so we check whether a timezone is already set by calling date_default_timezone_get(). + + // Unfortunately, date_default_timezone_get() itself might throw E_WARNING + // if no timezone has been set, so we have to keep it quiet with @. + + // date_default_timezone_get() tries to guess the correct timezone first + // and then falls back to UTC when everything fails. + // We just set the timezone to whatever date_default_timezone_get() returns. + date_default_timezone_set(@date_default_timezone_get()); +} + +$starttime = explode(' ', microtime()); +$starttime = $starttime[1] + $starttime[0]; diff --git a/phpBB/includes/template.php b/phpBB/includes/template.php index f1c8094a9b..9ac395344f 100644 --- a/phpBB/includes/template.php +++ b/phpBB/includes/template.php @@ -205,7 +205,7 @@ class template { global $user, $phpbb_hook; - if (!empty($phpbb_hook) && $phpbb_hook->call_hook(array(__CLASS__, __FUNCTION__), $handle, $include_once)) + if (!empty($phpbb_hook) && $phpbb_hook->call_hook(array(__CLASS__, __FUNCTION__), $handle, $include_once, $this)) { if ($phpbb_hook->hook_return(array(__CLASS__, __FUNCTION__))) { @@ -276,7 +276,7 @@ class template $this->files_template[$handle] = (isset($user->theme['template_id'])) ? $user->theme['template_id'] : 0; $recompile = false; - if (!file_exists($filename) || @filesize($filename) === 0) + if (!file_exists($filename) || @filesize($filename) === 0 || defined('DEBUG_EXTRA')) { $recompile = true; } diff --git a/phpBB/includes/ucp/ucp_activate.php b/phpBB/includes/ucp/ucp_activate.php index 8debaabf31..b00c1b9f52 100644 --- a/phpBB/includes/ucp/ucp_activate.php +++ b/phpBB/includes/ucp/ucp_activate.php @@ -98,6 +98,13 @@ class ucp_activate SET user_actkey = '' WHERE user_id = {$user_row['user_id']}"; $db->sql_query($sql); + + // Create the correct logs + add_log('user', $user_row['user_id'], 'LOG_USER_ACTIVE_USER'); + if ($auth->acl_get('a_user')) + { + add_log('admin', 'LOG_USER_ACTIVE', $user_row['username']); + } } if ($config['require_activation'] == USER_ACTIVATION_ADMIN && !$update_password) diff --git a/phpBB/includes/ucp/ucp_pm.php b/phpBB/includes/ucp/ucp_pm.php index e1c51170db..c675928a5b 100644 --- a/phpBB/includes/ucp/ucp_pm.php +++ b/phpBB/includes/ucp/ucp_pm.php @@ -115,7 +115,7 @@ class ucp_pm case 'compose': $action = request_var('action', 'post'); - get_folder($user->data['user_id']); + $user_folders = get_folder($user->data['user_id']); if (!$auth->acl_get('u_sendpm')) { @@ -130,7 +130,7 @@ class ucp_pm } include($phpbb_root_path . 'includes/ucp/ucp_pm_compose.' . $phpEx); - compose_pm($id, $mode, $action); + compose_pm($id, $mode, $action, $user_folders); $tpl_file = 'posting_body'; break; diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php index b596e72c41..05243e3d7a 100644 --- a/phpBB/includes/ucp/ucp_pm_compose.php +++ b/phpBB/includes/ucp/ucp_pm_compose.php @@ -20,7 +20,7 @@ if (!defined('IN_PHPBB')) * Compose private message * Called from ucp_pm with mode == 'compose' */ -function compose_pm($id, $mode, $action) +function compose_pm($id, $mode, $action, $user_folders = array()) { global $template, $db, $auth, $user; global $phpbb_root_path, $phpEx, $config; @@ -135,6 +135,7 @@ function compose_pm($id, $mode, $action) } $sql = ''; + $folder_id = 0; // What is all this following SQL for? Well, we need to know // some basic information in all cases before we do anything. @@ -398,7 +399,7 @@ function compose_pm($id, $mode, $action) unset($message_text); $s_action = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=$id&mode=$mode&action=$action", true, $user->session_id); - $s_action .= ($msg_id) ? "&p=$msg_id" : ''; + $s_action .= (($folder_id) ? "&f=$folder_id" : '') . (($msg_id) ? "&p=$msg_id" : ''); // Delete triggered ? if ($action == 'delete') @@ -741,10 +742,30 @@ function compose_pm($id, $mode, $action) $msg_id = submit_pm($action, $subject, $pm_data); $return_message_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=view&p=' . $msg_id); - $return_folder_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=outbox'); - meta_refresh(3, $return_message_url); + $inbox_folder_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=inbox'); + $outbox_folder_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=outbox'); - $message = $user->lang['MESSAGE_STORED'] . '

        ' . sprintf($user->lang['VIEW_PRIVATE_MESSAGE'], '', '') . '

        ' . sprintf($user->lang['CLICK_RETURN_FOLDER'], '', '', $user->lang['PM_OUTBOX']); + $folder_url = ''; + if (($folder_id > 0) && isset($user_folders[$folder_id])) + { + $folder_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=' . $folder_id); + } + + $return_box_url = ($action === 'post' || $action === 'edit') ? $outbox_folder_url : $inbox_folder_url; + $return_box_lang = ($action === 'post' || $action === 'edit') ? 'PM_OUTBOX' : 'PM_INBOX'; + + + $message = $user->lang['MESSAGE_STORED'] . '

        ' . sprintf($user->lang['VIEW_PRIVATE_MESSAGE'], '', ''); + + $last_click_type = 'CLICK_RETURN_FOLDER'; + if ($folder_url) + { + $message .= '

        ' . sprintf($user->lang['CLICK_RETURN_FOLDER'], '', '', $user_folders[$folder_id]['folder_name']); + $last_click_type = 'CLICK_GOTO_FOLDER'; + } + $message .= '

        ' . sprintf($user->lang[$last_click_type], '', '', $user->lang[$return_box_lang]); + + meta_refresh(3, $return_message_url); trigger_error($message); } diff --git a/phpBB/includes/ucp/ucp_pm_viewfolder.php b/phpBB/includes/ucp/ucp_pm_viewfolder.php index 6b7172ca2b..bd7bf89854 100644 --- a/phpBB/includes/ucp/ucp_pm_viewfolder.php +++ b/phpBB/includes/ucp/ucp_pm_viewfolder.php @@ -169,6 +169,7 @@ function view_folder($id, $mode, $folder_id, $folder) 'PM_IMG' => ($row_indicator) ? $user->img('pm_' . $row_indicator, '') : '', 'ATTACH_ICON_IMG' => ($auth->acl_get('u_pm_download') && $row['message_attachment'] && $config['allow_pm_attach']) ? $user->img('icon_topic_attach', $user->lang['TOTAL_ATTACHMENTS']) : '', + 'S_PM_UNREAD' => ($row['pm_unread']) ? true : false, 'S_PM_DELETED' => ($row['pm_deleted']) ? true : false, 'S_PM_REPORTED' => (isset($row['report_id'])) ? true : false, 'S_AUTHOR_DELETED' => ($row['author_id'] == ANONYMOUS) ? true : false, diff --git a/phpBB/includes/ucp/ucp_pm_viewmessage.php b/phpBB/includes/ucp/ucp_pm_viewmessage.php index 16700c490c..d0cfa1ffd2 100644 --- a/phpBB/includes/ucp/ucp_pm_viewmessage.php +++ b/phpBB/includes/ucp/ucp_pm_viewmessage.php @@ -172,6 +172,8 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) // Number of "to" recipients $num_recipients = (int) preg_match_all('/:?(u|g)_([0-9]+):?/', $message_row['to_address'], $match); + $bbcode_status = ($config['allow_bbcode'] && $config['auth_bbcode_pm'] && $auth->acl_get('u_pm_bbcode')) ? true : false; + $template->assign_vars(array( 'MESSAGE_AUTHOR_FULL' => get_username_string('full', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), 'MESSAGE_AUTHOR_COLOUR' => get_username_string('colour', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), @@ -206,7 +208,7 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) 'U_PM' => ($config['allow_privmsg'] && $auth->acl_get('u_sendpm') && ($user_info['user_allow_pm'] || $auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_'))) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=compose&u=' . $author_id) : '', 'U_WWW' => (!empty($user_info['user_website'])) ? $user_info['user_website'] : '', - 'U_ICQ' => ($user_info['user_icq']) ? 'http://www.icq.com/people/webmsg.php?to=' . urlencode($user_info['user_icq']) : '', + 'U_ICQ' => ($user_info['user_icq']) ? 'http://www.icq.com/people' . urlencode($user_info['user_icq']) . '/' : '', 'U_AIM' => ($user_info['user_aim'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=aim&u=' . $author_id) : '', 'U_YIM' => ($user_info['user_yim']) ? 'http://edit.yahoo.com/config/send_webmesg?.target=' . urlencode($user_info['user_yim']) . '&.src=pg' : '', 'U_MSN' => ($user_info['user_msnm'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=msnm&u=' . $author_id) : '', @@ -229,6 +231,7 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) 'S_AUTHOR_DELETED' => ($author_id == ANONYMOUS) ? true : false, 'S_SPECIAL_FOLDER' => in_array($folder_id, array(PRIVMSGS_NO_BOX, PRIVMSGS_OUTBOX)), 'S_PM_RECIPIENTS' => $num_recipients, + 'S_BBCODE_ALLOWED' => ($bbcode_status) ? 1 : 0, 'U_PRINT_PM' => ($config['print_pm'] && $auth->acl_get('u_pm_printpm')) ? "$url&f=$folder_id&p=" . $message_row['msg_id'] . "&view=print" : '', 'U_FORWARD_PM' => ($config['forward_pm'] && $auth->acl_get('u_sendpm') && $auth->acl_get('u_pm_forward')) ? "$url&mode=compose&action=forward&f=$folder_id&p=" . $message_row['msg_id'] : '') diff --git a/phpBB/includes/ucp/ucp_prefs.php b/phpBB/includes/ucp/ucp_prefs.php index cc8565e69d..13167b2b3d 100644 --- a/phpBB/includes/ucp/ucp_prefs.php +++ b/phpBB/includes/ucp/ucp_prefs.php @@ -65,7 +65,7 @@ class ucp_prefs $error = validate_data($data, array( 'dateformat' => array('string', false, 1, 30), - 'lang' => array('match', false, '#^[a-z0-9_\-]{2,}$#i'), + 'lang' => array('language_iso_name'), 'tz' => array('num', false, -14, 14), )); diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index 7fd99da55a..13b9945851 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -56,7 +56,7 @@ class ucp_register { $use_lang = ($change_lang) ? basename($change_lang) : basename($user_lang); - if (file_exists($user->lang_path . $use_lang . '/')) + if (!validate_language_iso_name($use_lang)) { if ($change_lang) { @@ -210,7 +210,7 @@ class ucp_register array('email')), 'email_confirm' => array('string', false, 6, 60), 'tz' => array('num', false, -14, 14), - 'lang' => array('match', false, '#^[a-z_\-]{2,}$#i'), + 'lang' => array('language_iso_name'), )); if (!check_form_key('ucp_register')) diff --git a/phpBB/install/convertors/convert_phpbb20.php b/phpBB/install/convertors/convert_phpbb20.php index efe2bc2962..7f6e3c0250 100644 --- a/phpBB/install/convertors/convert_phpbb20.php +++ b/phpBB/install/convertors/convert_phpbb20.php @@ -32,7 +32,7 @@ unset($dbpasswd); $convertor_data = array( 'forum_name' => 'phpBB 2.0.x', 'version' => '1.0.3', - 'phpbb_version' => '3.0.8', + 'phpbb_version' => '3.0.9', 'author' => 'phpBB Group', 'dbms' => $dbms, 'dbhost' => $dbhost, @@ -134,7 +134,7 @@ $config_schema = array( 'avatar_filesize' => 'avatar_filesize', 'avatar_max_width' => 'avatar_max_width', 'avatar_max_height' => 'avatar_max_height', - 'default_dateformat' => 'default_dateformat', + 'default_dateformat' => 'phpbb_set_encoding(default_dateformat)', 'board_timezone' => 'board_timezone', 'allow_privmsg' => 'not(privmsg_disable)', 'gzip_compress' => 'gzip_compress', diff --git a/phpBB/install/convertors/functions_phpbb20.php b/phpBB/install/convertors/functions_phpbb20.php index 78224dd5da..466f57a572 100644 --- a/phpBB/install/convertors/functions_phpbb20.php +++ b/phpBB/install/convertors/functions_phpbb20.php @@ -94,6 +94,7 @@ function phpbb_insert_forums() { case 'mssql': case 'mssql_odbc': + case 'mssqlnative': $db->sql_query('SET IDENTITY_INSERT ' . FORUMS_TABLE . ' ON'); break; } @@ -291,6 +292,7 @@ function phpbb_insert_forums() case 'mssql': case 'mssql_odbc': + case 'mssqlnative': $db->sql_query('SET IDENTITY_INSERT ' . FORUMS_TABLE . ' OFF'); break; @@ -1727,6 +1729,7 @@ function phpbb_create_userconv_table() case 'mssql': case 'mssql_odbc': + case 'mssqlnative': $map_dbms = 'mssql'; break; diff --git a/phpBB/install/database_update.php b/phpBB/install/database_update.php index 0ec9f24190..e73f859758 100644 --- a/phpBB/install/database_update.php +++ b/phpBB/install/database_update.php @@ -8,17 +8,21 @@ * */ -$updates_to_version = '3.0.8'; +define('UPDATES_TO_VERSION', '3.0.9'); // Enter any version to update from to test updates. The version within the db will not be updated. -$debug_from_version = false; +define('DEBUG_FROM_VERSION', false); // Which oldest version does this updater support? -$oldest_from_version = '3.0.0'; +define('OLDEST_FROM_VERSION', '3.0.0'); // Return if we "just include it" to find out for which version the database update is responsible for if (defined('IN_PHPBB') && defined('IN_INSTALL')) { + $updates_to_version = UPDATES_TO_VERSION; + $debug_from_version = DEBUG_FROM_VERSION; + $oldest_from_version = OLDEST_FROM_VERSION; + return; } @@ -30,12 +34,32 @@ define('IN_INSTALL', true); $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './../'; $phpEx = substr(strrchr(__FILE__, '.'), 1); -// Report all errors, except notices and deprecation messages -if (!defined('E_DEPRECATED')) +if (!function_exists('phpbb_require_updated')) { - define('E_DEPRECATED', 8192); + function phpbb_require_updated($path, $optional = false) + { + global $phpbb_root_path; + + $new_path = $phpbb_root_path . 'install/update/new/' . $path; + $old_path = $phpbb_root_path . $path; + + if (file_exists($new_path)) + { + require($new_path); + } + else if (!$optional || file_exists($old_path)) + { + require($old_path); + } + } } -//error_reporting(E_ALL ^ E_NOTICE ^ E_DEPRECATED); + +phpbb_require_updated('includes/startup.' . $phpEx); + +$updates_to_version = UPDATES_TO_VERSION; +$debug_from_version = DEBUG_FROM_VERSION; +$oldest_from_version = OLDEST_FROM_VERSION; + error_reporting(E_ALL); @set_time_limit(0); @@ -68,28 +92,18 @@ require($phpbb_root_path . 'includes/auth.' . $phpEx); require($phpbb_root_path . 'includes/functions.' . $phpEx); -if (file_exists($phpbb_root_path . 'includes/functions_content.' . $phpEx)) -{ - require($phpbb_root_path . 'includes/functions_content.' . $phpEx); -} +phpbb_require_updated('includes/functions_content.' . $phpEx, true); require($phpbb_root_path . 'includes/functions_admin.' . $phpEx); require($phpbb_root_path . 'includes/constants.' . $phpEx); require($phpbb_root_path . 'includes/db/' . $dbms . '.' . $phpEx); require($phpbb_root_path . 'includes/utf/utf_tools.' . $phpEx); -// If we are on PHP >= 6.0.0 we do not need some code -if (version_compare(PHP_VERSION, '6.0.0-dev', '>=')) +// new table constants are separately defined here in case the updater is run +// before the files are updated +if (!defined('LOGIN_ATTEMPT_TABLE')) { - /** - * @ignore - */ - define('STRIP', false); -} -else -{ - @set_magic_quotes_runtime(0); - define('STRIP', (get_magic_quotes_gpc()) ? true : false); + define('LOGIN_ATTEMPT_TABLE', $table_prefix . 'login_attempts'); } $user = new user(); @@ -227,7 +241,7 @@ if (empty($config['dbms_version'])) set_config('dbms_version', $db->sql_server_info(true)); } -// Firebird update from Firebord 2.0 to 2.1+ required? +// Firebird update from Firebird 2.0 to 2.1+ required? if ($db->sql_layer == 'firebird') { // We do not trust any PHP5 function enabled, we will simply test for a function new in 2.1 @@ -511,7 +525,7 @@ function _print_footer()
        - Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group + Powered by phpBB® Forum Software © phpBB Group
        @@ -534,12 +548,23 @@ function _sql($sql, &$errored, &$error_ary, $echo_dot = true) $db->sql_return_on_error(true); - $result = $db->sql_query($sql); - if ($db->sql_error_triggered) + if ($sql === 'begin') { - $errored = true; - $error_ary['sql'][] = $db->sql_error_sql; - $error_ary['error_code'][] = $db->sql_error_returned; + $result = $db->sql_transaction('begin'); + } + else if ($sql === 'commit') + { + $result = $db->sql_transaction('commit'); + } + else + { + $result = $db->sql_query($sql); + if ($db->sql_error_triggered) + { + $errored = true; + $error_ary['sql'][] = $db->sql_error_sql; + $error_ary['error_code'][] = $db->sql_error_returned; + } } $db->sql_return_on_error(false); @@ -916,6 +941,50 @@ function database_update_info() '3.0.7-PL1' => array(), // No changes from 3.0.8-RC1 to 3.0.8 '3.0.8-RC1' => array(), + // Changes from 3.0.8 to 3.0.9-RC1 + '3.0.8' => array( + 'add_tables' => array( + LOGIN_ATTEMPT_TABLE => array( + 'COLUMNS' => array( + // this column was removed from the database updater + // after 3.0.9-RC3 was released. It might still exist + // in 3.0.9-RCX installations and has to be dropped in + // 3.0.10 after the db_tools class is capable of properly + // removing a primary key. + // 'attempt_id' => array('UINT', NULL, 'auto_increment'), + 'attempt_ip' => array('VCHAR:40', ''), + 'attempt_browser' => array('VCHAR:150', ''), + 'attempt_forwarded_for' => array('VCHAR:255', ''), + 'attempt_time' => array('TIMESTAMP', 0), + 'user_id' => array('UINT', 0), + 'username' => array('VCHAR_UNI:255', 0), + 'username_clean' => array('VCHAR_CI', 0), + ), + //'PRIMARY_KEY' => 'attempt_id', + 'KEYS' => array( + 'att_ip' => array('INDEX', array('attempt_ip', 'attempt_time')), + 'att_for' => array('INDEX', array('attempt_forwarded_for', 'attempt_time')), + 'att_time' => array('INDEX', array('attempt_time')), + 'user_id' => array('INDEX', 'user_id'), + ), + ), + ), + 'change_columns' => array( + BBCODES_TABLE => array( + 'bbcode_id' => array('USINT', 0), + ), + ), + ), + // No changes from 3.0.9-RC1 to 3.0.9-RC2 + '3.0.9-RC1' => array(), + // No changes from 3.0.9-RC2 to 3.0.9-RC3 + '3.0.9-RC2' => array(), + // No changes from 3.0.9-RC3 to 3.0.9-RC4 + '3.0.9-RC3' => array(), + // No changes from 3.0.9-RC4 to 3.0.9 + '3.0.9-RC4' => array(), + + /** @todo DROP LOGIN_ATTEMPT_TABLE.attempt_id in 3.0.10-RC1 */ ); } @@ -1858,6 +1927,71 @@ function change_database_data(&$no_updates, $version) // No changes from 3.0.8-RC1 to 3.0.8 case '3.0.8-RC1': break; + + // Changes from 3.0.8 to 3.0.9-RC1 + case '3.0.8': + set_config('ip_login_limit_max', '50'); + set_config('ip_login_limit_time', '21600'); + set_config('ip_login_limit_use_forwarded', '0'); + + // Update file extension group names to use language strings, again. + $sql = 'SELECT group_id, group_name + FROM ' . EXTENSION_GROUPS_TABLE . ' + WHERE group_name ' . $db->sql_like_expression('EXT_GROUP_' . $db->any_char); + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $sql_ary = array( + 'group_name' => substr($row['group_name'], 10), // Strip off 'EXT_GROUP_' + ); + + $sql = 'UPDATE ' . EXTENSION_GROUPS_TABLE . ' + SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' + WHERE group_id = ' . $row['group_id']; + _sql($sql, $errored, $error_ary); + } + $db->sql_freeresult($result); + + global $db_tools, $table_prefix; + + // Recover from potentially broken Q&A CAPTCHA table on firebird + // Q&A CAPTCHA was uninstallable, so it's safe to remove these + // without data loss + if ($db_tools->sql_layer == 'firebird') + { + $tables = array( + $table_prefix . 'captcha_questions', + $table_prefix . 'captcha_answers', + $table_prefix . 'qa_confirm', + ); + foreach ($tables as $table) + { + if ($db_tools->sql_table_exists($table)) + { + $db_tools->sql_table_drop($table); + } + } + } + + $no_updates = false; + break; + + // No changes from 3.0.9-RC1 to 3.0.9-RC2 + case '3.0.9-RC1': + break; + + // No changes from 3.0.9-RC2 to 3.0.9-RC3 + case '3.0.9-RC2': + break; + + // No changes from 3.0.9-RC3 to 3.0.9-RC4 + case '3.0.9-RC3': + break; + + // No changes from 3.0.9-RC4 to 3.0.9 + case '3.0.9-RC4': + break; } } @@ -2192,6 +2326,271 @@ class updater_db_tools } } + /** + * Check if table exists + * + * + * @param string $table_name The table name to check for + * @return bool true if table exists, else false + */ + function sql_table_exists($table_name) + { + $this->db->sql_return_on_error(true); + $result = $this->db->sql_query_limit('SELECT * FROM ' . $table_name, 1); + $this->db->sql_return_on_error(false); + + if ($result) + { + $this->db->sql_freeresult($result); + return true; + } + + return false; + } + + /** + * Create SQL Table + * + * @param string $table_name The table name to create + * @param array $table_data Array containing table data. + * @return array Statements if $return_statements is true. + */ + function sql_create_table($table_name, $table_data) + { + // holds the DDL for a column + $columns = $statements = array(); + + if ($this->sql_table_exists($table_name)) + { + return $this->_sql_run_sql($statements); + } + + // Begin transaction + $statements[] = 'begin'; + + // Determine if we have created a PRIMARY KEY in the earliest + $primary_key_gen = false; + + // Determine if the table must be created with TEXTIMAGE + $create_textimage = false; + + // Determine if the table requires a sequence + $create_sequence = false; + + // Begin table sql statement + switch ($this->sql_layer) + { + case 'mssql': + case 'mssqlnative': + $table_sql = 'CREATE TABLE [' . $table_name . '] (' . "\n"; + break; + + default: + $table_sql = 'CREATE TABLE ' . $table_name . ' (' . "\n"; + break; + } + + // Iterate through the columns to create a table + foreach ($table_data['COLUMNS'] as $column_name => $column_data) + { + // here lies an array, filled with information compiled on the column's data + $prepared_column = $this->sql_prepare_column_data($table_name, $column_name, $column_data); + + if (isset($prepared_column['auto_increment']) && strlen($column_name) > 26) // "${column_name}_gen" + { + trigger_error("Index name '${column_name}_gen' on table '$table_name' is too long. The maximum auto increment column length is 26 characters.", E_USER_ERROR); + } + + // here we add the definition of the new column to the list of columns + switch ($this->sql_layer) + { + case 'mssql': + case 'mssqlnative': + $columns[] = "\t [{$column_name}] " . $prepared_column['column_type_sql_default']; + break; + + default: + $columns[] = "\t {$column_name} " . $prepared_column['column_type_sql']; + break; + } + + // see if we have found a primary key set due to a column definition if we have found it, we can stop looking + if (!$primary_key_gen) + { + $primary_key_gen = isset($prepared_column['primary_key_set']) && $prepared_column['primary_key_set']; + } + + // create textimage DDL based off of the existance of certain column types + if (!$create_textimage) + { + $create_textimage = isset($prepared_column['textimage']) && $prepared_column['textimage']; + } + + // create sequence DDL based off of the existance of auto incrementing columns + if (!$create_sequence && isset($prepared_column['auto_increment']) && $prepared_column['auto_increment']) + { + $create_sequence = $column_name; + } + } + + // this makes up all the columns in the create table statement + $table_sql .= implode(",\n", $columns); + + // Close the table for two DBMS and add to the statements + switch ($this->sql_layer) + { + case 'firebird': + $table_sql .= "\n);"; + $statements[] = $table_sql; + break; + + case 'mssql': + case 'mssqlnative': + $table_sql .= "\n) ON [PRIMARY]" . (($create_textimage) ? ' TEXTIMAGE_ON [PRIMARY]' : ''); + $statements[] = $table_sql; + break; + } + + // we have yet to create a primary key for this table, + // this means that we can add the one we really wanted instead + if (!$primary_key_gen) + { + // Write primary key + if (isset($table_data['PRIMARY_KEY'])) + { + if (!is_array($table_data['PRIMARY_KEY'])) + { + $table_data['PRIMARY_KEY'] = array($table_data['PRIMARY_KEY']); + } + + switch ($this->sql_layer) + { + case 'mysql_40': + case 'mysql_41': + case 'postgres': + case 'sqlite': + $table_sql .= ",\n\t PRIMARY KEY (" . implode(', ', $table_data['PRIMARY_KEY']) . ')'; + break; + + case 'firebird': + case 'mssql': + case 'mssqlnative': + // We need the data here + $old_return_statements = $this->return_statements; + $this->return_statements = true; + + $primary_key_stmts = $this->sql_create_primary_key($table_name, $table_data['PRIMARY_KEY']); + foreach ($primary_key_stmts as $pk_stmt) + { + $statements[] = $pk_stmt; + } + + $this->return_statements = $old_return_statements; + break; + + case 'oracle': + $table_sql .= ",\n\t CONSTRAINT pk_{$table_name} PRIMARY KEY (" . implode(', ', $table_data['PRIMARY_KEY']) . ')'; + break; + } + } + } + + // close the table + switch ($this->sql_layer) + { + case 'mysql_41': + // make sure the table is in UTF-8 mode + $table_sql .= "\n) CHARACTER SET `utf8` COLLATE `utf8_bin`;"; + $statements[] = $table_sql; + break; + + case 'mysql_40': + case 'sqlite': + $table_sql .= "\n);"; + $statements[] = $table_sql; + break; + + case 'postgres': + // do we need to add a sequence for auto incrementing columns? + if ($create_sequence) + { + $statements[] = "CREATE SEQUENCE {$table_name}_seq;"; + } + + $table_sql .= "\n);"; + $statements[] = $table_sql; + break; + + case 'oracle': + $table_sql .= "\n)"; + $statements[] = $table_sql; + + // do we need to add a sequence and a tigger for auto incrementing columns? + if ($create_sequence) + { + // create the actual sequence + $statements[] = "CREATE SEQUENCE {$table_name}_seq"; + + // the trigger is the mechanism by which we increment the counter + $trigger = "CREATE OR REPLACE TRIGGER t_{$table_name}\n"; + $trigger .= "BEFORE INSERT ON {$table_name}\n"; + $trigger .= "FOR EACH ROW WHEN (\n"; + $trigger .= "\tnew.{$create_sequence} IS NULL OR new.{$create_sequence} = 0\n"; + $trigger .= ")\n"; + $trigger .= "BEGIN\n"; + $trigger .= "\tSELECT {$table_name}_seq.nextval\n"; + $trigger .= "\tINTO :new.{$create_sequence}\n"; + $trigger .= "\tFROM dual;\n"; + $trigger .= "END;"; + + $statements[] = $trigger; + } + break; + + case 'firebird': + if ($create_sequence) + { + $statements[] = "CREATE GENERATOR {$table_name}_gen;"; + $statements[] = "SET GENERATOR {$table_name}_gen TO 0;"; + + $trigger = "CREATE TRIGGER t_$table_name FOR $table_name\n"; + $trigger .= "BEFORE INSERT\nAS\nBEGIN\n"; + $trigger .= "\tNEW.{$create_sequence} = GEN_ID({$table_name}_gen, 1);\nEND;"; + $statements[] = $trigger; + } + break; + } + + // Write Keys + if (isset($table_data['KEYS'])) + { + foreach ($table_data['KEYS'] as $key_name => $key_data) + { + if (!is_array($key_data[1])) + { + $key_data[1] = array($key_data[1]); + } + + $old_return_statements = $this->return_statements; + $this->return_statements = true; + + $key_stmts = ($key_data[0] == 'UNIQUE') ? $this->sql_create_unique_index($table_name, $key_name, $key_data[1]) : $this->sql_create_index($table_name, $key_name, $key_data[1]); + + foreach ($key_stmts as $key_stmt) + { + $statements[] = $key_stmt; + } + + $this->return_statements = $old_return_statements; + } + } + + // Commit Transaction + $statements[] = 'commit'; + + return $this->_sql_run_sql($statements); + } + /** * Handle passed database update array. * Expected structure... @@ -2229,6 +2628,19 @@ class updater_db_tools $sqlite = true; } + // Add tables? + if (!empty($schema_changes['add_tables'])) + { + foreach ($schema_changes['add_tables'] as $table => $table_data) + { + $result = $this->sql_create_table($table, $table_data); + if ($this->return_statements) + { + $statements = array_merge($statements, $result); + } + } + } + // Change columns? if (!empty($schema_changes['change_columns'])) { @@ -2978,6 +3390,11 @@ class updater_db_tools */ function sql_prepare_column_data($table_name, $column_name, $column_data) { + if (strlen($column_name) > 30) + { + trigger_error("Column name '$column_name' on table '$table_name' is too long. The maximum is 30 characters.", E_USER_ERROR); + } + // Get type if (strpos($column_data[0], ':') !== false) { @@ -3551,6 +3968,13 @@ class updater_db_tools { $statements = array(); + $table_prefix = substr(CONFIG_TABLE, 0, -6); // strlen(config) + if (strlen($table_name . $index_name) - strlen($table_prefix) > 24) + { + $max_length = $table_prefix + 24; + trigger_error("Index name '{$table_name}_$index_name' on table '$table_name' is too long. The maximum is $max_length characters.", E_USER_ERROR); + } + switch ($this->sql_layer) { case 'firebird': @@ -3581,6 +4005,13 @@ class updater_db_tools { $statements = array(); + $table_prefix = substr(CONFIG_TABLE, 0, -6); // strlen(config) + if (strlen($table_name . $index_name) - strlen($table_prefix) > 24) + { + $max_length = $table_prefix + 24; + trigger_error("Index name '{$table_name}_$index_name' on table '$table_name' is too long. The maximum is $max_length characters.", E_USER_ERROR); + } + // remove index length unless MySQL4 if ('mysql_40' != $this->sql_layer) { diff --git a/phpBB/install/index.php b/phpBB/install/index.php index eb51ca5fb2..5135e2dbd8 100644 --- a/phpBB/install/index.php +++ b/phpBB/install/index.php @@ -18,110 +18,30 @@ define('IN_INSTALL', true); $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './../'; $phpEx = substr(strrchr(__FILE__, '.'), 1); -// Report all errors, except notices and deprecation messages -if (!defined('E_DEPRECATED')) -{ - define('E_DEPRECATED', 8192); -} -error_reporting(E_ALL ^ E_NOTICE ^ E_DEPRECATED); - // @todo Review this test and see if we can find out what it is which prevents PHP 4.2.x from even displaying the page with requirements on it if (version_compare(PHP_VERSION, '4.3.3') < 0) { die('You are running an unsupported PHP version. Please upgrade to PHP 4.3.3 or higher before trying to install phpBB 3.0'); } -/* -* Remove variables created by register_globals from the global scope -* Thanks to Matt Kavanagh -*/ -function deregister_globals() +function phpbb_require_updated($path, $optional = false) { - $not_unset = array( - 'GLOBALS' => true, - '_GET' => true, - '_POST' => true, - '_COOKIE' => true, - '_REQUEST' => true, - '_SERVER' => true, - '_SESSION' => true, - '_ENV' => true, - '_FILES' => true, - 'phpEx' => true, - 'phpbb_root_path' => true - ); + global $phpbb_root_path; - // Not only will array_merge and array_keys give a warning if - // a parameter is not an array, array_merge will actually fail. - // So we check if _SESSION has been initialised. - if (!isset($_SESSION) || !is_array($_SESSION)) + $new_path = $phpbb_root_path . 'install/update/new/' . $path; + $old_path = $phpbb_root_path . $path; + + if (file_exists($new_path)) { - $_SESSION = array(); + require($new_path); } - - // Merge all into one extremely huge array; unset this later - $input = array_merge( - array_keys($_GET), - array_keys($_POST), - array_keys($_COOKIE), - array_keys($_SERVER), - array_keys($_SESSION), - array_keys($_ENV), - array_keys($_FILES) - ); - - foreach ($input as $varname) + else if (!$optional || file_exists($old_path)) { - if (isset($not_unset[$varname])) - { - // Hacking attempt. No point in continuing unless it's a COOKIE - if ($varname !== 'GLOBALS' || isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_SERVER['GLOBALS']) || isset($_SESSION['GLOBALS']) || isset($_ENV['GLOBALS']) || isset($_FILES['GLOBALS'])) - { - exit; - } - else - { - $cookie = &$_COOKIE; - while (isset($cookie['GLOBALS'])) - { - foreach ($cookie['GLOBALS'] as $registered_var => $value) - { - if (!isset($not_unset[$registered_var])) - { - unset($GLOBALS[$registered_var]); - } - } - $cookie = &$cookie['GLOBALS']; - } - } - } - - unset($GLOBALS[$varname]); + require($old_path); } - - unset($input); } -// If we are on PHP >= 6.0.0 we do not need some code -if (version_compare(PHP_VERSION, '6.0.0-dev', '>=')) -{ - /** - * @ignore - */ - define('STRIP', false); -} -else -{ - @set_magic_quotes_runtime(0); - - // Be paranoid with passed vars - if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on') - { - deregister_globals(); - } - - define('STRIP', (get_magic_quotes_gpc()) ? true : false); -} +phpbb_require_updated('includes/startup.' . $phpEx); // Try to override some limits - maybe it helps some... @set_time_limit(0); @@ -154,10 +74,7 @@ else // Include essential scripts require($phpbb_root_path . 'includes/functions.' . $phpEx); -if (file_exists($phpbb_root_path . 'includes/functions_content.' . $phpEx)) -{ - require($phpbb_root_path . 'includes/functions_content.' . $phpEx); -} +phpbb_require_updated('includes/functions_content.' . $phpEx, true); include($phpbb_root_path . 'includes/auth.' . $phpEx); include($phpbb_root_path . 'includes/session.' . $phpEx); @@ -652,7 +569,7 @@ class module echo ' '; echo ' '; echo '
        '; - echo ' Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group'; + echo ' Powered by phpBB® Forum Software © phpBB Group'; echo '
        '; echo ''; echo ''; diff --git a/phpBB/install/install_install.php b/phpBB/install/install_install.php index 2dd58584f4..9fe0c8aed5 100644 --- a/phpBB/install/install_install.php +++ b/phpBB/install/install_install.php @@ -1882,7 +1882,7 @@ class install_install extends module if (!$user_id) { - // If we can't insert this user then continue to the next one to avoid inconsistant data + // If we can't insert this user then continue to the next one to avoid inconsistent data $this->p_master->db_error('Unable to insert bot into users table', $db->sql_error_sql, __LINE__, __FILE__, true); continue; } diff --git a/phpBB/install/schemas/firebird_schema.sql b/phpBB/install/schemas/firebird_schema.sql index 85f86781de..40041b13cb 100644 --- a/phpBB/install/schemas/firebird_schema.sql +++ b/phpBB/install/schemas/firebird_schema.sql @@ -1,5 +1,5 @@ # -# $Id$ +# $Id: $ # @@ -545,6 +545,22 @@ BEGIN END;; +# Table: 'phpbb_login_attempts' +CREATE TABLE phpbb_login_attempts ( + attempt_ip VARCHAR(40) CHARACTER SET NONE DEFAULT '' NOT NULL, + attempt_browser VARCHAR(150) CHARACTER SET NONE DEFAULT '' NOT NULL, + attempt_forwarded_for VARCHAR(255) CHARACTER SET NONE DEFAULT '' NOT NULL, + attempt_time INTEGER DEFAULT 0 NOT NULL, + user_id INTEGER DEFAULT 0 NOT NULL, + username VARCHAR(255) CHARACTER SET UTF8 DEFAULT 0 NOT NULL COLLATE UNICODE, + username_clean VARCHAR(255) CHARACTER SET UTF8 DEFAULT 0 NOT NULL COLLATE UNICODE +);; + +CREATE INDEX phpbb_login_attempts_att_ip ON phpbb_login_attempts(attempt_ip, attempt_time);; +CREATE INDEX phpbb_login_attempts_att_for ON phpbb_login_attempts(attempt_forwarded_for, attempt_time);; +CREATE INDEX phpbb_login_attempts_att_time ON phpbb_login_attempts(attempt_time);; +CREATE INDEX phpbb_login_attempts_user_id ON phpbb_login_attempts(user_id);; + # Table: 'phpbb_moderator_cache' CREATE TABLE phpbb_moderator_cache ( forum_id INTEGER DEFAULT 0 NOT NULL, diff --git a/phpBB/install/schemas/mssql_schema.sql b/phpBB/install/schemas/mssql_schema.sql index 0827b14cc2..c4fc2d4eec 100644 --- a/phpBB/install/schemas/mssql_schema.sql +++ b/phpBB/install/schemas/mssql_schema.sql @@ -1,6 +1,6 @@ /* - $Id$ + $Id: $ */ @@ -649,6 +649,33 @@ CREATE INDEX [user_id] ON [phpbb_log]([user_id]) ON [PRIMARY] GO +/* + Table: 'phpbb_login_attempts' +*/ +CREATE TABLE [phpbb_login_attempts] ( + [attempt_ip] [varchar] (40) DEFAULT ('') NOT NULL , + [attempt_browser] [varchar] (150) DEFAULT ('') NOT NULL , + [attempt_forwarded_for] [varchar] (255) DEFAULT ('') NOT NULL , + [attempt_time] [int] DEFAULT (0) NOT NULL , + [user_id] [int] DEFAULT (0) NOT NULL , + [username] [varchar] (255) DEFAULT (0) NOT NULL , + [username_clean] [varchar] (255) DEFAULT (0) NOT NULL +) ON [PRIMARY] +GO + +CREATE INDEX [att_ip] ON [phpbb_login_attempts]([attempt_ip], [attempt_time]) ON [PRIMARY] +GO + +CREATE INDEX [att_for] ON [phpbb_login_attempts]([attempt_forwarded_for], [attempt_time]) ON [PRIMARY] +GO + +CREATE INDEX [att_time] ON [phpbb_login_attempts]([attempt_time]) ON [PRIMARY] +GO + +CREATE INDEX [user_id] ON [phpbb_login_attempts]([user_id]) ON [PRIMARY] +GO + + /* Table: 'phpbb_moderator_cache' */ @@ -1730,3 +1757,4 @@ ALTER TABLE [phpbb_zebra] WITH NOCHECK ADD ) ON [PRIMARY] GO + diff --git a/phpBB/install/schemas/mysql_40_schema.sql b/phpBB/install/schemas/mysql_40_schema.sql index 19b1b4f0f7..06d32166f3 100644 --- a/phpBB/install/schemas/mysql_40_schema.sql +++ b/phpBB/install/schemas/mysql_40_schema.sql @@ -1,5 +1,5 @@ # -# $Id$ +# $Id: $ # # Table: 'phpbb_attachments' @@ -110,7 +110,7 @@ CREATE TABLE phpbb_banlist ( # Table: 'phpbb_bbcodes' CREATE TABLE phpbb_bbcodes ( - bbcode_id tinyint(3) DEFAULT '0' NOT NULL, + bbcode_id smallint(4) UNSIGNED DEFAULT '0' NOT NULL, bbcode_tag varbinary(16) DEFAULT '' NOT NULL, bbcode_helpline blob NOT NULL, display_on_posting tinyint(1) UNSIGNED DEFAULT '0' NOT NULL, @@ -369,6 +369,22 @@ CREATE TABLE phpbb_log ( ); +# Table: 'phpbb_login_attempts' +CREATE TABLE phpbb_login_attempts ( + attempt_ip varbinary(40) DEFAULT '' NOT NULL, + attempt_browser varbinary(150) DEFAULT '' NOT NULL, + attempt_forwarded_for varbinary(255) DEFAULT '' NOT NULL, + attempt_time int(11) UNSIGNED DEFAULT '0' NOT NULL, + user_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, + username blob NOT NULL, + username_clean blob NOT NULL, + KEY att_ip (attempt_ip, attempt_time), + KEY att_for (attempt_forwarded_for, attempt_time), + KEY att_time (attempt_time), + KEY user_id (user_id) +); + + # Table: 'phpbb_moderator_cache' CREATE TABLE phpbb_moderator_cache ( forum_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, diff --git a/phpBB/install/schemas/mysql_41_schema.sql b/phpBB/install/schemas/mysql_41_schema.sql index 3b70630a9e..1db2790ec7 100644 --- a/phpBB/install/schemas/mysql_41_schema.sql +++ b/phpBB/install/schemas/mysql_41_schema.sql @@ -1,5 +1,5 @@ # -# $Id$ +# $Id: $ # # Table: 'phpbb_attachments' @@ -110,7 +110,7 @@ CREATE TABLE phpbb_banlist ( # Table: 'phpbb_bbcodes' CREATE TABLE phpbb_bbcodes ( - bbcode_id tinyint(3) DEFAULT '0' NOT NULL, + bbcode_id smallint(4) UNSIGNED DEFAULT '0' NOT NULL, bbcode_tag varchar(16) DEFAULT '' NOT NULL, bbcode_helpline varchar(255) DEFAULT '' NOT NULL, display_on_posting tinyint(1) UNSIGNED DEFAULT '0' NOT NULL, @@ -369,6 +369,22 @@ CREATE TABLE phpbb_log ( ) CHARACTER SET `utf8` COLLATE `utf8_bin`; +# Table: 'phpbb_login_attempts' +CREATE TABLE phpbb_login_attempts ( + attempt_ip varchar(40) DEFAULT '' NOT NULL, + attempt_browser varchar(150) DEFAULT '' NOT NULL, + attempt_forwarded_for varchar(255) DEFAULT '' NOT NULL, + attempt_time int(11) UNSIGNED DEFAULT '0' NOT NULL, + user_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, + username varchar(255) DEFAULT '0' NOT NULL, + username_clean varchar(255) DEFAULT '0' NOT NULL, + KEY att_ip (attempt_ip, attempt_time), + KEY att_for (attempt_forwarded_for, attempt_time), + KEY att_time (attempt_time), + KEY user_id (user_id) +) CHARACTER SET `utf8` COLLATE `utf8_bin`; + + # Table: 'phpbb_moderator_cache' CREATE TABLE phpbb_moderator_cache ( forum_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, diff --git a/phpBB/install/schemas/oracle_schema.sql b/phpBB/install/schemas/oracle_schema.sql index d577fce46c..783261e365 100644 --- a/phpBB/install/schemas/oracle_schema.sql +++ b/phpBB/install/schemas/oracle_schema.sql @@ -1,6 +1,6 @@ /* - $Id$ + $Id: $ */ @@ -254,7 +254,7 @@ END; Table: 'phpbb_bbcodes' */ CREATE TABLE phpbb_bbcodes ( - bbcode_id number(3) DEFAULT '0' NOT NULL, + bbcode_id number(4) DEFAULT '0' NOT NULL, bbcode_tag varchar2(16) DEFAULT '' , bbcode_helpline varchar2(765) DEFAULT '' , display_on_posting number(1) DEFAULT '0' NOT NULL, @@ -740,6 +740,29 @@ END; / +/* + Table: 'phpbb_login_attempts' +*/ +CREATE TABLE phpbb_login_attempts ( + attempt_ip varchar2(40) DEFAULT '' , + attempt_browser varchar2(150) DEFAULT '' , + attempt_forwarded_for varchar2(255) DEFAULT '' , + attempt_time number(11) DEFAULT '0' NOT NULL, + user_id number(8) DEFAULT '0' NOT NULL, + username varchar2(765) DEFAULT '0' NOT NULL, + username_clean varchar2(255) DEFAULT '0' NOT NULL +) +/ + +CREATE INDEX phpbb_login_attempts_att_ip ON phpbb_login_attempts (attempt_ip, attempt_time) +/ +CREATE INDEX phpbb_login_attempts_att_for ON phpbb_login_attempts (attempt_forwarded_for, attempt_time) +/ +CREATE INDEX phpbb_login_attempts_att_time ON phpbb_login_attempts (attempt_time) +/ +CREATE INDEX phpbb_login_attempts_user_id ON phpbb_login_attempts (user_id) +/ + /* Table: 'phpbb_moderator_cache' */ diff --git a/phpBB/install/schemas/postgres_schema.sql b/phpBB/install/schemas/postgres_schema.sql index 50b3979adb..cf655cb1c7 100644 --- a/phpBB/install/schemas/postgres_schema.sql +++ b/phpBB/install/schemas/postgres_schema.sql @@ -1,6 +1,6 @@ /* - $Id$ + $Id: $ */ @@ -213,7 +213,7 @@ CREATE INDEX phpbb_banlist_ban_ip ON phpbb_banlist (ban_ip, ban_exclude); Table: 'phpbb_bbcodes' */ CREATE TABLE phpbb_bbcodes ( - bbcode_id INT2 DEFAULT '0' NOT NULL, + bbcode_id INT2 DEFAULT '0' NOT NULL CHECK (bbcode_id >= 0), bbcode_tag varchar(16) DEFAULT '' NOT NULL, bbcode_helpline varchar(255) DEFAULT '' NOT NULL, display_on_posting INT2 DEFAULT '0' NOT NULL CHECK (display_on_posting >= 0), @@ -524,6 +524,24 @@ CREATE INDEX phpbb_log_topic_id ON phpbb_log (topic_id); CREATE INDEX phpbb_log_reportee_id ON phpbb_log (reportee_id); CREATE INDEX phpbb_log_user_id ON phpbb_log (user_id); +/* + Table: 'phpbb_login_attempts' +*/ +CREATE TABLE phpbb_login_attempts ( + attempt_ip varchar(40) DEFAULT '' NOT NULL, + attempt_browser varchar(150) DEFAULT '' NOT NULL, + attempt_forwarded_for varchar(255) DEFAULT '' NOT NULL, + attempt_time INT4 DEFAULT '0' NOT NULL CHECK (attempt_time >= 0), + user_id INT4 DEFAULT '0' NOT NULL CHECK (user_id >= 0), + username varchar(255) DEFAULT '0' NOT NULL, + username_clean varchar_ci DEFAULT '0' NOT NULL +); + +CREATE INDEX phpbb_login_attempts_att_ip ON phpbb_login_attempts (attempt_ip, attempt_time); +CREATE INDEX phpbb_login_attempts_att_for ON phpbb_login_attempts (attempt_forwarded_for, attempt_time); +CREATE INDEX phpbb_login_attempts_att_time ON phpbb_login_attempts (attempt_time); +CREATE INDEX phpbb_login_attempts_user_id ON phpbb_login_attempts (user_id); + /* Table: 'phpbb_moderator_cache' */ diff --git a/phpBB/install/schemas/schema_data.sql b/phpBB/install/schemas/schema_data.sql index e3c9d1e13a..0153bd8ec2 100644 --- a/phpBB/install/schemas/schema_data.sql +++ b/phpBB/install/schemas/schema_data.sql @@ -136,6 +136,9 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('img_max_thumb_widt INSERT INTO phpbb_config (config_name, config_value) VALUES ('img_max_width', '0'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('img_min_thumb_filesize', '12000'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('ip_check', '3'); +INSERT INTO phpbb_config (config_name, config_value) VALUES ('ip_login_limit_max', '50'); +INSERT INTO phpbb_config (config_name, config_value) VALUES ('ip_login_limit_time', '21600'); +INSERT INTO phpbb_config (config_name, config_value) VALUES ('ip_login_limit_use_forwarded', '0'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('jab_enable', '0'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('jab_host', ''); INSERT INTO phpbb_config (config_name, config_value) VALUES ('jab_password', ''); @@ -242,7 +245,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('topics_per_page', INSERT INTO phpbb_config (config_name, config_value) VALUES ('tpl_allow_php', '0'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_icons_path', 'images/upload_icons'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_path', 'files'); -INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.0.8'); +INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.0.9'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_expire_days', '90'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_gc', '14400'); @@ -565,7 +568,7 @@ INSERT INTO phpbb_acl_roles_data (role_id, auth_option_id, auth_setting) SELECT # No Avatar (u_) INSERT INTO phpbb_acl_roles_data (role_id, auth_option_id, auth_setting) SELECT 9, auth_option_id, 1 FROM phpbb_acl_options WHERE auth_option LIKE 'u_%' AND auth_option NOT IN ('u_attach', 'u_chgavatar', 'u_viewonline', 'u_chggrp', 'u_chgname', 'u_ignoreflood', 'u_pm_attach', 'u_pm_emailpm', 'u_pm_flash', 'u_savedrafts', 'u_search', 'u_sendemail', 'u_sendim', 'u_masspm', 'u_masspm_group'); -INSERT INTO phpbb_acl_roles_data (role_id, auth_option_id, auth_setting) SELECT 9, auth_option_id, 0 FROM phpbb_acl_options WHERE auth_option LIKE 'u_%' AND auth_option IN ('u_chgavatar', 'u_masspm', 'u_masspm_group'); +INSERT INTO phpbb_acl_roles_data (role_id, auth_option_id, auth_setting) SELECT 9, auth_option_id, 0 FROM phpbb_acl_options WHERE auth_option LIKE 'u_%' AND auth_option IN ('u_chgavatar'); # Full Moderator (m_) INSERT INTO phpbb_acl_roles_data (role_id, auth_option_id, auth_setting) SELECT 10, auth_option_id, 1 FROM phpbb_acl_options WHERE auth_option LIKE 'm_%'; @@ -743,15 +746,15 @@ INSERT INTO phpbb_reports_reasons (reason_title, reason_description, reason_orde INSERT INTO phpbb_reports_reasons (reason_title, reason_description, reason_order) VALUES ('other', '{L_REPORT_OTHER}', 4); # -- extension_groups -INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, allowed_forums) VALUES ('{L_EXT_GROUP_IMAGES}', 1, 1, 1, '', 0, ''); -INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, allowed_forums) VALUES ('{L_EXT_GROUP_ARCHIVES}', 0, 1, 1, '', 0, ''); -INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, allowed_forums) VALUES ('{L_EXT_GROUP_PLAIN_TEXT}', 0, 0, 1, '', 0, ''); -INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, allowed_forums) VALUES ('{L_EXT_GROUP_DOCUMENTS}', 0, 0, 1, '', 0, ''); -INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, allowed_forums) VALUES ('{L_EXT_GROUP_REAL_MEDIA}', 3, 0, 1, '', 0, ''); -INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, allowed_forums) VALUES ('{L_EXT_GROUP_WINDOWS_MEDIA}', 2, 0, 1, '', 0, ''); -INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, allowed_forums) VALUES ('{L_EXT_GROUP_FLASH_FILES}', 5, 0, 1, '', 0, ''); -INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, allowed_forums) VALUES ('{L_EXT_GROUP_QUICKTIME_MEDIA}', 6, 0, 1, '', 0, ''); -INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, allowed_forums) VALUES ('{L_EXT_GROUP_DOWNLOADABLE_FILES}', 0, 0, 1, '', 0, ''); +INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, allowed_forums) VALUES ('IMAGES', 1, 1, 1, '', 0, ''); +INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, allowed_forums) VALUES ('ARCHIVES', 0, 1, 1, '', 0, ''); +INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, allowed_forums) VALUES ('PLAIN_TEXT', 0, 0, 1, '', 0, ''); +INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, allowed_forums) VALUES ('DOCUMENTS', 0, 0, 1, '', 0, ''); +INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, allowed_forums) VALUES ('REAL_MEDIA', 3, 0, 1, '', 0, ''); +INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, allowed_forums) VALUES ('WINDOWS_MEDIA', 2, 0, 1, '', 0, ''); +INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, allowed_forums) VALUES ('FLASH_FILES', 5, 0, 1, '', 0, ''); +INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, allowed_forums) VALUES ('QUICKTIME_MEDIA', 6, 0, 1, '', 0, ''); +INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, download_mode, upload_icon, max_filesize, allowed_forums) VALUES ('DOWNLOADABLE_FILES', 0, 0, 1, '', 0, ''); # -- extensions INSERT INTO phpbb_extensions (group_id, extension) VALUES (1, 'gif'); @@ -829,4 +832,4 @@ INSERT INTO phpbb_extensions (group_id, extension) VALUES (9, 'mp3'); INSERT INTO phpbb_extensions (group_id, extension) VALUES (9, 'ogg'); INSERT INTO phpbb_extensions (group_id, extension) VALUES (9, 'ogm'); -# POSTGRES COMMIT # \ No newline at end of file +# POSTGRES COMMIT # diff --git a/phpBB/install/schemas/sqlite_schema.sql b/phpBB/install/schemas/sqlite_schema.sql index 7ee821d395..dae1eb839c 100644 --- a/phpBB/install/schemas/sqlite_schema.sql +++ b/phpBB/install/schemas/sqlite_schema.sql @@ -1,5 +1,5 @@ # -# $Id$ +# $Id: $ # BEGIN TRANSACTION; @@ -108,7 +108,7 @@ CREATE INDEX phpbb_banlist_ban_ip ON phpbb_banlist (ban_ip, ban_exclude); # Table: 'phpbb_bbcodes' CREATE TABLE phpbb_bbcodes ( - bbcode_id tinyint(3) NOT NULL DEFAULT '0', + bbcode_id INTEGER UNSIGNED NOT NULL DEFAULT '0', bbcode_tag varchar(16) NOT NULL DEFAULT '', bbcode_helpline varchar(255) NOT NULL DEFAULT '', display_on_posting INTEGER UNSIGNED NOT NULL DEFAULT '0', @@ -357,6 +357,22 @@ CREATE INDEX phpbb_log_topic_id ON phpbb_log (topic_id); CREATE INDEX phpbb_log_reportee_id ON phpbb_log (reportee_id); CREATE INDEX phpbb_log_user_id ON phpbb_log (user_id); +# Table: 'phpbb_login_attempts' +CREATE TABLE phpbb_login_attempts ( + attempt_ip varchar(40) NOT NULL DEFAULT '', + attempt_browser varchar(150) NOT NULL DEFAULT '', + attempt_forwarded_for varchar(255) NOT NULL DEFAULT '', + attempt_time INTEGER UNSIGNED NOT NULL DEFAULT '0', + user_id INTEGER UNSIGNED NOT NULL DEFAULT '0', + username varchar(255) NOT NULL DEFAULT '0', + username_clean varchar(255) NOT NULL DEFAULT '0' +); + +CREATE INDEX phpbb_login_attempts_att_ip ON phpbb_login_attempts (attempt_ip, attempt_time); +CREATE INDEX phpbb_login_attempts_att_for ON phpbb_login_attempts (attempt_forwarded_for, attempt_time); +CREATE INDEX phpbb_login_attempts_att_time ON phpbb_login_attempts (attempt_time); +CREATE INDEX phpbb_login_attempts_user_id ON phpbb_login_attempts (user_id); + # Table: 'phpbb_moderator_cache' CREATE TABLE phpbb_moderator_cache ( forum_id INTEGER UNSIGNED NOT NULL DEFAULT '0', diff --git a/phpBB/language/en/acp/board.php b/phpBB/language/en/acp/board.php index 753decd517..0254bff992 100644 --- a/phpBB/language/en/acp/board.php +++ b/phpBB/language/en/acp/board.php @@ -51,7 +51,7 @@ $lang = array_merge($lang, array( 'SITE_NAME' => 'Site name', 'SYSTEM_DST' => 'Enable Summer Time/DST', 'SYSTEM_TIMEZONE' => 'Guest timezone', - 'SYSTEM_TIMEZONE_EXPLAIN' => 'Timezone to use for displaying times to users who are not logged in (guests, bots). Logged in users set their timezone during registration and can change it in user control panel.', + 'SYSTEM_TIMEZONE_EXPLAIN' => 'Timezone to use for displaying times to users who are not logged in (guests, bots). Logged in users set their timezone during registration and can change it in their user control panel.', 'WARNINGS_EXPIRE' => 'Warning duration', 'WARNINGS_EXPIRE_EXPLAIN' => 'Number of days that will elapse before the warning will automatically expire from a user’s record.', )); @@ -151,7 +151,7 @@ $lang = array_merge($lang, array( 'ALLOW_POST_FLASH_EXPLAIN' => 'If disallowed the [FLASH] BBCode tag is disabled in posts. Otherwise the permission system controls which users can use the [FLASH] BBCode tag.', 'BUMP_INTERVAL' => 'Bump interval', - 'BUMP_INTERVAL_EXPLAIN' => 'Number of minutes, hours or days between the last post to a topic and the ability to bump this topic. Setting the value to 0 disables this feature.', + 'BUMP_INTERVAL_EXPLAIN' => 'Number of minutes, hours or days between the last post to a topic and the ability to bump that topic. Setting the value to 0 disables bumping entirely.', 'CHAR_LIMIT' => 'Maximum characters per post/message', 'CHAR_LIMIT_EXPLAIN' => 'The number of characters allowed within a post/private message. Set to 0 for unlimited characters.', 'DELETE_TIME' => 'Limit deleting time', @@ -208,16 +208,16 @@ $lang = array_merge($lang, array( 'ACP_REGISTER_SETTINGS_EXPLAIN' => 'Here you are able to define registration and profile related settings.', 'ACC_ACTIVATION' => 'Account activation', - 'ACC_ACTIVATION_EXPLAIN' => 'This determines whether users have immediate access to the board or if confirmation is required. You can also completely disable new registrations.', + 'ACC_ACTIVATION_EXPLAIN' => 'This determines whether users have immediate access to the board or if confirmation is required. You can also completely disable new registrations. “Board-wide e-mail” must be enabled in order to use user or admin activation.', 'NEW_MEMBER_POST_LIMIT' => 'New member post limit', 'NEW_MEMBER_POST_LIMIT_EXPLAIN' => 'New members are within the Newly Registered Users group until they reach this number of posts. You can use this group to keep them from using the PM system or to review their posts. A value of 0 disables this feature.', 'NEW_MEMBER_GROUP_DEFAULT' => 'Set Newly Registered Users group to default', 'NEW_MEMBER_GROUP_DEFAULT_EXPLAIN' => 'If set to yes, and a new member post limit is specified, newly registered users will not only be put into the Newly Registered Users group, but this group will also be their default one. This may come in handy if you want to assign a group default rank and/or avatar the user then inherits.', - 'ACC_ADMIN' => 'By Admin', - 'ACC_DISABLE' => 'Disable', - 'ACC_NONE' => 'None', - 'ACC_USER' => 'By User', + 'ACC_ADMIN' => 'By admin', + 'ACC_DISABLE' => 'Disable registration', + 'ACC_NONE' => 'No activation (immediate access)', + 'ACC_USER' => 'By user (e-mail verification)', // 'ACC_USER_ADMIN' => 'User + Admin', 'ALLOW_EMAIL_REUSE' => 'Allow e-mail address re-use', 'ALLOW_EMAIL_REUSE_EXPLAIN' => 'Different users can register with the same e-mail address.', @@ -325,7 +325,7 @@ $lang = array_merge($lang, array( 'VISUAL_CONFIRM_REG' => 'Enable spambot countermeasures for registrations', 'VISUAL_CONFIRM_REG_EXPLAIN' => 'Requires new users to pass the anti-spambot task to help prevent automated registrations.', 'VISUAL_CONFIRM_REFRESH' => 'Allow users to refresh the anti-spambot task', - 'VISUAL_CONFIRM_REFRESH_EXPLAIN' => 'Allows users to request a new anti-spambot task if they are unable to solve the currunt task during registration. Some plugins might not support this option.', + 'VISUAL_CONFIRM_REFRESH_EXPLAIN' => 'Allows users to request a new anti-spambot task if they are unable to solve the current task during registration. Some plugins might not support this option.', )); // Cookie Settings @@ -394,7 +394,7 @@ $lang = array_merge($lang, array( 'LDAP_NO_EMAIL' => 'The specified e-mail attribute does not exist.', 'LDAP_NO_IDENTITY' => 'Could not find a login identity for %s.', 'LDAP_PASSWORD' => 'LDAP password', - 'LDAP_PASSWORD_EXPLAIN' => 'Leave blank to use anonymous binding. Else fill in the password for the above user. Required for Active Directory Servers.
        Warning: This password will be stored as plain text in the database, visible to everybody who can access your database or who can view this configuration page.', + 'LDAP_PASSWORD_EXPLAIN' => 'Leave blank to use anonymous binding, otherwise fill in the password for the above user. Required for Active Directory Servers.
        Warning: This password will be stored as plain text in the database, visible to everybody who can access your database or who can view this configuration page.', 'LDAP_PORT' => 'LDAP server port', 'LDAP_PORT_EXPLAIN' => 'Optionally you can specify a port which should be used to connect to the LDAP server instead of the default port 389.', 'LDAP_SERVER' => 'LDAP server name', @@ -458,12 +458,18 @@ $lang = array_merge($lang, array( 'FORM_TIME_MAX_EXPLAIN' => 'The time a user has to submit a form. Use -1 to disable. Note that a form might become invalid if the session expires, regardless of this setting.', 'FORM_SID_GUESTS' => 'Tie forms to guest sessions', 'FORM_SID_GUESTS_EXPLAIN' => 'If enabled, the form token issued to guests will be session-exclusive. This can cause problems with some ISPs.', - 'FORWARDED_FOR_VALID' => 'Validated X_FORWARDED_FOR header', + 'FORWARDED_FOR_VALID' => 'Validate X_FORWARDED_FOR header', 'FORWARDED_FOR_VALID_EXPLAIN' => 'Sessions will only be continued if the sent X_FORWARDED_FOR header equals the one sent with the previous request. Bans will be checked against IPs in X_FORWARDED_FOR too.', 'IP_VALID' => 'Session IP validation', 'IP_VALID_EXPLAIN' => 'Determines how much of the users IP is used to validate a session; All compares the complete address, A.B.C the first x.x.x, A.B the first x.x, None disables checking. On IPv6 addresses A.B.C compares the first 4 blocks and A.B the first 3 blocks.', - 'MAX_LOGIN_ATTEMPTS' => 'Maximum number of login attempts', - 'MAX_LOGIN_ATTEMPTS_EXPLAIN' => 'After this number of failed logins the user needs to additionally solve the anti-spambot task.', + 'IP_LOGIN_LIMIT_MAX' => 'Maximum number of login attempts per IP address', + 'IP_LOGIN_LIMIT_MAX_EXPLAIN' => 'The threshold of login attempts allowed from a single IP address before an anti-spambot task is triggered. Enter 0 to prevent the anti-spambot task from being triggered by IP addresses.', + 'IP_LOGIN_LIMIT_TIME' => 'IP address login attempt expiration time', + 'IP_LOGIN_LIMIT_TIME_EXPLAIN' => 'Login attempts expire after this period.', + 'IP_LOGIN_LIMIT_USE_FORWARDED' => 'Limit login attempts by X_FORWARDED_FOR header', + 'IP_LOGIN_LIMIT_USE_FORWARDED_EXPLAIN' => 'Instead of limiting login attempts by IP address they are limited by X_FORWARDED_FOR values.
        Warning: Only enable this if you are operating a proxy server that sets X_FORWARDED_FOR to trustworthy values.', + 'MAX_LOGIN_ATTEMPTS' => 'Maximum number of login attempts per username', + 'MAX_LOGIN_ATTEMPTS_EXPLAIN' => 'The number of login attempts allowed for a single account before the anti-spambot task is triggered. Enter 0 to prevent the anti-spambot task from being triggered for distinct user accounts.', 'NO_IP_VALIDATION' => 'None', 'NO_REF_VALIDATION' => 'None', 'PASSWORD_TYPE' => 'Password complexity', diff --git a/phpBB/language/en/acp/common.php b/phpBB/language/en/acp/common.php index 2c549f8130..8c71e936b3 100644 --- a/phpBB/language/en/acp/common.php +++ b/phpBB/language/en/acp/common.php @@ -255,7 +255,7 @@ $lang = array_merge($lang, array( 'MOVE_UP' => 'Move up', 'NOTIFY' => 'Notification', - 'NO_ADMIN' => 'You are not authorised to administrate this board.', + 'NO_ADMIN' => 'You are not authorised to administer this board.', 'NO_EMAILS_DEFINED' => 'No valid e-mail addresses found.', 'NO_PASSWORD_SUPPLIED' => 'You need to enter your password to access the Administration Control Panel.', diff --git a/phpBB/language/en/acp/email.php b/phpBB/language/en/acp/email.php index 4427bfff01..38c9f19c27 100644 --- a/phpBB/language/en/acp/email.php +++ b/phpBB/language/en/acp/email.php @@ -52,14 +52,16 @@ $lang = array_merge($lang, array( 'SEND_TO_GROUP' => 'Send to group', 'SEND_TO_USERS' => 'Send to users', 'SEND_TO_USERS_EXPLAIN' => 'Entering names here will override any group selected above. Enter each username on a new line.', - + + 'MAIL_BANNED' => 'Mail banned users', + 'MAIL_BANNED_EXPLAIN' => 'When sending a mass e-mail to a group you can select here whether banned users will also receive the e-mail.', 'MAIL_HIGH_PRIORITY' => 'High', 'MAIL_LOW_PRIORITY' => 'Low', 'MAIL_NORMAL_PRIORITY' => 'Normal', 'MAIL_PRIORITY' => 'Mail priority', 'MASS_MESSAGE' => 'Your message', 'MASS_MESSAGE_EXPLAIN' => 'Please note that you may enter only plain text. All markup will be removed before sending.', - + 'NO_EMAIL_MESSAGE' => 'You must enter a message.', 'NO_EMAIL_SUBJECT' => 'You must specify a subject for your message.', )); diff --git a/phpBB/language/en/acp/groups.php b/phpBB/language/en/acp/groups.php index e8c1a3c494..3444b98303 100644 --- a/phpBB/language/en/acp/groups.php +++ b/phpBB/language/en/acp/groups.php @@ -36,7 +36,7 @@ if (empty($lang) || !is_array($lang)) // in a url you again do not need to specify an order e.g., 'Click %sHERE%s' is fine $lang = array_merge($lang, array( - 'ACP_GROUPS_MANAGE_EXPLAIN' => 'From this panel you can administrate all your usergroups. You can delete, create and edit existing groups. Furthermore, you may choose group leaders, toggle open/hidden/closed group status and set the group name and description.', + 'ACP_GROUPS_MANAGE_EXPLAIN' => 'From this panel you can administer all your usergroups. You can delete, create and edit existing groups. Furthermore, you may choose group leaders, toggle open/hidden/closed group status and set the group name and description.', 'ADD_USERS' => 'Add users', 'ADD_USERS_EXPLAIN' => 'Here you can add new users to the group. You may select whether this group becomes the new default for the selected users. Additionally you can define them as group leaders. Please enter each username on a separate line.', diff --git a/phpBB/language/en/acp/posting.php b/phpBB/language/en/acp/posting.php index 443f4a3ea2..9719287c2a 100644 --- a/phpBB/language/en/acp/posting.php +++ b/phpBB/language/en/acp/posting.php @@ -168,8 +168,9 @@ $lang = array_merge($lang, array( 'SMILIES_CONFIG' => 'Smiley configuration', 'SMILIES_DELETED' => 'The smiley has been removed successfully.', 'SMILIES_EDIT' => 'Edit smiley', - 'SMILIE_NO_CODE' => 'The smilie “%s” was ignored, as there was no code entered.', - 'SMILIE_NO_EMOTION' => 'The smilie “%s” was ignored, as there was no emotion entered.', + 'SMILIE_NO_CODE' => 'The smiley “%s” was ignored, as there was no code entered.', + 'SMILIE_NO_EMOTION' => 'The smiley “%s” was ignored, as there was no emotion entered.', + 'SMILIE_NO_FILE' => 'The smiley “%s” was ignored, as the file is missing.', 'SMILIES_NONE_EDITED' => 'No smilies were updated.', 'SMILIES_ONE_EDITED' => 'The smiley has been updated successfully.', 'SMILIES_EDITED' => 'The smilies have been updated successfully.', @@ -233,13 +234,13 @@ $lang = array_merge($lang, array( // Disallow Usernames $lang = array_merge($lang, array( - 'ACP_DISALLOW_EXPLAIN' => 'Here you can control usernames which will not be allowed to be used. Disallowed usernames are allowed to contain a wildcard character of *. Please note that you will not be allowed to specify any username that has already been registered, you must first delete that name then disallow it.', + 'ACP_DISALLOW_EXPLAIN' => 'Here you can control usernames which will not be allowed to be used. Disallowed usernames are allowed to contain a wildcard character of *.', 'ADD_DISALLOW_EXPLAIN' => 'You can disallow a username using the wildcard character * to match any character.', 'ADD_DISALLOW_TITLE' => 'Add a disallowed username', 'DELETE_DISALLOW_EXPLAIN' => 'You can remove a disallowed username by selecting the username from this list and clicking submit.', 'DELETE_DISALLOW_TITLE' => 'Remove a disallowed username', - 'DISALLOWED_ALREADY' => 'The name you entered could not be disallowed. It either already exists in the list, exists in the word censor list, or a matching username is present.', + 'DISALLOWED_ALREADY' => 'The name you entered is already disallowed.', 'DISALLOWED_DELETED' => 'The disallowed username has been successfully removed.', 'DISALLOW_SUCCESSFUL' => 'The disallowed username has been successfully added.', diff --git a/phpBB/language/en/acp/styles.php b/phpBB/language/en/acp/styles.php index f161a7e6e6..3c8c4a328f 100644 --- a/phpBB/language/en/acp/styles.php +++ b/phpBB/language/en/acp/styles.php @@ -78,7 +78,7 @@ $lang = array_merge($lang, array( 'DELETE_IMAGESET' => 'Delete imageset', 'DELETE_IMAGESET_EXPLAIN' => 'Here you can remove the selected imageset from the database. Please note that there is no undo capability. It is recommended that you first export your set for possible future use.', 'DELETE_STYLE' => 'Delete style', - 'DELETE_STYLE_EXPLAIN' => 'Here you can remove the selected style. You cannot remove all the style elements from here. These must be deleted individually via their respective forms. Take care when deleting styles, there is no undo facility.', + 'DELETE_STYLE_EXPLAIN' => 'Here you can remove the selected style. Take care in deleting styles, there is no undo capability.', 'DELETE_TEMPLATE' => 'Delete template', 'DELETE_TEMPLATE_EXPLAIN' => 'Here you can remove the selected template set from the database. Please note that there is no undo capability. It is recommended that you first export your set for possible future use.', 'DELETE_THEME' => 'Delete theme', @@ -285,11 +285,14 @@ $lang = array_merge($lang, array( 'INSTALLED_TEMPLATE' => 'Installed templates', 'INSTALLED_THEME' => 'Installed themes', + 'KEEP_IMAGESET' => 'Keep “%s” imageset', + 'KEEP_TEMPLATE' => 'Keep “%s” template', + 'KEEP_THEME' => 'Keep “%s” theme', + 'LINE_SPACING' => 'Line spacing', 'LOCALISED_IMAGES' => 'Localised', 'LOCATION_DISABLED_EXPLAIN' => 'This setting is inherited and cannot be changed.', - 'NO_CLASS' => 'Cannot find class in stylesheet.', 'NO_IMAGESET' => 'Cannot find imageset on filesystem.', 'NO_IMAGE' => 'No image', @@ -322,6 +325,7 @@ $lang = array_merge($lang, array( 'REPLACE_TEMPLATE_EXPLAIN' => 'This template set will replace the one you are deleting in any styles that use it.', 'REPLACE_THEME' => 'Replace theme with', 'REPLACE_THEME_EXPLAIN' => 'This theme will replace the one you are deleting in any styles that use it.', + 'REPLACE_WITH_OPTION' => 'Replace with “%s”', 'REQUIRES_IMAGESET' => 'This style requires the %s imageset to be installed.', 'REQUIRES_TEMPLATE' => 'This style requires the %s template set to be installed.', 'REQUIRES_THEME' => 'This style requires the %s theme to be installed.', diff --git a/phpBB/language/en/captcha_recaptcha.php b/phpBB/language/en/captcha_recaptcha.php index 463bfffe0d..9b2fb2049d 100644 --- a/phpBB/language/en/captcha_recaptcha.php +++ b/phpBB/language/en/captcha_recaptcha.php @@ -37,14 +37,14 @@ if (empty($lang) || !is_array($lang)) $lang = array_merge($lang, array( 'RECAPTCHA_LANG' => 'en', - 'RECAPTCHA_NOT_AVAILABLE' => 'In order to use reCaptcha, you must create an account on reCaptcha.net.', + 'RECAPTCHA_NOT_AVAILABLE' => 'In order to use reCaptcha, you must create an account on www.google.com/recaptcha.', 'CAPTCHA_RECAPTCHA' => 'reCaptcha', 'RECAPTCHA_INCORRECT' => 'The visual confirmation code you submitted was incorrect', 'RECAPTCHA_PUBLIC' => 'Public reCaptcha key', - 'RECAPTCHA_PUBLIC_EXPLAIN' => 'Your public reCaptcha key. Keys can be obtained on reCaptcha.net.', + 'RECAPTCHA_PUBLIC_EXPLAIN' => 'Your public reCaptcha key. Keys can be obtained on www.google.com/recaptcha.', 'RECAPTCHA_PRIVATE' => 'Private reCaptcha key', - 'RECAPTCHA_PRIVATE_EXPLAIN' => 'Your private reCaptcha key. Keys can be obtained on reCaptcha.net.', + 'RECAPTCHA_PRIVATE_EXPLAIN' => 'Your private reCaptcha key. Keys can be obtained on www.google.com/recaptcha.', 'RECAPTCHA_EXPLAIN' => 'In an effort to prevent automatic submissions, we require that you enter both of the words displayed into the text field underneath.', )); diff --git a/phpBB/language/en/common.php b/phpBB/language/en/common.php index db60cbf227..078a280223 100644 --- a/phpBB/language/en/common.php +++ b/phpBB/language/en/common.php @@ -190,7 +190,7 @@ $lang = array_merge($lang, array( 'FORM_INVALID' => 'The submitted form was invalid. Try submitting again.', 'FORUM' => 'Forum', 'FORUMS' => 'Forums', - 'FORUMS_MARKED' => 'All forums have been marked read.', + 'FORUMS_MARKED' => 'The selected forums have been marked read.', 'FORUM_CAT' => 'Forum category', 'FORUM_INDEX' => 'Board index', 'FORUM_LINK' => 'Forum link', @@ -322,13 +322,14 @@ $lang = array_merge($lang, array( 'MARK' => 'Mark', 'MARK_ALL' => 'Mark all', 'MARK_FORUMS_READ' => 'Mark forums read', + 'MARK_SUBFORUMS_READ' => 'Mark subforums read', 'MB' => 'MB', 'MIB' => 'MiB', 'MCP' => 'Moderator Control Panel', 'MEMBERLIST' => 'Members', 'MEMBERLIST_EXPLAIN' => 'View complete list of members', 'MERGE' => 'Merge', - 'MERGE_POSTS' => 'Merge posts', + 'MERGE_POSTS' => 'Move posts', 'MERGE_TOPIC' => 'Merge topic', 'MESSAGE' => 'Message', 'MESSAGES' => 'Messages', @@ -529,6 +530,7 @@ $lang = array_merge($lang, array( 'SEARCH_TOPIC' => 'Search this topic…', 'SEARCH_UNANSWERED' => 'View unanswered posts', 'SEARCH_UNREAD' => 'View unread posts', + 'SEARCH_USER_POSTS' => 'Search user’s posts', 'SECONDS' => 'Seconds', 'SELECT' => 'Select', 'SELECT_ALL_CODE' => 'Select all', diff --git a/phpBB/language/en/install.php b/phpBB/language/en/install.php index 14923e836e..37147cc6a0 100644 --- a/phpBB/language/en/install.php +++ b/phpBB/language/en/install.php @@ -128,7 +128,7 @@ $lang = array_merge($lang, array( 'DB_ERR_QUERY_FIRST_TABLE' => 'Error while executing query_first, %s (“%s”).', 'DB_ERR_SELECT' => 'Error while running SELECT query.', 'DB_HOST' => 'Database server hostname or DSN', - 'DB_HOST_EXPLAIN' => 'DSN stands for Data Source Name and is relevant only for ODBC installs. On PostgreSQL, use localhost to connect to the local server via UNIX domain socket and 127.0.0.1 to connect via TCP.', + 'DB_HOST_EXPLAIN' => 'DSN stands for Data Source Name and is relevant only for ODBC installs. On PostgreSQL, use localhost to connect to the local server via UNIX domain socket and 127.0.0.1 to connect via TCP. For SQLite, enter the full path to your database file.', 'DB_NAME' => 'Database name', 'DB_PASSWORD' => 'Database password', 'DB_PORT' => 'Database server port', @@ -302,7 +302,7 @@ $lang = array_merge($lang, array( 'PHP_SETTINGS' => 'PHP version and settings', 'PHP_SETTINGS_EXPLAIN' => 'Required - You must be running at least version 4.3.3 of PHP in order to install phpBB. If safe mode is displayed below your PHP installation is running in that mode. This will impose limitations on remote administration and similar features.', 'PHP_URL_FOPEN_SUPPORT' => 'PHP setting allow_url_fopen is enabled', - 'PHP_URL_FOPEN_SUPPORT_EXPLAIN' => 'Optional - This setting is optional, however certain phpBB functions like off-site avatars will not work properly without it. ', + 'PHP_URL_FOPEN_SUPPORT_EXPLAIN' => 'Optional - This setting is optional, however certain phpBB functions like off-site avatars will not work properly without it.', 'PHP_VERSION_REQD' => 'PHP version >= 4.3.3', 'POST_ID' => 'Post ID', 'PREFIX_FOUND' => 'A scan of your tables has shown a valid installation using %s as table prefix.', @@ -370,7 +370,7 @@ $lang = array_merge($lang, array( // Updater $lang = array_merge($lang, array( - 'ALL_FILES_UP_TO_DATE' => 'All files are up to date with the latest phpBB version. You should now login to your board and check if everything is working fine. Do not forget to delete, rename or move your install directory! Please send us updated information about your server and board configurations from the Send statistics module in your ACP.', + 'ALL_FILES_UP_TO_DATE' => 'All files are up to date with the latest phpBB version. You should now login to your board and check if everything is working fine. Do not forget to delete, rename or move your install directory! Please send us updated information about your server and board configurations from the Send statistics module in your ACP.', 'ARCHIVE_FILE' => 'Source file within archive', 'BACK' => 'Back', diff --git a/phpBB/language/en/mcp.php b/phpBB/language/en/mcp.php index fc1b8c8f62..d0bcec0d9c 100644 --- a/phpBB/language/en/mcp.php +++ b/phpBB/language/en/mcp.php @@ -209,9 +209,8 @@ $lang = array_merge($lang, array( 'MCP_WARN_POST' => 'Warn for specific post', 'MCP_WARN_USER' => 'Warn user', - 'MERGE_POSTS' => 'Merge posts', - 'MERGE_POSTS_CONFIRM' => 'Are you sure you want to merge the selected posts?', - 'MERGE_TOPIC_EXPLAIN' => 'Using the form below you can merge selected posts into another topic. These posts will not be reordered and will appear as if the users posted them to the new topic.
        Please enter the destination topic id or click on “Select topic” to search for one.', + 'MERGE_POSTS_CONFIRM' => 'Are you sure you want to move the selected posts?', + 'MERGE_TOPIC_EXPLAIN' => 'Using the form below you can move selected posts into another topic. The posts will be split from this topic and merged into the other topic. These posts will not be reordered and will appear as if the users posted them to the new topic.
        Please enter the destination topic id or click on “Select topic” to search for one.', 'MERGE_TOPIC_ID' => 'Destination topic identification number', 'MERGE_TOPICS' => 'Merge topics', 'MERGE_TOPICS_CONFIRM' => 'Are you sure you want to merge the selected topics?', diff --git a/phpBB/language/en/memberlist.php b/phpBB/language/en/memberlist.php index e7a9c6b88d..e71f9d6565 100644 --- a/phpBB/language/en/memberlist.php +++ b/phpBB/language/en/memberlist.php @@ -116,7 +116,6 @@ $lang = array_merge($lang, array( 'REMOVE_FOE' => 'Remove foe', 'REMOVE_FRIEND' => 'Remove friend', - 'SEARCH_USER_POSTS' => 'Search user’s posts', 'SELECT_MARKED' => 'Select marked', 'SELECT_SORT_METHOD' => 'Select sort method', 'SEND_AIM_MESSAGE' => 'Send AIM message', @@ -131,7 +130,7 @@ $lang = array_merge($lang, array( 'SORT_POST_COUNT' => 'Post count', 'USERNAME_BEGINS_WITH' => 'Username begins with', - 'USER_ADMIN' => 'Administrate user', + 'USER_ADMIN' => 'Administer user', 'USER_BAN' => 'Banning', 'USER_FORUM' => 'User statistics', 'USER_LAST_REMINDED' => array( diff --git a/phpBB/language/en/search.php b/phpBB/language/en/search.php index d93fe6b56a..cd38cd615f 100644 --- a/phpBB/language/en/search.php +++ b/phpBB/language/en/search.php @@ -54,6 +54,7 @@ $lang = array_merge($lang, array( 'LOGIN_EXPLAIN_EGOSEARCH' => 'The board requires you to be registered and logged in to view your own posts.', 'LOGIN_EXPLAIN_UNREADSEARCH'=> 'The board requires you to be registered and logged in to view your unread posts.', + 'LOGIN_EXPLAIN_NEWPOSTS' => 'The board requires you to be registered and logged in to view new posts since your last visit.', 'MAX_NUM_SEARCH_KEYWORDS_REFINE' => 'You specified too many words to search for. Please do not enter more than %1$d words.', diff --git a/phpBB/language/en/ucp.php b/phpBB/language/en/ucp.php index 02b8a282d9..c1e3c06c43 100644 --- a/phpBB/language/en/ucp.php +++ b/phpBB/language/en/ucp.php @@ -119,6 +119,7 @@ $lang = array_merge($lang, array( 'CANNOT_REMOVE_FOLDER' => 'This folder cannot be removed.', 'CHANGE_DEFAULT_GROUP' => 'Change default group', 'CHANGE_PASSWORD' => 'Change password', + 'CLICK_GOTO_FOLDER' => '%1$sGo to your “%3$s” folder%2$s', 'CLICK_RETURN_FOLDER' => '%1$sReturn to your “%3$s” folder%2$s', 'CONFIRMATION' => 'Confirmation of registration', 'CONFIRM_CHANGES' => 'Confirm changes', @@ -194,6 +195,7 @@ $lang = array_merge($lang, array( 'FIELD_INVALID_CHARS_ALPHA_ONLY' => 'The field “%s” has invalid characters, only alphanumeric characters are allowed.', 'FIELD_INVALID_CHARS_SPACERS_ONLY' => 'The field “%s” has invalid characters, only alphanumeric, space or -+_[] characters are allowed.', 'FIELD_INVALID_DATE' => 'The field “%s” has an invalid date.', + 'FIELD_INVALID_VALUE' => 'The field “%s” has an invalid value.', 'FOE_MESSAGE' => 'Message from foe', 'FOES_EXPLAIN' => 'Foes are users which will be ignored by default. Posts by these users will not be fully visible. Personal messages from foes are still permitted. Please note that you cannot ignore moderators or administrators.', diff --git a/phpBB/memberlist.php b/phpBB/memberlist.php index 2fa2d11ee1..589877305f 100644 --- a/phpBB/memberlist.php +++ b/phpBB/memberlist.php @@ -1069,8 +1069,32 @@ switch ($mode) $sql_where .= ($msn) ? ' AND u.user_msnm ' . $db->sql_like_expression(str_replace('*', $db->any_char, $msn)) . ' ' : ''; $sql_where .= ($jabber) ? ' AND u.user_jabber ' . $db->sql_like_expression(str_replace('*', $db->any_char, $jabber)) . ' ' : ''; $sql_where .= (is_numeric($count) && isset($find_key_match[$count_select])) ? ' AND u.user_posts ' . $find_key_match[$count_select] . ' ' . (int) $count . ' ' : ''; - $sql_where .= (sizeof($joined) > 1 && isset($find_key_match[$joined_select])) ? " AND u.user_regdate " . $find_key_match[$joined_select] . ' ' . gmmktime(0, 0, 0, intval($joined[1]), intval($joined[2]), intval($joined[0])) : ''; - $sql_where .= ($auth->acl_get('u_viewonline') && sizeof($active) > 1 && isset($find_key_match[$active_select])) ? " AND u.user_lastvisit " . $find_key_match[$active_select] . ' ' . gmmktime(0, 0, 0, $active[1], intval($active[2]), intval($active[0])) : ''; + + if (isset($find_key_match[$joined_select]) && sizeof($joined) == 3) + { + // Before PHP 5.1 an error value -1 can be returned instead of false. + // Theoretically gmmktime() can also legitimately return -1 as an actual timestamp. + // But since we do not pass the $second parameter to gmmktime(), + // an actual unix timestamp -1 cannot be returned in this case. + // Thus we can check whether it is -1 and treat -1 as an error. + $joined_time = gmmktime(0, 0, 0, (int) $joined[1], (int) $joined[2], (int) $joined[0]); + + if ($joined_time !== false && $joined_time !== -1) + { + $sql_where .= " AND u.user_regdate " . $find_key_match[$joined_select] . ' ' . $joined_time; + } + } + + if (isset($find_key_match[$active_select]) && sizeof($active) == 3 && $auth->acl_get('u_viewonline')) + { + $active_time = gmmktime(0, 0, 0, (int) $active[1], (int) $active[2], (int) $active[0]); + + if ($active_time !== false && $active_time !== -1) + { + $sql_where .= " AND u.user_lastvisit " . $find_key_match[$active_select] . ' ' . $active_time; + } + } + $sql_where .= ($search_group_id) ? " AND u.user_id = ug.user_id AND ug.group_id = $search_group_id AND ug.user_pending = 0 " : ''; if ($search_group_id) @@ -1692,7 +1716,7 @@ function show_profile($data, $user_notes_enabled = false, $warn_user_enabled = f 'U_EMAIL' => $email, 'U_WWW' => (!empty($data['user_website'])) ? $data['user_website'] : '', 'U_SHORT_WWW' => (!empty($data['user_website'])) ? ((strlen($data['user_website']) > 55) ? substr($data['user_website'], 0, 39) . ' ... ' . substr($data['user_website'], -10) : $data['user_website']) : '', - 'U_ICQ' => ($data['user_icq']) ? 'http://www.icq.com/people/webmsg.php?to=' . urlencode($data['user_icq']) : '', + 'U_ICQ' => ($data['user_icq']) ? 'http://www.icq.com/people/' . urlencode($data['user_icq']) . '/' : '', 'U_AIM' => ($data['user_aim'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=aim&u=' . $user_id) : '', 'U_YIM' => ($data['user_yim']) ? 'http://edit.yahoo.com/config/send_webmesg?.target=' . urlencode($data['user_yim']) . '&.src=pg' : '', 'U_MSN' => ($data['user_msnm'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=msnm&u=' . $user_id) : '', diff --git a/phpBB/posting.php b/phpBB/posting.php index f775699cee..1bc498efe7 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -321,35 +321,7 @@ if ($mode == 'bump') if ($bump_time = bump_topic_allowed($forum_id, $post_data['topic_bumped'], $post_data['topic_last_post_time'], $post_data['topic_poster'], $post_data['topic_last_poster_id']) && check_link_hash(request_var('hash', ''), "topic_{$post_data['topic_id']}")) { - $db->sql_transaction('begin'); - - $sql = 'UPDATE ' . POSTS_TABLE . " - SET post_time = $current_time - WHERE post_id = {$post_data['topic_last_post_id']} - AND topic_id = $topic_id"; - $db->sql_query($sql); - - $sql = 'UPDATE ' . TOPICS_TABLE . " - SET topic_last_post_time = $current_time, - topic_bumped = 1, - topic_bumper = " . $user->data['user_id'] . " - WHERE topic_id = $topic_id"; - $db->sql_query($sql); - - update_post_information('forum', $forum_id); - - $sql = 'UPDATE ' . USERS_TABLE . " - SET user_lastpost_time = $current_time - WHERE user_id = " . $user->data['user_id']; - $db->sql_query($sql); - - $db->sql_transaction('commit'); - - markread('post', $forum_id, $topic_id, $current_time); - - add_log('mod', $forum_id, $topic_id, 'LOG_BUMP_TOPIC', $post_data['topic_title']); - - $meta_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id&p={$post_data['topic_last_post_id']}") . "#p{$post_data['topic_last_post_id']}"; + $meta_url = phpbb_bump_topic($forum_id, $topic_id, $post_data, $current_time); meta_refresh(3, $meta_url); $message = $user->lang['TOPIC_BUMPED'] . '

        ' . sprintf($user->lang['VIEW_MESSAGE'], '', ''); @@ -861,11 +833,18 @@ if ($submit || $preview || $refresh) { include($phpbb_root_path . 'includes/functions_user.' . $phpEx); + $user->add_lang('ucp'); + if (($result = validate_username($post_data['username'], (!empty($post_data['post_username'])) ? $post_data['post_username'] : '')) !== false) { - $user->add_lang('ucp'); $error[] = $user->lang[$result . '_USERNAME']; } + + if (($result = validate_string($post_data['username'], false, $config['min_name_chars'], $config['max_name_chars'])) !== false) + { + $min_max_amount = ($result == 'TOO_SHORT') ? $config['min_name_chars'] : $config['max_name_chars']; + $error[] = sprintf($user->lang['FIELD_' . $result], $user->lang['USERNAME'], $min_max_amount); + } } if ($config['enable_post_confirm'] && !$user->data['is_registered'] && in_array($mode, array('quote', 'post', 'reply'))) @@ -1353,8 +1332,8 @@ $lock_post_checked = (isset($post_lock)) ? $post_lock : $post_data['post_edit_lo $notify_set = ($mode != 'edit' && $config['allow_topic_notify'] && $user->data['is_registered'] && !$post_data['notify_set']) ? $user->data['user_notify'] : $post_data['notify_set']; $notify_checked = (isset($notify)) ? $notify : (($mode == 'post') ? $user->data['user_notify'] : $notify_set); -// Page title & action URL, include session_id for security purpose -$s_action = append_sid("{$phpbb_root_path}posting.$phpEx", "mode=$mode&f=$forum_id", true, $user->session_id); +// Page title & action URL +$s_action = append_sid("{$phpbb_root_path}posting.$phpEx", "mode=$mode&f=$forum_id"); $s_action .= ($topic_id) ? "&t=$topic_id" : ''; $s_action .= ($post_id) ? "&p=$post_id" : ''; diff --git a/phpBB/search.php b/phpBB/search.php index 2a13e20477..2aa61401cf 100644 --- a/phpBB/search.php +++ b/phpBB/search.php @@ -47,32 +47,44 @@ $sort_dir = request_var('sd', 'd'); $return_chars = request_var('ch', ($topic_id) ? -1 : 300); $search_forum = request_var('fid', array(0)); -// We put login boxes for the case if search_id is egosearch or unreadposts +// We put login boxes for the case if search_id is newposts, egosearch or unreadposts // because a guest should be able to log in even if guests search is not permitted -// Egosearch is an author search -if ($search_id == 'egosearch') +switch ($search_id) { - $author_id = $user->data['user_id']; + // Egosearch is an author search + case 'egosearch': + $author_id = $user->data['user_id']; + if ($user->data['user_id'] == ANONYMOUS) + { + login_box('', $user->lang['LOGIN_EXPLAIN_EGOSEARCH']); + } + break; - if ($user->data['user_id'] == ANONYMOUS) - { - login_box('', $user->lang['LOGIN_EXPLAIN_EGOSEARCH']); - } -} - -// Search for unread posts needs to be allowed and user to be logged in if topics tracking for guests is disabled -if ($search_id == 'unreadposts') -{ - if (!$config['load_unreads_search']) - { - $template->assign_var('S_NO_SEARCH', true); - trigger_error('NO_SEARCH_UNREADS'); - } - else if (!$config['load_anon_lastread'] && !$user->data['is_registered']) - { - login_box('', $user->lang['LOGIN_EXPLAIN_UNREADSEARCH']); - } + // Search for unread posts needs to be allowed and user to be logged in if topics tracking for guests is disabled + case 'unreadposts': + if (!$config['load_unreads_search']) + { + $template->assign_var('S_NO_SEARCH', true); + trigger_error('NO_SEARCH_UNREADS'); + } + else if (!$config['load_anon_lastread'] && !$user->data['is_registered']) + { + login_box('', $user->lang['LOGIN_EXPLAIN_UNREADSEARCH']); + } + break; + + // The "new posts" search uses user_lastvisit which is user based, so it should require user to log in. + case 'newposts': + if ($user->data['user_id'] == ANONYMOUS) + { + login_box('', $user->lang['LOGIN_EXPLAIN_NEWPOSTS']); + } + break; + + default: + // There's nothing to do here for now ;) + break; } // Is user able to search? Has search been disabled? diff --git a/phpBB/style.php b/phpBB/style.php index 8ca1751391..916aa8ce5c 100644 --- a/phpBB/style.php +++ b/phpBB/style.php @@ -15,13 +15,7 @@ define('IN_PHPBB', true); $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './'; $phpEx = substr(strrchr(__FILE__, '.'), 1); -// Report all errors, except notices and deprecation messages -if (!defined('E_DEPRECATED')) -{ - define('E_DEPRECATED', 8192); -} -error_reporting(E_ALL ^ E_NOTICE ^ E_DEPRECATED); - +require($phpbb_root_path . 'includes/startup.' . $phpEx); require($phpbb_root_path . 'config.' . $phpEx); if (!defined('PHPBB_INSTALLED') || empty($dbms) || empty($acm_type)) @@ -29,11 +23,6 @@ if (!defined('PHPBB_INSTALLED') || empty($dbms) || empty($acm_type)) exit; } -if (version_compare(PHP_VERSION, '6.0.0-dev', '<')) -{ - @set_magic_quotes_runtime(0); -} - // Load Extensions if (!empty($load_extensions) && function_exists('dl')) { diff --git a/phpBB/styles/prosilver/imageset/imageset.cfg b/phpBB/styles/prosilver/imageset/imageset.cfg index bbafe5e26d..72252079d6 100644 --- a/phpBB/styles/prosilver/imageset/imageset.cfg +++ b/phpBB/styles/prosilver/imageset/imageset.cfg @@ -19,7 +19,7 @@ # General Information about this style name = prosilver copyright = © phpBB Group, 2007 -version = 3.0.8 +version = 3.0.9 # Images img_site_logo = site_logo.gif*52*139 diff --git a/phpBB/styles/prosilver/imageset/site_logo.gif b/phpBB/styles/prosilver/imageset/site_logo.gif index 909114c377..2517fbedd6 100644 Binary files a/phpBB/styles/prosilver/imageset/site_logo.gif and b/phpBB/styles/prosilver/imageset/site_logo.gif differ diff --git a/phpBB/styles/prosilver/style.cfg b/phpBB/styles/prosilver/style.cfg index 7f7e677993..83e762f65b 100644 --- a/phpBB/styles/prosilver/style.cfg +++ b/phpBB/styles/prosilver/style.cfg @@ -19,4 +19,4 @@ # General Information about this style name = prosilver copyright = © phpBB Group, 2007 -version = 3.0.8 \ No newline at end of file +version = 3.0.9 \ No newline at end of file diff --git a/phpBB/styles/prosilver/template/attachment.html b/phpBB/styles/prosilver/template/attachment.html index cc5aacff2f..4c0a326f1e 100644 --- a/phpBB/styles/prosilver/template/attachment.html +++ b/phpBB/styles/prosilver/template/attachment.html @@ -70,12 +70,12 @@ - + - + diff --git a/phpBB/styles/prosilver/template/login_body.html b/phpBB/styles/prosilver/template/login_body.html index 26e425a1d0..36c2eae349 100644 --- a/phpBB/styles/prosilver/template/login_body.html +++ b/phpBB/styles/prosilver/template/login_body.html @@ -2,7 +2,7 @@ diff --git a/phpBB/styles/prosilver/template/mcp_post.html b/phpBB/styles/prosilver/template/mcp_post.html index 04e24cd1f9..9d4997e576 100644 --- a/phpBB/styles/prosilver/template/mcp_post.html +++ b/phpBB/styles/prosilver/template/mcp_post.html @@ -72,8 +72,8 @@

        -   - +   + {S_FORM_TOKEN}

        diff --git a/phpBB/styles/prosilver/template/mcp_topic.html b/phpBB/styles/prosilver/template/mcp_topic.html index db36ebf5ac..a4d2a0f600 100644 --- a/phpBB/styles/prosilver/template/mcp_topic.html +++ b/phpBB/styles/prosilver/template/mcp_topic.html @@ -31,7 +31,7 @@ onload_functions.push('subPanels()');
      • class="activetab"> - {L_MERGE_TOPIC} + {L_MERGE_POSTS}
        • diff --git a/phpBB/styles/prosilver/template/memberlist_im.html b/phpBB/styles/prosilver/template/memberlist_im.html index acc7ec359b..49de3b2596 100644 --- a/phpBB/styles/prosilver/template/memberlist_im.html +++ b/phpBB/styles/prosilver/template/memberlist_im.html @@ -39,7 +39,7 @@
         
        {L_IM_ADD_CONTACT}
        {L_IM_SEND_MESSAGE}
        -
        {L_IM_DOWNLOAD_APP} | {L_IM_AIM_EXPRESS}
        +
        {L_IM_DOWNLOAD_APP} | {L_IM_AIM_EXPRESS}
        diff --git a/phpBB/styles/prosilver/template/memberlist_search.html b/phpBB/styles/prosilver/template/memberlist_search.html index b95185a6f2..9df648f644 100644 --- a/phpBB/styles/prosilver/template/memberlist_search.html +++ b/phpBB/styles/prosilver/template/memberlist_search.html @@ -37,7 +37,7 @@ function insert_single(user) } // ]]> - +

        {L_FIND_USERNAME}

        diff --git a/phpBB/styles/prosilver/template/overall_footer.html b/phpBB/styles/prosilver/template/overall_footer.html index 4da1308e14..b252ff0de9 100644 --- a/phpBB/styles/prosilver/template/overall_footer.html +++ b/phpBB/styles/prosilver/template/overall_footer.html @@ -19,18 +19,7 @@ - - -
        Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group +
        Powered by phpBB® Forum Software © phpBB Group
        {TRANSLATION_INFO}
        {DEBUG_OUTPUT}
        {L_ACP} diff --git a/phpBB/styles/prosilver/template/overall_header.html b/phpBB/styles/prosilver/template/overall_header.html index 44857dbc41..e13c49b59a 100644 --- a/phpBB/styles/prosilver/template/overall_header.html +++ b/phpBB/styles/prosilver/template/overall_header.html @@ -8,10 +8,8 @@ - - {META} {SITENAME} • <!-- IF S_IN_MCP -->{L_MCP} • <!-- ELSEIF S_IN_UCP -->{L_UCP} • <!-- ENDIF -->{PAGE_TITLE} @@ -47,12 +45,9 @@ var onload_functions = new Array(); var onunload_functions = new Array(); - - if ({S_NEW_PM}) - { - var url = '{UA_POPUP_PM}'; - window.open(url.replace(/&/g, '&'), '_phpbbprivmsg', 'height=225,resizable=yes,scrollbars=yes, width=400'); - } + + var url = '{UA_POPUP_PM}'; + window.open(url.replace(/&/g, '&'), '_phpbbprivmsg', 'height=225,resizable=yes,scrollbars=yes, width=400'); /** @@ -85,8 +80,8 @@ // ]]> - - + + @@ -118,7 +113,7 @@
        - + - + diff --git a/phpBB/styles/subsilver2/template/login_body.html b/phpBB/styles/subsilver2/template/login_body.html index 90bbf8c139..262341e0c0 100644 --- a/phpBB/styles/subsilver2/template/login_body.html +++ b/phpBB/styles/subsilver2/template/login_body.html @@ -92,7 +92,7 @@ // {PASSWORD_CREDENTIAL}{USERNAME_CREDENTIAL}"); for (var i = 0; i < elements.length; ++i) { if (elements[i].tagName.toLowerCase() == 'input') diff --git a/phpBB/styles/subsilver2/template/mcp_topic.html b/phpBB/styles/subsilver2/template/mcp_topic.html index 12c0f73b97..13865d26ee 100644 --- a/phpBB/styles/subsilver2/template/mcp_topic.html +++ b/phpBB/styles/subsilver2/template/mcp_topic.html @@ -35,7 +35,7 @@ - {L_MERGE_TOPIC} + {L_MERGE_POSTS} {L_MERGE_TOPIC_EXPLAIN} diff --git a/phpBB/styles/subsilver2/template/memberlist_im.html b/phpBB/styles/subsilver2/template/memberlist_im.html index e8d86128c7..0a92fd2ba0 100644 --- a/phpBB/styles/subsilver2/template/memberlist_im.html +++ b/phpBB/styles/subsilver2/template/memberlist_im.html @@ -19,7 +19,7 @@ -
        {L_IM_ADD_CONTACT}
        {L_IM_SEND_MESSAGE}

        {L_IM_DOWNLOAD_APP} | {L_IM_AIM_EXPRESS} +
        {L_IM_ADD_CONTACT}
        {L_IM_SEND_MESSAGE}

        {L_IM_DOWNLOAD_APP} | {L_IM_AIM_EXPRESS}   diff --git a/phpBB/styles/subsilver2/template/overall_footer.html b/phpBB/styles/subsilver2/template/overall_footer.html index 64201ff2b9..5d6b63986f 100644 --- a/phpBB/styles/subsilver2/template/overall_footer.html +++ b/phpBB/styles/subsilver2/template/overall_footer.html @@ -1,20 +1,9 @@ {RUN_CRON_TASK} - -
        [ {L_ACP} ]

        - Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group + Powered by phpBB® Forum Software © phpBB Group
        {TRANSLATION_INFO}
        [ {DEBUG_OUTPUT} ]
        diff --git a/phpBB/styles/subsilver2/template/overall_header.html b/phpBB/styles/subsilver2/template/overall_header.html index 874beb8e2b..62ed79ed39 100644 --- a/phpBB/styles/subsilver2/template/overall_header.html +++ b/phpBB/styles/subsilver2/template/overall_header.html @@ -8,10 +8,8 @@ - - {META} {SITENAME} • <!-- IF S_IN_MCP -->{L_MCP} • <!-- ELSEIF S_IN_UCP -->{L_UCP} • <!-- ENDIF -->{PAGE_TITLE} @@ -29,11 +27,8 @@ - + diff --git a/phpBB/styles/subsilver2/template/posting_smilies.html b/phpBB/styles/subsilver2/template/posting_smilies.html index 2586530e55..fcab578bd9 100644 --- a/phpBB/styles/subsilver2/template/posting_smilies.html +++ b/phpBB/styles/subsilver2/template/posting_smilies.html @@ -6,7 +6,7 @@ var text_name = 'message'; // ]]> - + diff --git a/phpBB/styles/subsilver2/template/quickreply_editor.html b/phpBB/styles/subsilver2/template/quickreply_editor.html index 704c6e1306..91a8c9a702 100644 --- a/phpBB/styles/subsilver2/template/quickreply_editor.html +++ b/phpBB/styles/subsilver2/template/quickreply_editor.html @@ -10,7 +10,7 @@ - +
        {L_MESSAGE}:
        diff --git a/phpBB/styles/subsilver2/template/searchbox.html b/phpBB/styles/subsilver2/template/searchbox.html index cb0bb5ba73..622961c881 100644 --- a/phpBB/styles/subsilver2/template/searchbox.html +++ b/phpBB/styles/subsilver2/template/searchbox.html @@ -1 +1 @@ -
        {L_SEARCH_FOR}:
        +
        {L_SEARCH_FOR}: {S_SEARCH_LOCAL_HIDDEN_FIELDS}
        diff --git a/phpBB/styles/subsilver2/template/simple_footer.html b/phpBB/styles/subsilver2/template/simple_footer.html index c8b69dd5ad..043be16cdb 100644 --- a/phpBB/styles/subsilver2/template/simple_footer.html +++ b/phpBB/styles/subsilver2/template/simple_footer.html @@ -1,19 +1,8 @@ - -
        - Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group + Powered by phpBB® Forum Software © phpBB Group
        diff --git a/phpBB/styles/subsilver2/template/simple_header.html b/phpBB/styles/subsilver2/template/simple_header.html index bcef9a7059..b0dc908bc6 100644 --- a/phpBB/styles/subsilver2/template/simple_header.html +++ b/phpBB/styles/subsilver2/template/simple_header.html @@ -8,7 +8,6 @@ - {META} diff --git a/phpBB/styles/subsilver2/template/template.cfg b/phpBB/styles/subsilver2/template/template.cfg index edfc2d43f2..92ccfef35a 100644 --- a/phpBB/styles/subsilver2/template/template.cfg +++ b/phpBB/styles/subsilver2/template/template.cfg @@ -19,5 +19,5 @@ # General Information about this template name = subsilver2 copyright = © phpBB Group, 2003 -version = 3.0.8 +version = 3.0.9 diff --git a/phpBB/styles/subsilver2/template/ucp_pm_viewmessage_print.html b/phpBB/styles/subsilver2/template/ucp_pm_viewmessage_print.html index f1c59df1c8..6753a5bc33 100644 --- a/phpBB/styles/subsilver2/template/ucp_pm_viewmessage_print.html +++ b/phpBB/styles/subsilver2/template/ucp_pm_viewmessage_print.html @@ -107,15 +107,6 @@ hr.sep {
        - @@ -123,7 +114,7 @@ hr.sep { - +
        {S_TIMEZONE}
        Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
        http://www.phpbb.com/        		Powered by phpBB® Forum Software © phpBB Group
        http://www.phpbb.com/
        diff --git a/phpBB/styles/subsilver2/template/viewtopic_body.html b/phpBB/styles/subsilver2/template/viewtopic_body.html index bba00ce685..630871af61 100644 --- a/phpBB/styles/subsilver2/template/viewtopic_body.html +++ b/phpBB/styles/subsilver2/template/viewtopic_body.html @@ -150,7 +150,7 @@ -
         {L_POST_SUBJECT}: {postrow.POST_SUBJECT}
        {postrow.MINI_POST_IMG}{postrow.MINI_POST_IMG}{L_POSTED}: {postrow.POST_DATE} 
        +
         {L_POST_SUBJECT}: {postrow.POST_SUBJECT}
        {postrow.MINI_POST_IMG}{postrow.MINI_POST_IMG}{L_POSTED}: {postrow.POST_DATE} 
        diff --git a/phpBB/styles/subsilver2/template/viewtopic_print.html b/phpBB/styles/subsilver2/template/viewtopic_print.html index cfd78b6fc7..964c95f677 100644 --- a/phpBB/styles/subsilver2/template/viewtopic_print.html +++ b/phpBB/styles/subsilver2/template/viewtopic_print.html @@ -121,15 +121,6 @@ hr.sep {
        - @@ -137,7 +128,7 @@ hr.sep { - +
        {S_TIMEZONE}
        Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
        http://www.phpbb.com/        		Powered by phpBB® Forum Software © phpBB Group
        http://www.phpbb.com/
        diff --git a/phpBB/styles/subsilver2/theme/stylesheet.css b/phpBB/styles/subsilver2/theme/stylesheet.css index 726efdca0a..c2b6718d87 100644 --- a/phpBB/styles/subsilver2/theme/stylesheet.css +++ b/phpBB/styles/subsilver2/theme/stylesheet.css @@ -210,13 +210,13 @@ p.topicdetails { margin: 1px 0; } -.postreported, .postreported a:visited, .postreported a:hover, .postreported a:link, .postreported a:active { +.postreported, .postreported a:link, .postreported a:visited, .postreported a:hover, .postreported a:active { margin: 1px 0; color: red; font-weight:bold; } -.postapprove, .postapprove a:visited, .postapprove a:hover, .postapprove a:link, .postapprove a:active { +.postapprove, .postapprove a:link, .postapprove a:visited, .postapprove a:hover, .postapprove a:active { color: green; font-weight:bold; } @@ -386,12 +386,13 @@ hr { unicode-bidi: embed; } +/* CSS spec requires a:link, a:visited, a:hover and a:active rules to be specified in this order. */ +/* See http://www.phpbb.com/bugs/phpbb3/59685 */ a:link { color: #006597; text-decoration: none; } -a:active, a:visited { color: #005784; text-decoration: none; @@ -402,6 +403,11 @@ a:hover { text-decoration: underline; } +a:active { + color: #005784; + text-decoration: none; +} + a.forumlink { color: #069; font-weight: bold; @@ -667,4 +673,4 @@ pre { .username-coloured { font-weight: bold; -} \ No newline at end of file +} diff --git a/phpBB/styles/subsilver2/theme/theme.cfg b/phpBB/styles/subsilver2/theme/theme.cfg index a6ac5f337c..94e2f6d53d 100644 --- a/phpBB/styles/subsilver2/theme/theme.cfg +++ b/phpBB/styles/subsilver2/theme/theme.cfg @@ -21,7 +21,7 @@ # General Information about this theme name = subsilver2 copyright = © phpBB Group, 2003 -version = 3.0.8 +version = 3.0.9 # Some configuration options diff --git a/phpBB/ucp.php b/phpBB/ucp.php index f5a2ec9648..8fa022668b 100644 --- a/phpBB/ucp.php +++ b/phpBB/ucp.php @@ -314,6 +314,12 @@ if (!$config['allow_topic_notify'] && !$config['allow_forum_notify']) $module->set_display('main', 'subscribed', false); } +// Do not display signature panel if not authed to do so +if (!$auth->acl_get('u_sig')) +{ + $module->set_display('profile', 'signature', false); +} + // Select the active module $module->set_active($id, $mode); diff --git a/phpBB/viewforum.php b/phpBB/viewforum.php index 9cfa93f880..61ec27ed79 100644 --- a/phpBB/viewforum.php +++ b/phpBB/viewforum.php @@ -267,6 +267,12 @@ $post_alt = ($forum_data['forum_status'] == ITEM_LOCKED) ? $user->lang['FORUM_LO // Display active topics? $s_display_active = ($forum_data['forum_type'] == FORUM_CAT && ($forum_data['forum_flags'] & FORUM_FLAG_ACTIVE_TOPICS)) ? true : false; +$s_search_hidden_fields = array('fid' => array($forum_id)); +if ($_SID) +{ + $s_search_hidden_fields['sid'] = $_SID; +} + $template->assign_vars(array( 'MODERATORS' => (!empty($moderators[$forum_id])) ? implode(', ', $moderators[$forum_id]) : '', @@ -304,7 +310,8 @@ $template->assign_vars(array( 'S_WATCHING_FORUM' => $s_watching_forum['is_watching'], 'S_FORUM_ACTION' => append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id" . (($start == 0) ? '' : "&start=$start")), 'S_DISPLAY_SEARCHBOX' => ($auth->acl_get('u_search') && $auth->acl_get('f_search', $forum_id) && $config['load_search']) ? true : false, - 'S_SEARCHBOX_ACTION' => append_sid("{$phpbb_root_path}search.$phpEx", 'fid[]=' . $forum_id), + 'S_SEARCHBOX_ACTION' => append_sid("{$phpbb_root_path}search.$phpEx"), + 'S_SEARCH_LOCAL_HIDDEN_FIELDS' => build_hidden_fields($s_search_hidden_fields), 'S_SINGLE_MODERATOR' => (!empty($moderators[$forum_id]) && sizeof($moderators[$forum_id]) > 1) ? false : true, 'S_IS_LOCKED' => ($forum_data['forum_status'] == ITEM_LOCKED) ? true : false, 'S_VIEWFORUM' => true, diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index 498088c5c8..08e82591de 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -585,6 +585,15 @@ $server_path = (!$view) ? $phpbb_root_path : generate_board_url() . '/'; // Replace naughty words in title $topic_data['topic_title'] = censor_text($topic_data['topic_title']); +$s_search_hidden_fields = array( + 't' => $topic_id, + 'sf' => 'msgonly', +); +if ($_SID) +{ + $s_search_hidden_fields['sid'] = $_SID; +} + // Send vars to template $template->assign_vars(array( 'FORUM_ID' => $forum_id, @@ -636,7 +645,8 @@ $template->assign_vars(array( 'S_VIEWTOPIC' => true, 'S_DISPLAY_SEARCHBOX' => ($auth->acl_get('u_search') && $auth->acl_get('f_search', $forum_id) && $config['load_search']) ? true : false, - 'S_SEARCHBOX_ACTION' => append_sid("{$phpbb_root_path}search.$phpEx", 't=' . $topic_id), + 'S_SEARCHBOX_ACTION' => append_sid("{$phpbb_root_path}search.$phpEx"), + 'S_SEARCH_LOCAL_HIDDEN_FIELDS' => build_hidden_fields($s_search_hidden_fields), 'S_DISPLAY_POST_INFO' => ($topic_data['forum_type'] == FORUM_POST && ($auth->acl_get('f_post', $forum_id) || $user->data['user_id'] == ANONYMOUS)) ? true : false, 'S_DISPLAY_REPLY_INFO' => ($topic_data['forum_type'] == FORUM_POST && ($auth->acl_get('f_reply', $forum_id) || $user->data['user_id'] == ANONYMOUS)) ? true : false, @@ -1157,7 +1167,7 @@ while ($row = $db->sql_fetchrow($result)) if (!empty($row['user_icq'])) { - $user_cache[$poster_id]['icq'] = 'http://www.icq.com/people/webmsg.php?to=' . $row['user_icq']; + $user_cache[$poster_id]['icq'] = 'http://www.icq.com/people/' . urlencode($row['user_icq']) . '/'; $user_cache[$poster_id]['icq_status_img'] = ''; } else @@ -1547,6 +1557,7 @@ for ($i = 0, $end = sizeof($post_list); $i < $end; ++$i) 'U_WARN' => ($auth->acl_get('m_warn') && $poster_id != $user->data['user_id'] && $poster_id != ANONYMOUS) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&mode=warn_post&f=' . $forum_id . '&p=' . $row['post_id'], true, $user->session_id) : '', 'POST_ID' => $row['post_id'], + 'POST_NUMBER' => $i + $start + 1, 'POSTER_ID' => $poster_id, 'S_HAS_ATTACHMENTS' => (!empty($attachments[$row['post_id']])) ? true : false, diff --git a/phpBB/web.config b/phpBB/web.config index 128fe3c98f..a73c328626 100644 --- a/phpBB/web.config +++ b/phpBB/web.config @@ -6,7 +6,7 @@ - ­ + diff --git a/phpunit.xml.all b/phpunit.xml.all new file mode 100644 index 0000000000..1be2830729 --- /dev/null +++ b/phpunit.xml.all @@ -0,0 +1,25 @@ + + + + + + ./tests/ + + + + + + ./tests/ + + + diff --git a/phpunit.xml.dist b/phpunit.xml.dist new file mode 100644 index 0000000000..de8134da8e --- /dev/null +++ b/phpunit.xml.dist @@ -0,0 +1,31 @@ + + + + + + ./tests/ + + + + + + slow + + + + + + ./tests/ + + + diff --git a/tests/RUNNING_TESTS.txt b/tests/RUNNING_TESTS.txt index 74a0635c1a..59197acc0f 100644 --- a/tests/RUNNING_TESTS.txt +++ b/tests/RUNNING_TESTS.txt @@ -7,7 +7,7 @@ Prerequisites PHPUnit ------- -phpBB unit tests use PHPUnit framework. Version 3.3 or better is required +phpBB unit tests use PHPUnit framework. Version 3.5 or better is required to run the tests. PHPUnit prefers to be installed via PEAR; refer to http://www.phpunit.de/ for more information. @@ -41,14 +41,23 @@ will run phpunit with the same parameters as in the shown test_config.php file: $ PHPBB_TEST_DBMS='mysqli' PHPBB_TEST_DBHOST='localhost' \ PHPBB_TEST_DBNAME='database' PHPBB_TEST_DBUSER='user' \ - PHPBB_TEST_DBPASSWD='password' phpunit all_tests.php + PHPBB_TEST_DBPASSWD='password' phpunit Running ======= -Once the prerequisites are installed, run the tests from tests directory: +Once the prerequisites are installed, run the tests from the project root directory (above phpBB): - $ phpunit all_tests.php + $ phpunit + +Slow tests +-------------- +Certain tests, such as the UTF-8 normalizer or the DNS tests tend to be slow. +Thus these tests are in the `slow` group, which is excluded by default. You can +enable slow tests by copying the phpunit.xml.all file to phpunit.xml. If you only +want the slow tests, run: + + $ phpunit --group slow More Information ================ diff --git a/tests/all_tests.php b/tests/all_tests.php deleted file mode 100644 index d1d711c4d7..0000000000 --- a/tests/all_tests.php +++ /dev/null @@ -1,69 +0,0 @@ -= 0) -{ - PHP_CodeCoverage_Filter::getInstance()->addDirectoryToBlacklist('./'); -} -else -{ - PHPUnit_Util_Filter::addDirectoryToFilter('./'); -} - -class phpbb_all_tests -{ - public static function main() - { - PHPUnit_TextUI_TestRunner::run(self::suite()); - } - - public static function suite() - { - $suite = new PHPUnit_Framework_TestSuite('phpBB'); - - $suite->addTest(phpbb_utf_all_tests::suite()); - $suite->addTest(phpbb_request_all_tests::suite()); - $suite->addTest(phpbb_security_all_tests::suite()); - $suite->addTest(phpbb_template_all_tests::suite()); - $suite->addTest(phpbb_text_processing_all_tests::suite()); - $suite->addTest(phpbb_dbal_all_tests::suite()); - $suite->addTest(phpbb_regex_all_tests::suite()); - $suite->addTest(phpbb_network_all_tests::suite()); - $suite->addTest(phpbb_random_all_tests::suite()); - - return $suite; - } -} - -if (PHPUnit_MAIN_METHOD == 'phpbb_all_tests::main') -{ - phpbb_all_tests::main(); -} - diff --git a/tests/bbcode/url_bbcode_test.php b/tests/bbcode/url_bbcode_test.php new file mode 100644 index 0000000000..cd85dbd0d9 --- /dev/null +++ b/tests/bbcode/url_bbcode_test.php @@ -0,0 +1,63 @@ +message = $message; + $bbcode->bbcode_init(false); + $bbcode->parse_bbcode(); + $this->assertEquals($expected, $bbcode->message); + } +} diff --git a/tests/test_framework/framework.php b/tests/bootstrap.php similarity index 61% rename from tests/test_framework/framework.php rename to tests/bootstrap.php index 3a11cc6df9..6f3c93a374 100644 --- a/tests/test_framework/framework.php +++ b/tests/bootstrap.php @@ -8,9 +8,15 @@ */ define('IN_PHPBB', true); -$phpbb_root_path = '../phpBB/'; +$phpbb_root_path = 'phpBB/'; $phpEx = 'php'; -$table_prefix = ''; +$table_prefix = 'phpbb_'; + +if (!defined('E_DEPRECATED')) +{ + define('E_DEPRECATED', 8192); +} +error_reporting(E_ALL & ~E_DEPRECATED); // If we are on PHP >= 6.0.0 we do not need some code if (version_compare(PHP_VERSION, '6.0.0-dev', '>=')) @@ -25,19 +31,7 @@ else require_once $phpbb_root_path . 'includes/constants.php'; -// require at least PHPUnit 3.3.0 -require_once 'PHPUnit/Runner/Version.php'; -if (version_compare(PHPUnit_Runner_Version::id(), '3.3.0', '<')) -{ - trigger_error('PHPUnit >= 3.3.0 required'); -} - -if (version_compare(PHPUnit_Runner_Version::id(), '3.5.0', '<')) -{ - require_once 'PHPUnit/Framework.php'; - require_once 'PHPUnit/Extensions/Database/TestCase.php'; -} - require_once 'test_framework/phpbb_test_case_helpers.php'; require_once 'test_framework/phpbb_test_case.php'; require_once 'test_framework/phpbb_database_test_case.php'; +require_once 'test_framework/phpbb_database_test_connection_manager.php'; diff --git a/tests/dbal/all_tests.php b/tests/dbal/all_tests.php deleted file mode 100644 index cfa8176246..0000000000 --- a/tests/dbal/all_tests.php +++ /dev/null @@ -1,42 +0,0 @@ -addTestSuite('phpbb_dbal_select_test'); - $suite->addTestSuite('phpbb_dbal_write_test'); - - return $suite; - } -} - -if (PHPUnit_MAIN_METHOD == 'phpbb_dbal_all_tests::main') -{ - phpbb_dbal_all_tests::main(); -} diff --git a/tests/dbal/db_tools_test.php b/tests/dbal/db_tools_test.php new file mode 100644 index 0000000000..ddea500f83 --- /dev/null +++ b/tests/dbal/db_tools_test.php @@ -0,0 +1,276 @@ +createXMLDataSet(dirname(__FILE__).'/fixtures/config.xml'); + } + + protected function setUp() + { + parent::setUp(); + + $this->db = $this->new_dbal(); + $this->tools = new phpbb_db_tools($this->db); + + $this->table_data = array( + 'COLUMNS' => array( + 'c_id' => array('UINT', NULL, 'auto_increment'), + 'c_int_size' => array('INT:4', 4), + 'c_bint' => array('BINT', 4), + 'c_uint' => array('UINT', 4), + 'c_uint_size' => array('UINT:4', 4), + 'c_tint_size' => array('TINT:2', 4), + 'c_usint' => array('USINT', 4), + 'c_bool' => array('BOOL', 1), + 'c_vchar' => array('VCHAR', 'foo'), + 'c_vchar_size' => array('VCHAR:4', 'foo'), + 'c_char_size' => array('CHAR:4', 'foo'), + 'c_xstext' => array('XSTEXT', 'foo'), + 'c_stext' => array('STEXT', 'foo'), + 'c_text' => array('TEXT', 'foo'), + 'c_mtext' => array('MTEXT', 'foo'), + 'c_xstext_uni' => array('XSTEXT_UNI', 'foo'), + 'c_stext_uni' => array('STEXT_UNI', 'foo'), + 'c_text_uni' => array('TEXT_UNI', 'foo'), + 'c_mtext_uni' => array('MTEXT_UNI', 'foo'), + 'c_timestamp' => array('TIMESTAMP', 4), + 'c_decimal' => array('DECIMAL', 4.2), + 'c_decimal_size' => array('DECIMAL:6', 4.2), + 'c_pdecimal' => array('PDECIMAL', 4.2), + 'c_pdecimal_size' => array('PDECIMAL:7', 4.2), + 'c_vchar_uni' => array('VCHAR_UNI', 'foo'), + 'c_vchar_uni_size' => array('VCHAR_UNI:4', 'foo'), + 'c_vchar_ci' => array('VCHAR_CI', 'foo'), + 'c_varbinary' => array('VARBINARY', 'foo'), + ), + 'PRIMARY_KEY' => 'c_id', + 'KEYS' => array( + 'i_simple' => array('INDEX', 'c_uint'), + 'i_uniq' => array('UNIQUE', 'c_vchar'), + 'i_comp' => array('INDEX', array('c_vchar_uni', 'c_bool')), + 'i_comp_uniq' => array('UNIQUE', array('c_vchar_size', 'c_usint')), + ), + ); + $this->tools->sql_create_table('prefix_table_name', $this->table_data); + $this->table_exists = true; + } + + protected function tearDown() + { + if ($this->table_exists) + { + $this->tools->sql_table_drop('prefix_table_name'); + } + + parent::tearDown(); + } + + public function test_created_and_drop_table() + { + // table is empty after creation and queryable + $sql = 'SELECT * FROM prefix_table_name'; + $result = $this->db->sql_query($sql); + $this->assertTrue(! $this->db->sql_fetchrow($result)); + $this->db->sql_freeresult($result); + + $this->table_exists = false; + $this->tools->sql_table_drop('prefix_table_name'); + } + + static protected function get_default_values() + { + return array( + 'c_int_size' => 0, + 'c_bint' => 0, + 'c_uint' => 0, + 'c_uint_size' => 0, + 'c_tint_size' => 0, + 'c_usint' => 0, + 'c_bool' => 0, + 'c_vchar' => '', + 'c_vchar_size' => '', + 'c_char_size' => '', + 'c_xstext' => '', + 'c_stext' => '', + 'c_text' => '', + 'c_mtext' => '', + 'c_xstext_uni' => '', + 'c_stext_uni' => '', + 'c_text_uni' => '', + 'c_mtext_uni' => '', + 'c_timestamp' => 0, + 'c_decimal' => 0, + 'c_decimal_size' => 0, + 'c_pdecimal' => 0, + 'c_pdecimal_size' => 0, + 'c_vchar_uni' => '', + 'c_vchar_uni_size' => '', + 'c_vchar_ci' => '', + 'c_varbinary' => '', + ); + } + + static public function column_values() + { + return array( + array('c_int_size', -9999), + array('c_bint', '99999999999999999'), + array('c_uint', 16777215), + array('c_uint_size', 9999), + array('c_tint_size', -99), + array('c_usint', 99), + array('c_bool', 0), + array('c_vchar', str_repeat('a', 255)), + array('c_vchar_size', str_repeat('a', 4)), + array('c_char_size', str_repeat('a', 4)), + array('c_xstext', str_repeat('a', 1000)), + array('c_stext', str_repeat('a', 3000)), + array('c_text', str_repeat('a', 8000)), + array('c_mtext', str_repeat('a', 10000)), + array('c_xstext_uni', str_repeat("\xC3\x84", 100)), + array('c_stext_uni', str_repeat("\xC3\x84", 255)), + array('c_text_uni', str_repeat("\xC3\x84", 4000)), + array('c_mtext_uni', str_repeat("\xC3\x84", 10000)), + array('c_timestamp', 2147483647), + array('c_decimal', 999.99), + array('c_decimal_size', 9999.99), + array('c_pdecimal', 999.999), + array('c_pdecimal_size', 9999.999), + array('c_vchar_uni', str_repeat("\xC3\x84", 255)), + array('c_vchar_uni_size', str_repeat("\xC3\x84", 4)), + array('c_vchar_ci', str_repeat("\xC3\x84", 255)), + array('c_varbinary', str_repeat("\x00\xFF", 127)), + ); + } + + /** + * @dataProvider column_values + */ + public function test_created_column($column_name, $column_value) + { + $row_insert = self::get_default_values(); + $row_insert[$column_name] = $column_value; + + // empty table + $sql = 'DELETE FROM prefix_table_name'; + $result = $this->db->sql_query($sql); + + $sql = 'INSERT INTO prefix_table_name ' . $this->db->sql_build_array('INSERT', $row_insert); + $result = $this->db->sql_query($sql); + + $sql = "SELECT * + FROM prefix_table_name"; + $result = $this->db->sql_query($sql); + $row_actual = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + $row_expect = $row_insert; + + unset($row_actual['id']); // auto increment id changes, so ignore + + $type = $this->table_data['COLUMNS'][$column_name][0]; + $this->assertEquals($row_expect[$column_name], $row_actual[$column_name], "Column $column_name of type $type should have equal return and input value."); + } + + public function test_auto_increment() + { + $sql = 'DELETE FROM prefix_table_name'; + $result = $this->db->sql_query($sql); + + $row1 = array_merge(self::get_default_values(), array( + 'c_uint' => 1, + 'c_vchar' => '1', // these values are necessary to avoid unique index issues + 'c_vchar_size' => '1', + )); + $row2 = array_merge(self::get_default_values(), array( + 'c_uint' => 2, + 'c_vchar' => '2', + 'c_vchar_size' => '2', + )); + + $sql = 'INSERT INTO prefix_table_name ' . $this->db->sql_build_array('INSERT', $row1); + $result = $this->db->sql_query($sql); + $id1 = $this->db->sql_nextid(); + + $sql = 'INSERT INTO prefix_table_name ' . $this->db->sql_build_array('INSERT', $row2); + $result = $this->db->sql_query($sql); + $id2 = $this->db->sql_nextid(); + + $this->assertGreaterThan($id1, $id2, 'Auto increment should increase the id value'); + + $sql = "SELECT * + FROM prefix_table_name WHERE c_id = $id1"; + $result = $this->db->sql_query($sql); + $row_actual = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + $row1['c_id'] = $id1; + $this->assertEquals($row1, $row_actual); + + $sql = "SELECT * + FROM prefix_table_name WHERE c_id = $id2"; + $result = $this->db->sql_query($sql); + $row_actual = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + $row2['c_id'] = $id2; + $this->assertEquals($row2, $row_actual); + } + + public function test_column_exists() + { + $this->assertTrue($this->tools->sql_column_exists('prefix_table_name', 'c_id')); + $this->assertFalse($this->tools->sql_column_exists('prefix_table_name', 'column_does_not_exist')); + } + + public function test_column_remove() + { + $this->assertTrue($this->tools->sql_column_exists('prefix_table_name', 'c_int_size')); + + $this->assertTrue($this->tools->sql_column_remove('prefix_table_name', 'c_int_size')); + + $this->assertFalse($this->tools->sql_column_exists('prefix_table_name', 'c_int_size')); + } + + public function test_column_remove_primary() + { + $this->assertTrue($this->tools->sql_column_exists('prefix_table_name', 'c_id')); + + $this->assertTrue($this->tools->sql_column_remove('prefix_table_name', 'c_id')); + + $this->assertFalse($this->tools->sql_column_exists('prefix_table_name', 'c_id')); + } + + public function test_table_exists() + { + $this->assertTrue($this->tools->sql_table_exists('prefix_table_name')); + $this->assertFalse($this->tools->sql_table_exists('prefix_does_not_exist')); + } + + public function test_table_drop() + { + $this->tools->sql_create_table('prefix_test_table', + array('COLUMNS' => array( + 'foo' => array('UINT', 42))) + ); + + $this->tools->sql_table_drop('prefix_test_table'); + } +} diff --git a/tests/dbal/select.php b/tests/dbal/select_test.php similarity index 92% rename from tests/dbal/select.php rename to tests/dbal/select_test.php index 70f27549d2..e0d08d9306 100644 --- a/tests/dbal/select.php +++ b/tests/dbal/select_test.php @@ -7,8 +7,8 @@ * */ -require_once 'test_framework/framework.php'; -require_once '../phpBB/includes/functions.php'; +require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php'; +require_once dirname(__FILE__) . '/../../phpBB/includes/utf/utf_tools.php'; class phpbb_dbal_select_test extends phpbb_database_test_case { @@ -318,4 +318,27 @@ class phpbb_dbal_select_test extends phpbb_database_test_case $db->sql_freeresult($result); } + + function test_nested_transactions() + { + $db = $this->new_dbal(); + + // nested transactions should work on systems that do not require + // buffering of nested transactions, so ignore the ones that need + // buffering + if ($db->sql_buffer_nested_transactions()) + { + return; + } + + $sql = 'SELECT user_id FROM phpbb_users ORDER BY user_id ASC'; + $result1 = $db->sql_query($sql); + + $db->sql_transaction('begin'); + $result2 = $db->sql_query($sql); + $row = $db->sql_fetchrow($result2); + $db->sql_transaction('commit'); + + $this->assertEquals('1', $row['user_id']); + } } diff --git a/tests/dbal/write.php b/tests/dbal/write_test.php similarity index 97% rename from tests/dbal/write.php rename to tests/dbal/write_test.php index 01deacda69..4709d45fa5 100644 --- a/tests/dbal/write.php +++ b/tests/dbal/write_test.php @@ -7,8 +7,7 @@ * */ -require_once 'test_framework/framework.php'; -require_once '../phpBB/includes/functions.php'; +require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php'; class phpbb_dbal_write_test extends phpbb_database_test_case { diff --git a/tests/mock/cache.php b/tests/mock/cache.php new file mode 100644 index 0000000000..11e525ff79 --- /dev/null +++ b/tests/mock/cache.php @@ -0,0 +1,73 @@ +data = $data; + + if (!isset($this->data['_bots'])) + { + $this->data['_bots'] = array(); + } + } + + public function get($var_name) + { + if (isset($this->data[$var_name])) + { + return $this->data[$var_name]; + } + + return false; + } + + public function put($var_name, $var, $ttl = 0) + { + $this->data[$var_name] = $var; + } + + /** + * Obtain active bots + */ + public function obtain_bots() + { + return $this->data['_bots']; + } + + public function set_bots($bots) + { + $this->data['_bots'] = $bots; + } + + public function checkVar(PHPUnit_Framework_Assert $test, $var_name, $data) + { + $test->assertTrue(isset($this->data[$var_name])); + $test->assertEquals($data, $this->data[$var_name]); + } + + public function check(PHPUnit_Framework_Assert $test, $data, $ignore_db_info = true) + { + $cache_data = $this->data; + + if ($ignore_db_info) + { + unset($cache_data['mssqlodbc_version']); + unset($cache_data['mssql_version']); + unset($cache_data['mysql_version']); + unset($cache_data['mysqli_version']); + unset($cache_data['pgsql_version']); + unset($cache_data['sqlite_version']); + } + + $test->assertEquals($data, $cache_data); + } +} + diff --git a/tests/mock/session_testable.php b/tests/mock/session_testable.php new file mode 100644 index 0000000000..47089cb94b --- /dev/null +++ b/tests/mock/session_testable.php @@ -0,0 +1,63 @@ +_cookies[$name] = array($data, $time); + } + + /** + * Checks if the cookies were set correctly. + * + * @param PHPUnit_Framework_Assert test The test from which this is called + * @param array(string => mixed) cookies The cookie data to check against. + * The keys are cookie names, the values can either be null to + * check only the existance of the cookie, or an array(d, t), + * where d is the cookie data to check, or null to skip the + * check and t is the cookie time to check, or null to skip. + */ + public function check_cookies(PHPUnit_Framework_Assert $test, $cookies) + { + $test->assertEquals(array_keys($cookies), array_keys($this->_cookies), 'Incorrect cookies were set'); + + foreach ($cookies as $name => $cookie) + { + if (!is_null($cookie)) + { + $data = $cookie[0]; + $time = $cookie[1]; + + if (!is_null($data)) + { + $test->assertEquals($data, $this->_cookies[$name][0], "Cookie $name contains incorrect data"); + } + + if (!is_null($time)) + { + $test->assertEquals($time, $this->_cookies[$name][1], "Cookie $name expires at the wrong time"); + } + } + } + } +} + diff --git a/tests/mock_user.php b/tests/mock_user.php new file mode 100644 index 0000000000..74d31c4c4a --- /dev/null +++ b/tests/mock_user.php @@ -0,0 +1,20 @@ + '/'); +} diff --git a/tests/network/all_tests.php b/tests/network/all_tests.php deleted file mode 100644 index b500647f81..0000000000 --- a/tests/network/all_tests.php +++ /dev/null @@ -1,40 +0,0 @@ -addTestSuite('phpbb_network_checkdnsrr_test'); - - return $suite; - } -} - -if (PHPUnit_MAIN_METHOD == 'phpbb_network_all_tests::main') -{ - phpbb_network_all_tests::main(); -} diff --git a/tests/network/checkdnsrr.php b/tests/network/checkdnsrr_test.php similarity index 93% rename from tests/network/checkdnsrr.php rename to tests/network/checkdnsrr_test.php index 57fe2761cc..5a756dcef8 100644 --- a/tests/network/checkdnsrr.php +++ b/tests/network/checkdnsrr_test.php @@ -7,9 +7,11 @@ * */ -require_once 'test_framework/framework.php'; -require_once '../phpBB/includes/functions.php'; +require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php'; +/** +* @group slow +*/ class phpbb_network_checkdnsrr_test extends phpbb_test_case { public function data_provider() diff --git a/tests/profile/custom_test.php b/tests/profile/custom_test.php new file mode 100644 index 0000000000..0e0a851243 --- /dev/null +++ b/tests/profile/custom_test.php @@ -0,0 +1,55 @@ +createXMLDataSet(dirname(__FILE__).'/fixtures/profile_fields.xml'); + } + + static public function dropdownFields() + { + return array( + // note, there is an offset of 1 between option_id (0-indexed) + // in the database and values (1-indexed) to avoid problems with + // transmitting 0 in an HTML form + // required, value, expected + array(1, '0', 'FIELD_INVALID_VALUE', 'Required field should throw error for out-of-range value'), + array(1, '1', 'FIELD_REQUIRED', 'Required field should throw error for default value'), + array(1, '2', false, 'Required field should accept non-default value'), + array(0, '0', 'FIELD_INVALID_VALUE', 'Optional field should throw error for out-of-range value'), + array(0, '1', false, 'Optional field should accept default value'), + array(0, '2', false, 'Optional field should accept non-default value'), + ); + } + + /** + * @dataProvider dropdownFields + */ + public function test_dropdown_validate($field_required, $field_value, $expected, $description) + { + global $db; + $db = $this->new_dbal(); + + $field_data = array( + 'field_id' => 1, + 'lang_id' => 1, + 'field_novalue' => 1, + 'field_required' => $field_required, + ); + + $cp = new custom_profile; + $result = $cp->validate_profile_field(FIELD_DROPDOWN, &$field_value, $field_data); + + $this->assertEquals($expected, $result, $description); + } +} diff --git a/tests/profile/fixtures/profile_fields.xml b/tests/profile/fixtures/profile_fields.xml new file mode 100644 index 0000000000..0b2929f625 --- /dev/null +++ b/tests/profile/fixtures/profile_fields.xml @@ -0,0 +1,31 @@ + + + + field_id + lang_id + option_id + field_type + lang_value + + 1 + 1 + 0 + 5 + Default Option + + + 1 + 1 + 1 + 5 + First Alternative + + + 1 + 1 + 2 + 5 + Third Alternative + +
        +         diff --git a/tests/random/all_tests.php b/tests/random/all_tests.php deleted file mode 100644 index c6ffe78024..0000000000 --- a/tests/random/all_tests.php +++ /dev/null @@ -1,40 +0,0 @@ -addTestSuite('phpbb_random_gen_rand_string_test'); - - return $suite; - } -} - -if (PHPUnit_MAIN_METHOD == 'phpbb_random_all_tests::main') -{ - phpbb_random_all_tests::main(); -} diff --git a/tests/random/gen_rand_string.php b/tests/random/gen_rand_string_test.php similarity index 94% rename from tests/random/gen_rand_string.php rename to tests/random/gen_rand_string_test.php index cd58d14ed3..115c55e4e2 100644 --- a/tests/random/gen_rand_string.php +++ b/tests/random/gen_rand_string_test.php @@ -7,8 +7,7 @@ * */ -require_once 'test_framework/framework.php'; -require_once '../phpBB/includes/functions.php'; +require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php'; class phpbb_random_gen_rand_string_test extends phpbb_test_case { diff --git a/tests/random/mt_rand.php b/tests/random/mt_rand.php new file mode 100644 index 0000000000..d6502c4e80 --- /dev/null +++ b/tests/random/mt_rand.php @@ -0,0 +1,46 @@ +assertEquals(42, $result); + } + + public function test_max_equals_min_negative() + { + $result = phpbb_mt_rand(-42, -42); + $this->assertEquals(-42, $result); + } + + public function test_max_greater_min() + { + $result = phpbb_mt_rand(3, 4); + $this->assertGreaterThanOrEqual(3, $result); + $this->assertLessThanOrEqual(4, $result); + } + + public function test_min_greater_max() + { + $result = phpbb_mt_rand(4, 3); + $this->assertGreaterThanOrEqual(3, $result); + $this->assertLessThanOrEqual(4, $result); + } + + public function test_min_greater_max_negative() + { + $result = phpbb_mt_rand(-3, -4); + $this->assertGreaterThanOrEqual(-4, $result); + $this->assertLessThanOrEqual(-3, $result); + } +} diff --git a/tests/regex/all_tests.php b/tests/regex/all_tests.php deleted file mode 100644 index 316a9d4a58..0000000000 --- a/tests/regex/all_tests.php +++ /dev/null @@ -1,46 +0,0 @@ -addTestSuite('phpbb_regex_email_test'); - $suite->addTestSuite('phpbb_regex_ipv4_test'); - $suite->addTestSuite('phpbb_regex_ipv6_test'); - $suite->addTestSuite('phpbb_regex_url_test'); - - return $suite; - } -} - -if (PHPUnit_MAIN_METHOD == 'phpbb_regex_all_tests::main') -{ - phpbb_regex_all_tests::main(); -} diff --git a/tests/regex/censor_test.php b/tests/regex/censor_test.php new file mode 100644 index 0000000000..fa9104e71d --- /dev/null +++ b/tests/regex/censor_test.php @@ -0,0 +1,50 @@ +assertRegExp($regex, $subject); + } + + /** + * @dataProvider censor_test_data + */ + public function test_censor_no_unicode($pattern, $subject) + { + $regex = get_censor_preg_expression($pattern, false); + + $this->assertRegExp($regex, $subject); + } +} \ No newline at end of file diff --git a/tests/regex/email.php b/tests/regex/email_test.php similarity index 97% rename from tests/regex/email.php rename to tests/regex/email_test.php index 8658b8af36..0695b801d5 100644 --- a/tests/regex/email.php +++ b/tests/regex/email_test.php @@ -7,8 +7,7 @@ * */ -require_once 'test_framework/framework.php'; -require_once '../phpBB/includes/functions.php'; +require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php'; class phpbb_regex_email_test extends phpbb_test_case { diff --git a/tests/regex/ipv4.php b/tests/regex/ipv4_test.php similarity index 93% rename from tests/regex/ipv4.php rename to tests/regex/ipv4_test.php index 9d131ad0ca..9829547508 100644 --- a/tests/regex/ipv4.php +++ b/tests/regex/ipv4_test.php @@ -7,8 +7,7 @@ * */ -require_once 'test_framework/framework.php'; -require_once '../phpBB/includes/functions.php'; +require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php'; class phpbb_regex_ipv4_test extends phpbb_test_case { diff --git a/tests/regex/ipv6.php b/tests/regex/ipv6_test.php similarity index 97% rename from tests/regex/ipv6.php rename to tests/regex/ipv6_test.php index 3d7a72e492..1b2018403c 100644 --- a/tests/regex/ipv6.php +++ b/tests/regex/ipv6_test.php @@ -7,8 +7,7 @@ * */ -require_once 'test_framework/framework.php'; -require_once '../phpBB/includes/functions.php'; +require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php'; class phpbb_regex_ipv6_test extends phpbb_test_case { diff --git a/tests/regex/password_complexity_test.php b/tests/regex/password_complexity_test.php new file mode 100644 index 0000000000..21e8d12a0a --- /dev/null +++ b/tests/regex/password_complexity_test.php @@ -0,0 +1,81 @@ +assertFalse(validate_password($password)); + } + + /** + * @dataProvider password_complexity_test_data_negative + */ + public function test_password_complexity_negative($password, $mode) + { + global $config; + $config['pass_complex'] = $mode; + $this->assertEquals('INVALID_CHARS', validate_password($password)); + } +} diff --git a/tests/regex/url.php b/tests/regex/url_test.php similarity index 87% rename from tests/regex/url.php rename to tests/regex/url_test.php index 678b7d108f..c3a336063a 100644 --- a/tests/regex/url.php +++ b/tests/regex/url_test.php @@ -7,8 +7,7 @@ * */ -require_once 'test_framework/framework.php'; -require_once '../phpBB/includes/functions.php'; +require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php'; class phpbb_regex_url_test extends phpbb_test_case { diff --git a/tests/request/all_tests.php b/tests/request/all_tests.php deleted file mode 100644 index 1ee3029b36..0000000000 --- a/tests/request/all_tests.php +++ /dev/null @@ -1,41 +0,0 @@ -addTestSuite('phpbb_request_request_var_test'); - - return $suite; - } -} - -if (PHPUnit_MAIN_METHOD == 'phpbb_request_all_tests::main') -{ - phpbb_request_all_tests::main(); -} - diff --git a/tests/request/request_var.php b/tests/request/request_var_test.php similarity index 96% rename from tests/request/request_var.php rename to tests/request/request_var_test.php index b1dacef3fd..fa17b1909f 100644 --- a/tests/request/request_var.php +++ b/tests/request/request_var_test.php @@ -7,8 +7,8 @@ * */ -require_once 'test_framework/framework.php'; -require_once '../phpBB/includes/functions.php'; +require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php'; +require_once dirname(__FILE__) . '/../../phpBB/includes/utf/utf_tools.php'; class phpbb_request_request_var_test extends phpbb_test_case { diff --git a/tests/security/all_tests.php b/tests/security/base.php similarity index 69% rename from tests/security/all_tests.php rename to tests/security/base.php index 8e3916733f..db9c884cf4 100644 --- a/tests/security/all_tests.php +++ b/tests/security/base.php @@ -7,18 +7,7 @@ * */ -if (!defined('PHPUnit_MAIN_METHOD')) -{ - define('PHPUnit_MAIN_METHOD', 'phpbb_security_all_tests::main'); -} - -require_once 'test_framework/framework.php'; -require_once 'PHPUnit/TextUI/TestRunner.php'; - -require_once 'security/extract_current_page.php'; -require_once 'security/redirect.php'; - -class phpbb_security_all_tests extends PHPUnit_Framework_TestSuite +abstract class phpbb_security_test_base extends phpbb_test_case { /** * Set up the required user object and server variables for the suites @@ -62,25 +51,4 @@ class phpbb_security_all_tests extends PHPUnit_Framework_TestSuite global $user; $user = NULL; } - - public static function main() - { - PHPUnit_TextUI_TestRunner::run(self::suite()); - } - - public static function suite() - { - // I bet there is a better method calling this... :) - $suite = new phpbb_security_all_tests('phpBB Security Fixes'); - - $suite->addTestSuite('phpbb_security_extract_current_page_test'); - $suite->addTestSuite('phpbb_security_redirect_test'); - - return $suite; - } -} - -if (PHPUnit_MAIN_METHOD == 'phpbb_security_all_tests::main') -{ - phpbb_security_all_tests::main(); } diff --git a/tests/security/extract_current_page.php b/tests/security/extract_current_page_test.php similarity index 84% rename from tests/security/extract_current_page.php rename to tests/security/extract_current_page_test.php index 8c72fe1440..71c7a3a397 100644 --- a/tests/security/extract_current_page.php +++ b/tests/security/extract_current_page_test.php @@ -7,12 +7,12 @@ * */ -require_once 'test_framework/framework.php'; +require_once dirname(__FILE__) . '/base.php'; -require_once '../phpBB/includes/functions.php'; -require_once '../phpBB/includes/session.php'; +require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php'; +require_once dirname(__FILE__) . '/../../phpBB/includes/session.php'; -class phpbb_security_extract_current_page_test extends phpbb_test_case +class phpbb_security_extract_current_page_test extends phpbb_security_test_base { public static function security_variables() { diff --git a/tests/security/hash_test.php b/tests/security/hash_test.php new file mode 100644 index 0000000000..19a3822145 --- /dev/null +++ b/tests/security/hash_test.php @@ -0,0 +1,21 @@ +assertTrue(phpbb_check_hash('test', '$H$9isfrtKXWqrz8PvztXlL3.daw4U0zI1')); + $this->assertTrue(phpbb_check_hash('test', '$P$9isfrtKXWqrz8PvztXlL3.daw4U0zI1')); + $this->assertFalse(phpbb_check_hash('foo', '$H$9isfrtKXWqrz8PvztXlL3.daw4U0zI1')); + } +} + diff --git a/tests/security/redirect.php b/tests/security/redirect_test.php similarity index 78% rename from tests/security/redirect.php rename to tests/security/redirect_test.php index 37b0a5bb41..70ba8527b1 100644 --- a/tests/security/redirect.php +++ b/tests/security/redirect_test.php @@ -7,12 +7,12 @@ * */ -require_once 'test_framework/framework.php'; +require_once dirname(__FILE__) . '/base.php'; -require_once '../phpBB/includes/functions.php'; -require_once '../phpBB/includes/session.php'; +require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php'; +require_once dirname(__FILE__) . '/../../phpBB/includes/session.php'; -class phpbb_security_redirect_test extends phpbb_test_case +class phpbb_security_redirect_test extends phpbb_security_test_base { public static function provider() { @@ -22,13 +22,15 @@ class phpbb_security_redirect_test extends phpbb_test_case array('bad://localhost/phpBB/index.php', 'Tried to redirect to potentially insecure url.', false), array('http://www.otherdomain.com/somescript.php', false, 'http://localhost/phpBB'), array("http://localhost/phpBB/memberlist.php\n\rConnection: close", 'Tried to redirect to potentially insecure url.', false), - array('javascript:test', false, 'http://localhost/phpBB/../tests/javascript:test'), + array('javascript:test', false, 'http://localhost/phpBB/../javascript:test'), array('http://localhost/phpBB/index.php;url=', 'Tried to redirect to potentially insecure url.', false), ); } protected function setUp() { + parent::setUp(); + $GLOBALS['config'] = array( 'force_server_vars' => '0', ); diff --git a/tests/session/continue_test.php b/tests/session/continue_test.php new file mode 100644 index 0000000000..6737562a0a --- /dev/null +++ b/tests/session/continue_test.php @@ -0,0 +1,121 @@ +createXMLDataSet(dirname(__FILE__).'/fixtures/sessions_full.xml'); + } + + static public function session_begin_attempts() + { + // The session_id field is defined as CHAR(32) in the database schema. + // Thus the data we put in session_id fields has to have a length of 32 characters on stricter DBMSes. + // Thus we fill those strings up with zeroes until they have a string length of 32. + + return array( + array( + 'bar_session000000000000000000000', '4', 'user agent', '127.0.0.1', + array( + array('session_id' => 'anon_session00000000000000000000', 'session_user_id' => 1), + array('session_id' => 'bar_session000000000000000000000', 'session_user_id' => 4), + ), + array(), + 'If a request comes with a valid session id with matching user agent and IP, no new session should be created.', + ), + array( + 'anon_session00000000000000000000', '4', 'user agent', '127.0.0.1', + array( + array('session_id' => '__new_session_id__', 'session_user_id' => 1), // use generated SID + array('session_id' => 'bar_session000000000000000000000', 'session_user_id' => 4), + ), + array( + 'u' => array('1', null), + 'k' => array(null, null), + 'sid' => array('__new_session_id__', null), + ), + 'If a request comes with a valid session id and IP but different user id and user agent, a new anonymous session is created and the session matching the supplied session id is deleted.', + ), + ); + } + + /** + * @dataProvider session_begin_attempts + */ + public function test_session_begin_valid_session($session_id, $user_id, $user_agent, $ip, $expected_sessions, $expected_cookies, $message) + { + $db = $this->new_dbal(); + $session_factory = new phpbb_session_testable_factory; + $session_factory->set_cookies(array( + '_sid' => $session_id, + '_u' => $user_id, + )); + $session_factory->merge_config_data(array( + 'session_length' => time(), // need to do this to allow sessions started at time 0 + )); + $session_factory->merge_server_data(array( + 'HTTP_USER_AGENT' => $user_agent, + 'REMOTE_ADDR' => $ip, + )); + + $session = $session_factory->get_session($db); + $session->page = array('page' => 'page', 'forum' => 0); + + $session->session_begin(); + + $sql = 'SELECT session_id, session_user_id + FROM phpbb_sessions + ORDER BY session_user_id'; + + $expected_sessions = $this->replace_session($expected_sessions, $session->session_id); + $expected_cookies = $this->replace_session($expected_cookies, $session->session_id); + + $this->assertSqlResultEquals( + $expected_sessions, + $sql, + $message + ); + + $session->check_cookies($this, $expected_cookies); + + $session_factory->check($this); + } + + /** + * Replaces recursively the value __new_session_id__ with the given session + * id. + * + * @param array $array An array of data + * @param string $session_id The new session id to use instead of the + * placeholder. + * @return array The input array with all occurances of __new_session_id__ + * replaced. + */ + public function replace_session($array, $session_id) + { + foreach ($array as $key => &$value) + { + if ($value === '__new_session_id__') + { + $value = $session_id; + } + + if (is_array($value)) + { + $value = $this->replace_session($value, $session_id); + } + } + + return $array; + } +} diff --git a/tests/session/fixtures/sessions_empty.xml b/tests/session/fixtures/sessions_empty.xml new file mode 100644 index 0000000000..f94337314e --- /dev/null +++ b/tests/session/fixtures/sessions_empty.xml @@ -0,0 +1,25 @@ + + + + user_id + username_clean + + 1 + anonymous + + + 3 + foo + + + 4 + bar + +
        + + session_id + session_user_id + session_ip + session_browser +
        +         diff --git a/tests/session/fixtures/sessions_full.xml b/tests/session/fixtures/sessions_full.xml new file mode 100644 index 0000000000..bf6fc65997 --- /dev/null +++ b/tests/session/fixtures/sessions_full.xml @@ -0,0 +1,37 @@ + + + + user_id + username_clean + + 1 + anonymous + + + 3 + foo + + + 4 + bar + +
        + + session_id + session_user_id + session_ip + session_browser + + anon_session00000000000000000000 + 1 + 127.0.0.1 + anonymous user agent + + + bar_session000000000000000000000 + 4 + 127.0.0.1 + user agent + +
        +         diff --git a/tests/session/init_test.php b/tests/session/init_test.php new file mode 100644 index 0000000000..1181fab636 --- /dev/null +++ b/tests/session/init_test.php @@ -0,0 +1,56 @@ +createXMLDataSet(dirname(__FILE__).'/fixtures/sessions_empty.xml'); + } + + // also see security/extract_current_page.php + + public function test_login_session_create() + { + $db = $this->new_dbal(); + $session_factory = new phpbb_session_testable_factory; + + $session = $session_factory->get_session($db); + $session->page = array('page' => 'page', 'forum' => 0); + + $session->session_create(3); + + $sql = 'SELECT session_user_id + FROM phpbb_sessions'; + + $this->assertSqlResultEquals( + array(array('session_user_id' => 3)), + $sql, + 'Check if exacly one session for user id 3 was created' + ); + + $cookie_expire = $session->time_now + 31536000; // default is one year + + $session->check_cookies($this, array( + 'u' => array(null, $cookie_expire), + 'k' => array(null, $cookie_expire), + 'sid' => array($session->session_id, $cookie_expire), + )); + + global $SID, $_SID; + $this->assertEquals($session->session_id, $_SID); + $this->assertEquals('?sid=' . $session->session_id, $SID); + + $session_factory->check($this); + } +} + diff --git a/tests/session/testable_factory.php b/tests/session/testable_factory.php new file mode 100644 index 0000000000..f3ef19a257 --- /dev/null +++ b/tests/session/testable_factory.php @@ -0,0 +1,171 @@ +config_data = array( + 'allow_autologin' => false, + 'auth_method' => 'db', + 'forwarded_for_check' => true, + 'active_sessions' => 0, // disable + 'rand_seed' => 'foo', + 'rand_seed_last_update' => 0, + 'max_autologin_time' => 0, + 'session_length' => 100, + 'form_token_lifetime' => 100, + 'cookie_name' => '', + 'limit_load' => 0, + 'limit_search_load' => 0, + 'ip_check' => 3, + 'browser_check' => 1, + ); + + $this->cache_data = array( + '_bots' => array(), + ); + + $this->cookies = array(); + + $this->server_data = $_SERVER; + } + + /** + * Retrieve the configured session class instance + * + * @param dbal $dbal The database connection to use for session data + * @return phpbb_mock_session_testable A session instance + */ + public function get_session(dbal $dbal) + { + // set up all the global variables used by session + global $SID, $_SID, $db, $config, $cache; + + $config = $this->config = $this->get_config_data(); + $db = $dbal; + + $cache = $this->cache = new phpbb_mock_cache($this->get_cache_data()); + $SID = $_SID = null; + + $_COOKIE = $this->cookies; + $_SERVER = $this->server_data; + + $session = new phpbb_mock_session_testable; + return $session; + } + + /** + * Set the cookies which should be present in the request data. + * + * @param array $cookies The cookie data, structured like $_COOKIE contents. + */ + public function set_cookies(array $cookies) + { + $this->cookies = $cookies; + } + + /** + * Check if the cache used for the generated session contains correct data. + * + * @param PHPUnit_Framework_Assert $test The test case to call assert methods + * on + */ + public function check(PHPUnit_Framework_Assert $test) + { + $this->cache->check($test, $this->get_cache_data()); + } + + /** + * Merge config data with the current config data to be supplied to session. + * + * New values overwrite new ones. + * + * @param array $config_data The config data to merge with previous data + */ + public function merge_config_data(array $config_data) + { + $this->config_data = array_merge($this->config_data, $config_data); + } + + /** + * Retrieve the entire config data to be passed to the session. + * + * @return array Configuration + */ + public function get_config_data() + { + return $this->config_data; + } + + /** + * Merge the cache contents with more data. + * + * New values overwrite old ones. + * + * @param array $cache_data The additional cache data + */ + public function merge_cache_data(array $cache_data) + { + $this->cache_data = array_merge($this->cache_data, $cache_data); + } + + /** + * Retrieve the entire cache data to be passed to the session. + * + * @return array Cache contents + */ + public function get_cache_data() + { + return $this->cache_data; + } + + /** + * Merge the current server info ($_SERVER) with more data. + * + * New values overwrite old ones. + * + * @param array $server_data The additional server variables + */ + public function merge_server_data($server_data) + { + return $this->server_data = array_merge($this->server_data, $server_data); + } + + /** + * Retrieve all server variables to be passed to the session. + * + * @return array Server variables + */ + public function get_server_data() + { + return $this->server_data; + } +} + diff --git a/tests/template/all_tests.php b/tests/template/all_tests.php deleted file mode 100644 index ea258c1680..0000000000 --- a/tests/template/all_tests.php +++ /dev/null @@ -1,40 +0,0 @@ -addTestSuite('phpbb_template_template_test'); - - return $suite; - } -} - -if (PHPUnit_MAIN_METHOD == 'phpbb_template_all_tests::main') -{ - phpbb_template_all_tests::main(); -} diff --git a/tests/template/template.php b/tests/template/template_test.php similarity index 76% rename from tests/template/template.php rename to tests/template/template_test.php index 0c2ca8a032..33c82d53ad 100644 --- a/tests/template/template.php +++ b/tests/template/template_test.php @@ -7,9 +7,8 @@ * */ -require_once 'test_framework/framework.php'; - -require_once '../phpBB/includes/template.php'; +require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php'; +require_once dirname(__FILE__) . '/../../phpBB/includes/template.php'; class phpbb_template_template_test extends phpbb_test_case { @@ -344,8 +343,7 @@ class phpbb_template_template_test extends phpbb_test_case */ public function test_template($file, array $vars, array $block_vars, array $destroy, $expected) { - global $phpEx; - $cache_file = $this->template->cachepath . str_replace('/', '.', $file) . '.' . $phpEx; + $cache_file = $this->template->cachepath . str_replace('/', '.', $file) . '.php'; $this->assertFileNotExists($cache_file); @@ -395,11 +393,9 @@ class phpbb_template_template_test extends phpbb_test_case public function test_php() { - global $phpEx; - $GLOBALS['config']['tpl_allow_php'] = true; - $cache_file = $this->template->cachepath . 'php.html.' . $phpEx; + $cache_file = $this->template->cachepath . 'php.html.php'; $this->assertFileNotExists($cache_file); @@ -410,21 +406,14 @@ class phpbb_template_template_test extends phpbb_test_case public function test_includephp() { - $this->markTestIncomplete('Include PHP test file paths are broken'); - $GLOBALS['config']['tpl_allow_php'] = true; - $cache_file = $this->template->cachepath . 'includephp.html.' . PHP_EXT; - - $cwd = getcwd(); - chdir(dirname(__FILE__) . '/templates'); + $cache_file = $this->template->cachepath . 'includephp.html.php'; $this->run_template('includephp.html', array(), array(), array(), 'testing included php', $cache_file); $this->template->set_filenames(array('test' => 'includephp.html')); - $this->assertEquals('testing included php', $this->display('test'), "Testing $file"); - - chdir($cwd); + $this->assertEquals('testing included php', $this->display('test'), "Testing INCLUDEPHP"); $GLOBALS['config']['tpl_allow_php'] = false; } @@ -438,17 +427,16 @@ class phpbb_template_template_test extends phpbb_test_case false, 'insert', << 'before'), - false, - 'insert', - << 'after'), - true, - 'insert', - << 'pos #1'), - 1, - 'insert', - << 'before'), - false, - 'insert', - << 'before'), - false, - 'insert', - << 'before'), - false, - 'insert', - <<markTestIncomplete('Alter Block Test is broken'); - $this->template->set_filenames(array('test' => 'loop_nested.html')); // @todo Change this @@ -676,12 +517,11 @@ EOT $this->template->assign_block_vars('outer', array()); $this->template->assign_block_vars('outer.middle', array()); $this->template->assign_block_vars('outer.middle', array()); - $this->template->assign_block_vars('outer.middle', array()); $this->template->assign_block_vars('outer', array()); $this->template->assign_block_vars('outer.middle', array()); $this->template->assign_block_vars('outer.middle', array()); - $this->assertEquals("outer - 0/3\nmiddle - 0/2\nmiddle - 1/2\nouter - 1/3\nmiddle - 0/3\nmiddle - 1/3\nmiddle - 2/3\nouter - 2/3\nmiddle - 0/2\nmiddle - 1/2", $this->display('test'), 'Ensuring template is built correctly before modification'); + $this->assertEquals("outer - 0\nmiddle - 0\nmiddle - 1\nouter - 1\nmiddle - 0\nmiddle - 1\nouter - 2\nmiddle - 0\nmiddle - 1", $this->display('test'), 'Ensuring template is built correctly before modification'); $this->template->alter_block_array($alter_block, $vararray, $key, $mode); $this->assertEquals($expect, $this->display('test'), $description); diff --git a/tests/template/templates/_dummy_include.php b/tests/template/templates/_dummy_include.php deleted file mode 100644 index 1de5dddf59..0000000000 --- a/tests/template/templates/_dummy_include.php +++ /dev/null @@ -1,3 +0,0 @@ - + diff --git a/tests/template/templates/loop_nested.html b/tests/template/templates/loop_nested.html index 571df97b4c..9b251cd453 100644 --- a/tests/template/templates/loop_nested.html +++ b/tests/template/templates/loop_nested.html @@ -1,8 +1,8 @@ - {outer.S_BLOCK_NAME} - {outer.S_ROW_NUM}/{outer.S_NUM_ROWS} - {outer.VARIABLE} + outer - {outer.S_ROW_COUNT} - {outer.VARIABLE} - {middle.S_BLOCK_NAME} - {middle.S_ROW_NUM}/{middle.S_NUM_ROWS} - {middle.VARIABLE} + middle - {middle.S_ROW_COUNT} - {middle.VARIABLE} diff --git a/tests/test_framework/phpbb_database_test_case.php b/tests/test_framework/phpbb_database_test_case.php index a64bae8c57..e1b368dcea 100644 --- a/tests/test_framework/phpbb_database_test_case.php +++ b/tests/test_framework/phpbb_database_test_case.php @@ -9,10 +9,25 @@ abstract class phpbb_database_test_case extends PHPUnit_Extensions_Database_TestCase { - private static $already_connected; + static private $already_connected; protected $test_case_helpers; + public function __construct($name = NULL, array $data = array(), $dataName = '') + { + parent::__construct($name, $data, $dataName); + $this->backupStaticAttributesBlacklist += array( + 'PHP_CodeCoverage' => array('instance'), + 'PHP_CodeCoverage_Filter' => array('instance'), + 'PHP_CodeCoverage_Util' => array('ignoredLines', 'templateMethods'), + 'PHP_Timer' => array('startTimes',), + 'PHP_Token_Stream' => array('customTokens'), + 'PHP_Token_Stream_CachingFactory' => array('cache'), + + 'phpbb_database_test_case' => array('already_connected'), + ); + } + public function get_test_case_helpers() { if (!$this->test_case_helpers) @@ -23,66 +38,6 @@ abstract class phpbb_database_test_case extends PHPUnit_Extensions_Database_Test return $this->test_case_helpers; } - public function get_dbms_data($dbms) - { - $available_dbms = array( - 'firebird' => array( - 'SCHEMA' => 'firebird', - 'DELIM' => ';;', - 'PDO' => 'firebird', - ), - 'mysqli' => array( - 'SCHEMA' => 'mysql_41', - 'DELIM' => ';', - 'PDO' => 'mysql', - ), - 'mysql' => array( - 'SCHEMA' => 'mysql', - 'DELIM' => ';', - 'PDO' => 'mysql', - ), - 'mssql' => array( - 'SCHEMA' => 'mssql', - 'DELIM' => 'GO', - 'PDO' => 'odbc', - ), - 'mssql_odbc'=> array( - 'SCHEMA' => 'mssql', - 'DELIM' => 'GO', - 'PDO' => 'odbc', - ), - 'mssqlnative' => array( - 'SCHEMA' => 'mssql', - 'DELIM' => 'GO', - 'PDO' => 'sqlsrv', - ), - 'oracle' => array( - 'SCHEMA' => 'oracle', - 'DELIM' => '/', - 'PDO' => 'oci', - ), - 'postgres' => array( - 'SCHEMA' => 'postgres', - 'DELIM' => ';', - 'PDO' => 'pgsql', - ), - 'sqlite' => array( - 'SCHEMA' => 'sqlite', - 'DELIM' => ';', - 'PDO' => 'sqlite2', - ), - ); - - if (isset($available_dbms[$dbms])) - { - return $available_dbms[$dbms]; - } - else - { - trigger_error('Database unsupported', E_USER_ERROR); - } - } - public function get_database_config() { if (isset($_SERVER['PHPBB_TEST_DBMS'])) @@ -96,9 +51,9 @@ abstract class phpbb_database_test_case extends PHPUnit_Extensions_Database_Test 'dbpasswd' => isset($_SERVER['PHPBB_TEST_DBPASSWD']) ? $_SERVER['PHPBB_TEST_DBPASSWD'] : '', ); } - else if (file_exists('test_config.php')) + else if (file_exists(dirname(__FILE__) . '/../test_config.php')) { - include('test_config.php'); + include(dirname(__FILE__) . '/../test_config.php'); return array( 'dbms' => $dbms, @@ -114,7 +69,7 @@ abstract class phpbb_database_test_case extends PHPUnit_Extensions_Database_Test // Silently use sqlite return array( 'dbms' => 'sqlite', - 'dbhost' => 'phpbb_unit_tests.sqlite2', // filename + 'dbhost' => dirname(__FILE__) . '/../phpbb_unit_tests.sqlite2', // filename 'dbport' => '', 'dbname' => '', 'dbuser' => '', @@ -127,232 +82,26 @@ abstract class phpbb_database_test_case extends PHPUnit_Extensions_Database_Test } } - // NOTE: This function is not the same as split_sql_file from functions_install - public function split_sql_file($sql, $dbms) - { - $dbms_data = $this->get_dbms_data($dbms); - - $sql = str_replace("\r" , '', $sql); - $data = preg_split('/' . preg_quote($dbms_data['DELIM'], '/') . '$/m', $sql); - - $data = array_map('trim', $data); - - // The empty case - $end_data = end($data); - - if (empty($end_data)) - { - unset($data[key($data)]); - } - - if ($dbms == 'sqlite') - { - // remove comment lines starting with # - they are not proper sqlite - // syntax and break sqlite2 - foreach ($data as $i => $query) - { - $data[$i] = preg_replace('/^#.*$/m', "\n", $query); - } - } - - return $data; - } - - /** - * Retrieves a list of all tables from the database. - * - * @param PDO $pdo - * @param string $dbms - * @return array(string) - */ - function get_tables($pdo, $dbms) - { - switch ($pdo) - { - case 'mysql': - case 'mysql4': - case 'mysqli': - $sql = 'SHOW TABLES'; - break; - - case 'sqlite': - $sql = 'SELECT name - FROM sqlite_master - WHERE type = "table"'; - break; - - case 'mssql': - case 'mssql_odbc': - case 'mssqlnative': - $sql = "SELECT name - FROM sysobjects - WHERE type='U'"; - break; - - case 'postgres': - $sql = 'SELECT relname - FROM pg_stat_user_tables'; - break; - - case 'firebird': - $sql = 'SELECT rdb$relation_name - FROM rdb$relations - WHERE rdb$view_source is null - AND rdb$system_flag = 0'; - break; - - case 'oracle': - $sql = 'SELECT table_name - FROM USER_TABLES'; - break; - } - - $result = $pdo->query($sql); - - $tables = array(); - while ($row = $result->fetch(PDO::FETCH_NUM)) - { - $tables[] = current($row); - } - - return $tables; - } - - /** - * Returns a PDO connection for the configured database. - * - * @param array $config The database configuration - * @param array $dbms Information on the used DBMS. - * @param bool $use_db Whether the DSN should be tied to a - * particular database making it impossible - * to delete that database. - * @return PDO The PDO database connection. - */ - public function new_pdo($config, $dbms, $use_db) - { - $dsn = $dbms['PDO'] . ':'; - - switch ($dbms['PDO']) - { - case 'sqlite2': - $dsn .= $config['dbhost']; - break; - - case 'sqlsrv': - // prefix the hostname (or DSN) with Server= so using just (local)\SQLExpress - // works for example, further parameters can still be appended using ;x=y - $dsn .= 'Server='; - // no break -> rest like ODBC - case 'odbc': - // for ODBC assume dbhost is a suitable DSN - // e.g. Driver={SQL Server Native Client 10.0};Server=(local)\SQLExpress; - $dsn .= $config['dbhost']; - - if ($use_db) - { - $dsn .= ';Database=' . $config['dbname']; - } - break; - - default: - $dsn .= 'host=' . $config['dbhost']; - - if ($use_db) - { - $dsn .= ';dbname=' . $config['dbname']; - } - break; - } - - $pdo = new PDO($dsn, $config['dbuser'], $config['dbpasswd']);; - - // good for debug - // $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); - - return $pdo; - } - - private function recreate_db($config, $dbms) - { - switch ($config['dbms']) - { - case 'sqlite': - if (file_exists($config['dbhost'])) - { - unlink($config['dbhost']); - } - break; - - default: - $pdo = $this->new_pdo($config, $dbms, false); - - try - { - $pdo->exec('DROP DATABASE ' . $config['dbname']); - } - catch (PDOException $e) - { - // try to delete all tables if dropping the database was not possible. - foreach ($this->get_tables() as $table) - { - try - { - $pdo->exec('DROP TABLE ' . $table); - } - catch (PDOException $e){} // ignore non-existent tables - } - } - - $pdo->exec('CREATE DATABASE ' . $config['dbname']); - break; - } - } - - private function load_schema($pdo, $config, $dbms) - { - if ($config['dbms'] == 'mysql') - { - $sth = $pdo->query('SELECT VERSION() AS version'); - $row = $sth->fetch(PDO::FETCH_ASSOC); - - if (version_compare($row['version'], '4.1.3', '>=')) - { - $dbms['SCHEMA'] .= '_41'; - } - else - { - $dbms['SCHEMA'] .= '_40'; - } - } - - $sql = $this->split_sql_file(file_get_contents("../phpBB/install/schemas/{$dbms['SCHEMA']}_schema.sql"), $config['dbms']); - - foreach ($sql as $query) - { - $pdo->exec($query); - } - } - public function getConnection() { $config = $this->get_database_config(); - $dbms = $this->get_dbms_data($config['dbms']); + + $manager = $this->create_connection_manager($config); if (!self::$already_connected) { - $this->recreate_db($config, $dbms); + $manager->recreate_db(); } - $pdo = $this->new_pdo($config, $dbms, true); + $manager->connect(); if (!self::$already_connected) { - $this->load_schema($pdo, $config, $dbms); - + $manager->load_schema(); self::$already_connected = true; } - return $this->createDefaultDBConnection($pdo, 'testdb'); + return $this->createDefaultDBConnection($manager->get_pdo(), 'testdb'); } public function new_dbal() @@ -361,7 +110,7 @@ abstract class phpbb_database_test_case extends PHPUnit_Extensions_Database_Test $config = $this->get_database_config(); - require_once '../phpBB/includes/db/' . $config['dbms'] . '.php'; + require_once dirname(__FILE__) . '/../../phpBB/includes/db/' . $config['dbms'] . '.php'; $dbal = 'dbal_' . $config['dbms']; $db = new $dbal(); $db->sql_connect($config['dbhost'], $config['dbuser'], $config['dbpasswd'], $config['dbname'], $config['dbport']); @@ -369,8 +118,24 @@ abstract class phpbb_database_test_case extends PHPUnit_Extensions_Database_Test return $db; } + public function assertSqlResultEquals($expected, $sql, $message = '') + { + $db = $this->new_dbal(); + + $result = $db->sql_query($sql); + $rows = $db->sql_fetchrowset($result); + $db->sql_freeresult($result); + + $this->assertEquals($expected, $rows, $message); + } + public function setExpectedTriggerError($errno, $message = '') { $this->get_test_case_helpers()->setExpectedTriggerError($errno, $message); } + + protected function create_connection_manager($config) + { + return new phpbb_database_test_connection_manager($config); + } } diff --git a/tests/test_framework/phpbb_database_test_connection_manager.php b/tests/test_framework/phpbb_database_test_connection_manager.php new file mode 100644 index 0000000000..a7559e2183 --- /dev/null +++ b/tests/test_framework/phpbb_database_test_connection_manager.php @@ -0,0 +1,346 @@ +config = $config; + $this->dbms = $this->get_dbms_data($this->config['dbms']); + } + + /** + * Return the current PDO instance + */ + public function get_pdo() + { + return $this->pdo; + } + + /** + * Creates a PDO connection for the configured database. + * + * @param bool $use_db Whether the DSN should be tied to a + * particular database making it impossible + * to delete that database. + */ + public function connect($use_db = true) + { + $dsn = $this->dbms['PDO'] . ':'; + + switch ($this->dbms['PDO']) + { + case 'sqlite2': + $dsn .= $this->config['dbhost']; + break; + + case 'sqlsrv': + // prefix the hostname (or DSN) with Server= so using just (local)\SQLExpress + // works for example, further parameters can still be appended using ;x=y + $dsn .= 'Server='; + // no break -> rest like ODBC + case 'odbc': + // for ODBC assume dbhost is a suitable DSN + // e.g. Driver={SQL Server Native Client 10.0};Server=(local)\SQLExpress; + $dsn .= $this->config['dbhost']; + + if ($use_db) + { + $dsn .= ';Database=' . $this->config['dbname']; + } + break; + + default: + $dsn .= 'host=' . $this->config['dbhost']; + + if ($use_db) + { + $dsn .= ';dbname=' . $this->config['dbname']; + } + break; + } + + try + { + $this->pdo = new PDO($dsn, $this->config['dbuser'], $this->config['dbpasswd']); + } + catch (PDOException $e) + { + $cleaned_dsn = str_replace($this->config['dbpasswd'], '*password*', $dsn); + throw new Exception("Unable do connect to $cleaned_dsn using PDO with error: {$e->getMessage()}"); + } + + // good for debug + // $this->pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); + } + + /** + * Load the phpBB database schema into the database + */ + public function load_schema() + { + $this->ensure_connected(__METHOD__); + + $directory = dirname(__FILE__) . '/../../phpBB/install/schemas/'; + $this->load_schema_from_file($directory); + } + + /** + * Drop the database if it exists and re-create it + * + * Note: This does not load the schema, and it is suggested + * to re-connect after calling to get use_db isolation. + */ + public function recreate_db() + { + switch ($this->config['dbms']) + { + case 'sqlite': + if (file_exists($this->config['dbhost'])) + { + unlink($this->config['dbhost']); + } + break; + + default: + $this->connect(false); + + try + { + $this->pdo->exec('DROP DATABASE ' . $this->config['dbname']); + } + catch (PDOException $e) + { + // try to delete all tables if dropping the database was not possible. + foreach ($this->get_tables() as $table) + { + $this->pdo->exec('DROP TABLE ' . $table); + } + } + + $this->pdo->exec('CREATE DATABASE ' . $this->config['dbname']); + break; + } + } + + /** + * Retrieves a list of all tables from the database. + * + * @return array(string) + */ + public function get_tables() + { + $this->ensure_connected(__METHOD__); + + switch ($this->config['dbms']) + { + case 'mysql': + case 'mysql4': + case 'mysqli': + $sql = 'SHOW TABLES'; + break; + + case 'sqlite': + $sql = 'SELECT name + FROM sqlite_master + WHERE type = "table"'; + break; + + case 'mssql': + case 'mssql_odbc': + case 'mssqlnative': + $sql = "SELECT name + FROM sysobjects + WHERE type='U'"; + break; + + case 'postgres': + $sql = 'SELECT relname + FROM pg_stat_user_tables'; + break; + + case 'firebird': + $sql = 'SELECT rdb$relation_name + FROM rdb$relations + WHERE rdb$view_source is null + AND rdb$system_flag = 0'; + break; + + case 'oracle': + $sql = 'SELECT table_name + FROM USER_TABLES'; + break; + } + + $result = $this->pdo->query($sql); + + $tables = array(); + while ($row = $result->fetch(PDO::FETCH_NUM)) + { + $tables[] = current($row); + } + + return $tables; + } + + /** + * Throw an exception if not connected + */ + protected function ensure_connected($method_name) + { + if (null === $this->pdo) + { + throw new Exception(sprintf('You must connect before calling %s', $method_name)); + } + } + + /** + * Compile the correct schema filename (as per create_schema_files) and + * load it into the database. + */ + protected function load_schema_from_file($directory) + { + $schema = $this->dbms['SCHEMA']; + + if ($this->config['dbms'] == 'mysql') + { + $sth = $this->pdo->query('SELECT VERSION() AS version'); + $row = $sth->fetch(PDO::FETCH_ASSOC); + + if (version_compare($row['version'], '4.1.3', '>=')) + { + $schema .= '_41'; + } + else + { + $schema .= '_40'; + } + } + + $filename = $directory . $schema . '_schema.sql'; + $sql = $this->split_sql(file_get_contents($filename)); + + foreach ($sql as $query) + { + $this->pdo->exec($query); + } + } + + /** + * Split contents of an SQL file into an array of SQL statements + * + * Note: This method is not the same as split_sql_file from functions_install. + * + * @param string $sql Raw contents of an SQL file + * + * @return Array of runnable SQL statements + */ + protected function split_sql($sql) + { + $sql = str_replace("\r" , '', $sql); + $data = preg_split('/' . preg_quote($this->dbms['DELIM'], '/') . '$/m', $sql); + + $data = array_map('trim', $data); + + // The empty case + $end_data = end($data); + + if (empty($end_data)) + { + unset($data[key($data)]); + } + + if ($this->config['dbms'] == 'sqlite') + { + // remove comment lines starting with # - they are not proper sqlite + // syntax and break sqlite2 + foreach ($data as $i => $query) + { + $data[$i] = preg_replace('/^#.*$/m', "\n", $query); + } + } + + return $data; + } + + /** + * Map a phpBB dbms driver name to dbms data array + */ + protected function get_dbms_data($dbms) + { + $available_dbms = array( + 'firebird' => array( + 'SCHEMA' => 'firebird', + 'DELIM' => ';;', + 'PDO' => 'firebird', + ), + 'mysqli' => array( + 'SCHEMA' => 'mysql_41', + 'DELIM' => ';', + 'PDO' => 'mysql', + ), + 'mysql' => array( + 'SCHEMA' => 'mysql', + 'DELIM' => ';', + 'PDO' => 'mysql', + ), + 'mssql' => array( + 'SCHEMA' => 'mssql', + 'DELIM' => 'GO', + 'PDO' => 'odbc', + ), + 'mssql_odbc'=> array( + 'SCHEMA' => 'mssql', + 'DELIM' => 'GO', + 'PDO' => 'odbc', + ), + 'mssqlnative' => array( + 'SCHEMA' => 'mssql', + 'DELIM' => 'GO', + 'PDO' => 'sqlsrv', + ), + 'oracle' => array( + 'SCHEMA' => 'oracle', + 'DELIM' => '/', + 'PDO' => 'oci', + ), + 'postgres' => array( + 'SCHEMA' => 'postgres', + 'DELIM' => ';', + 'PDO' => 'pgsql', + ), + 'sqlite' => array( + 'SCHEMA' => 'sqlite', + 'DELIM' => ';', + 'PDO' => 'sqlite2', + ), + ); + + if (isset($available_dbms[$dbms])) + { + return $available_dbms[$dbms]; + } + else + { + $message = "Supplied dbms \"$dbms\" is not a valid phpBB dbms, must be one of: "; + $message .= implode(', ', array_keys($available_dbms)); + throw new Exception($message); + } + } +} diff --git a/tests/test_framework/phpbb_test_case.php b/tests/test_framework/phpbb_test_case.php index fe90d321dc..f189da3671 100644 --- a/tests/test_framework/phpbb_test_case.php +++ b/tests/test_framework/phpbb_test_case.php @@ -11,6 +11,21 @@ class phpbb_test_case extends PHPUnit_Framework_TestCase { protected $test_case_helpers; + public function __construct($name = NULL, array $data = array(), $dataName = '') + { + parent::__construct($name, $data, $dataName); + $this->backupStaticAttributesBlacklist += array( + 'PHP_CodeCoverage' => array('instance'), + 'PHP_CodeCoverage_Filter' => array('instance'), + 'PHP_CodeCoverage_Util' => array('ignoredLines', 'templateMethods'), + 'PHP_Timer' => array('startTimes',), + 'PHP_Token_Stream' => array('customTokens'), + 'PHP_Token_Stream_CachingFactory' => array('cache'), + + 'phpbb_database_test_case' => array('already_connected'), + ); + } + public function get_test_case_helpers() { if (!$this->test_case_helpers) diff --git a/tests/text_processing/all_tests.php b/tests/text_processing/all_tests.php deleted file mode 100644 index 5e759c72ee..0000000000 --- a/tests/text_processing/all_tests.php +++ /dev/null @@ -1,41 +0,0 @@ -addTestSuite('phpbb_text_processing_make_clickable_test'); - - return $suite; - } -} - -if (PHPUnit_MAIN_METHOD == 'phpbb_text_processing_all_tests::main') -{ - phpbb_text_processing_all_tests::main(); -} - diff --git a/tests/text_processing/make_clickable.php b/tests/text_processing/make_clickable_test.php similarity index 96% rename from tests/text_processing/make_clickable.php rename to tests/text_processing/make_clickable_test.php index a667dd705e..29b982d709 100644 --- a/tests/text_processing/make_clickable.php +++ b/tests/text_processing/make_clickable_test.php @@ -7,10 +7,8 @@ * */ -require_once 'test_framework/framework.php'; - -require_once '../phpBB/includes/functions.php'; -require_once '../phpBB/includes/functions_content.php'; +require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php'; +require_once dirname(__FILE__) . '/../../phpBB/includes/functions_content.php'; class phpbb_text_processing_make_clickable_test extends phpbb_test_case { diff --git a/tests/user/lang_test.php b/tests/user/lang_test.php new file mode 100644 index 0000000000..6c60583a7b --- /dev/null +++ b/tests/user/lang_test.php @@ -0,0 +1,58 @@ +lang = array( + 'FOO' => 'BAR', + 'BARZ' => 'PENG', + 'EMPTY' => '', + 'ZERO' => '0', + 'STR' => '%d %s, %d topics', + 'STR2' => '%d foos', + 'ARRY' => array( + 0 => 'No posts', // 0 + 1 => '1 post', // 1 + 2 => '%d posts', // 2+ + ), + ); + + // No param + $this->assertEquals($user->lang('FOO'), 'BAR'); + $this->assertEquals($user->lang('EMPTY'), ''); + $this->assertEquals($user->lang('ZERO'), '0'); + + // Invalid index + $this->assertEquals($user->lang('VOID'), 'VOID'); + + // Unnecessary param + $this->assertEquals($user->lang('FOO', 2), 'BAR'); + $this->assertEquals($user->lang('FOO', 2, 3), 'BAR'); + $this->assertEquals($user->lang('FOO', 2, 3, 'BARZ'), 'BAR'); + + // String + $this->assertEquals($user->lang('STR', 24, 'x', 42), '24 x, 42 topics'); + $this->assertEquals($user->lang('STR2', 64), '64 foos'); + + // Array + $this->assertEquals($user->lang('ARRY', 0), 'No posts'); + $this->assertEquals($user->lang('ARRY', 1), '1 post'); + $this->assertEquals($user->lang('ARRY', 2), '2 posts'); + $this->assertEquals($user->lang('ARRY', 123), '123 posts'); + + // Bug PHPBB3-9949 + $this->assertEquals($user->lang('ARRY', 1, 2), '1 post'); + $this->assertEquals($user->lang('ARRY', 1, 's', 2), '1 post'); + } +} diff --git a/tests/utf/all_tests.php b/tests/utf/all_tests.php deleted file mode 100644 index 0d5d44d695..0000000000 --- a/tests/utf/all_tests.php +++ /dev/null @@ -1,43 +0,0 @@ -addTestSuite('phpbb_utf_utf8_wordwrap_test'); - $suite->addTestSuite('phpbb_utf_utf8_clean_string_test'); - - return $suite; - } -} - -if (PHPUnit_MAIN_METHOD == 'phpbb_utf_all_tests::main') -{ - phpbb_utf_all_tests::main(); -} - diff --git a/tests/utf/data/.gitkeep b/tests/utf/data/.gitkeep new file mode 100644 index 0000000000..e69de29bb2 diff --git a/tests/utf/normalizer_test.php b/tests/utf/normalizer_test.php new file mode 100644 index 0000000000..f78dba8004 --- /dev/null +++ b/tests/utf/normalizer_test.php @@ -0,0 +1,320 @@ + array( + 'c2' => array('c1', 'c2', 'c3'), + 'c4' => array('c4', 'c5') + ), + + /** + * NFD + * c3 == NFD(c1) == NFD(c2) == NFD(c3) + * c5 == NFD(c4) == NFD(c5) + */ + 'NFD' => array( + 'c3' => array('c1', 'c2', 'c3'), + 'c5' => array('c4', 'c5') + ), + + /** + * NFKC + * c4 == NFKC(c1) == NFKC(c2) == NFKC(c3) == NFKC(c4) == NFKC(c5) + */ + 'NFKC' => array( + 'c4' => array('c1', 'c2', 'c3', 'c4', 'c5') + ), + + /** + * NFKD + * c5 == NFKD(c1) == NFKD(c2) == NFKD(c3) == NFKD(c4) == NFKD(c5) + */ + 'NFKD' => array( + 'c5' => array('c1', 'c2', 'c3', 'c4', 'c5') + ) + ); + + $tested_chars = array(); + + $fp = fopen(dirname(__FILE__).'/data/NormalizationTest.txt', 'rb'); + while (!feof($fp)) + { + $line = fgets($fp); + + if ($line[0] == '@') + { + continue; + } + + if (!strpos(' 0123456789ABCDEF', $line[0])) + { + continue; + } + + list($c1, $c2, $c3, $c4, $c5) = explode(';', $line); + + if (!strpos($c1, ' ')) + { + /** + * We are currently testing a single character, we add it to the list of + * characters we have processed so that we can exclude it when testing + * for invariants + */ + $tested_chars[$c1] = 1; + } + + foreach ($test_suite as $form => $serie) + { + foreach ($serie as $expected => $tests) + { + $hex_expected = ${$expected}; + $utf_expected = $this->hexseq_to_utf($hex_expected); + + foreach ($tests as $test) + { + $utf_result = $utf_expected; + call_user_func(array('utf_normalizer', $form), &$utf_result); + + $hex_result = $this->utf_to_hexseq($utf_result); + $this->assertEquals($utf_expected, $utf_result, "$expected == $form($test) ($hex_expected != $hex_result)"); + } + } + } + } + fclose($fp); + + return $tested_chars; + } + + /** + * @depends test_normalizer + */ + public function test_invariants(array $tested_chars) + { + $fp = fopen(dirname(__FILE__).'/data/UnicodeData.txt', 'rb'); + + while (!feof($fp)) + { + $line = fgets($fp, 1024); + + if (!$pos = strpos($line, ';')) + { + continue; + } + + $hex_tested = $hex_expected = substr($line, 0, $pos); + + if (isset($tested_chars[$hex_tested])) + { + continue; + } + + $utf_expected = $this->hex_to_utf($hex_expected); + + if ($utf_expected >= UTF8_SURROGATE_FIRST + && $utf_expected <= UTF8_SURROGATE_LAST) + { + /** + * Surrogates are illegal on their own, we expect the normalizer + * to return a replacement char + */ + $utf_expected = UTF8_REPLACEMENT; + $hex_expected = $this->utf_to_hexseq($utf_expected); + } + + foreach (array('nfc', 'nfkc', 'nfd', 'nfkd') as $form) + { + $utf_result = $utf_expected; + call_user_func(array('utf_normalizer', $form), &$utf_result); + $hex_result = $this->utf_to_hexseq($utf_result); + + $this->assertEquals($utf_expected, $utf_result, "$hex_expected == $form($hex_tested) ($hex_expected != $hex_result)"); + } + } + fclose($fp); + } + + /** + * Convert a UTF string to a sequence of codepoints in hexadecimal + * + * @param string $utf UTF string + * @return integer Unicode codepoints in hex + */ + protected function utf_to_hexseq($str) + { + $pos = 0; + $len = strlen($str); + $ret = array(); + + while ($pos < $len) + { + $c = $str[$pos]; + switch ($c & "\xF0") + { + case "\xC0": + case "\xD0": + $utf_char = substr($str, $pos, 2); + $pos += 2; + break; + + case "\xE0": + $utf_char = substr($str, $pos, 3); + $pos += 3; + break; + + case "\xF0": + $utf_char = substr($str, $pos, 4); + $pos += 4; + break; + + default: + $utf_char = $c; + ++$pos; + } + + $hex = dechex($this->utf_to_cp($utf_char)); + + if (!isset($hex[3])) + { + $hex = substr('000' . $hex, -4); + } + + $ret[] = $hex; + } + + return strtr(implode(' ', $ret), 'abcdef', 'ABCDEF'); + } + + /** + * Convert a UTF-8 char to its codepoint + * + * @param string $utf_char UTF-8 char + * @return integer Unicode codepoint + */ + protected function utf_to_cp($utf_char) + { + switch (strlen($utf_char)) + { + case 1: + return ord($utf_char); + + case 2: + return ((ord($utf_char[0]) & 0x1F) << 6) | (ord($utf_char[1]) & 0x3F); + + case 3: + return ((ord($utf_char[0]) & 0x0F) << 12) | ((ord($utf_char[1]) & 0x3F) << 6) | (ord($utf_char[2]) & 0x3F); + + case 4: + return ((ord($utf_char[0]) & 0x07) << 18) | ((ord($utf_char[1]) & 0x3F) << 12) | ((ord($utf_char[2]) & 0x3F) << 6) | (ord($utf_char[3]) & 0x3F); + + default: + throw new RuntimeException('UTF-8 chars can only be 1-4 bytes long'); + } + } + + /** + * Return a UTF string formed from a sequence of codepoints in hexadecimal + * + * @param string $seq Sequence of codepoints, separated with a space + * @return string UTF-8 string + */ + protected function hexseq_to_utf($seq) + { + return implode('', array_map(array($this, 'hex_to_utf'), explode(' ', $seq))); + } + + /** + * Convert a codepoint in hexadecimal to a UTF-8 char + * + * @param string $hex Codepoint, in hexadecimal + * @return string UTF-8 char + */ + protected function hex_to_utf($hex) + { + return $this->cp_to_utf(hexdec($hex)); + } + + /** + * Convert a codepoint to a UTF-8 char + * + * @param integer $cp Unicode codepoint + * @return string UTF-8 string + */ + protected function cp_to_utf($cp) + { + if ($cp > 0xFFFF) + { + return chr(0xF0 | ($cp >> 18)) . chr(0x80 | (($cp >> 12) & 0x3F)) . chr(0x80 | (($cp >> 6) & 0x3F)) . chr(0x80 | ($cp & 0x3F)); + } + else if ($cp > 0x7FF) + { + return chr(0xE0 | ($cp >> 12)) . chr(0x80 | (($cp >> 6) & 0x3F)) . chr(0x80 | ($cp & 0x3F)); + } + else if ($cp > 0x7F) + { + return chr(0xC0 | ($cp >> 6)) . chr(0x80 | ($cp & 0x3F)); + } + else + { + return chr($cp); + } + } + + // chunked download helper + static protected function download($url, $to) + { + $target = $to . '/' . basename($url); + + if (file_exists($target)) + { + return; + } + + if (!$fpr = fopen($url, 'rb')) + { + echo "Failed to download $url\n"; + return; + } + + if (!$fpw = fopen($target, 'wb')) + { + echo "Failed to open $target for writing\n"; + return; + } + + $chunk = 32768; + + while (!feof($fpr)) + { + fwrite($fpw, fread($fpr, $chunk)); + } + fclose($fpr); + fclose($fpw); + } +} diff --git a/tests/utf/utf8_clean_string_test.php b/tests/utf/utf8_clean_string_test.php index 870ad76fc4..e5a771eafa 100644 --- a/tests/utf/utf8_clean_string_test.php +++ b/tests/utf/utf8_clean_string_test.php @@ -7,8 +7,7 @@ * */ -require_once 'test_framework/framework.php'; -require_once '../phpBB/includes/utf/utf_tools.php'; +require_once dirname(__FILE__) . '/../../phpBB/includes/utf/utf_tools.php'; class phpbb_utf_utf8_clean_string_test extends phpbb_test_case { diff --git a/tests/utf/utf8_wordwrap_test.php b/tests/utf/utf8_wordwrap_test.php index ef1165a897..03fa9dc38c 100644 --- a/tests/utf/utf8_wordwrap_test.php +++ b/tests/utf/utf8_wordwrap_test.php @@ -7,8 +7,7 @@ * */ -require_once 'test_framework/framework.php'; -require_once '../phpBB/includes/utf/utf_tools.php'; +require_once dirname(__FILE__) . '/../../phpBB/includes/utf/utf_tools.php'; class phpbb_utf_utf8_wordwrap_test extends phpbb_test_case {