some further fixes

- re-introduce grabbing random number from /dev/urandom


git-svn-id: file:///svn/phpbb/trunk@8241 89ea8834-ac86-4346-8a33-228a782c2dd0

phpBB/docs/CHANGELOG.html

@@ -100,9 +100,11 @@
 		<li>[Change] Do not assign converted votes to the first option in a vote.</li>
 		<li>[Fix] Use correct RFC 2822 date format in emails (Bug #15042)</li>
 		<li>[Fix] Require founder status for some actions on founder-only groups (Bug #15119)</li>
-		<li>[Fix] Allow changing the "now" option of date CPFs (Bug #15111)</li>
+		<li>[Fix] Allow changing the &quot;now&quot; option of date CPFs (Bug #15111)</li>
 		<li>[Change] Some improvements to the caching of avatars</li>
-
+		<li>[Change] Set template recompilation to be disabled by default. All mod and style authors and all those who want to modify their styles should enabled it after installation.</li>
+		<li>[Change] Disable debug mode. All mod and style authors should enable DEBUG and DEBUG_EXTRA.</li>
+		<li>[Fix] Check error reporting level for all error level. This fixes a problem for hosts having manipulated the error handler. (Bug #14831)</li>
 	</ul>
 
 	<a name="v30rc6"></a><h3>1.ii. Changes since 3.0.RC6</h3>

phpBB/includes/functions.php

@@ -270,12 +270,23 @@ function phpbb_hash($password)
 	$random = '';
 	$count = 6;
 
+	if (($fh = @fopen('/dev/urandom', 'rb')))
+	{
+		$random = fread($fh, $count);
+		fclose($fh);
+	}
+
+	if (strlen($random) < $count)
+	{
+		$random = '';
+
 		for ($i = 0; $i < $count; $i += 16)
 		{
 			$random_state = md5(unique_id() . $random_state);
 			$random .= pack('H*', md5($random_state));
 		}
 		$random = substr($random, 0, $count);
+	}
 	
 	$hash = _hash_crypt_private($password, _hash_gensalt_private($random, $itoa64), $itoa64);
 
@@ -2867,6 +2878,12 @@ function msg_handler($errno, $msg_text, $errfile, $errline)
 	global $cache, $db, $auth, $template, $config, $user;
 	global $phpEx, $phpbb_root_path, $msg_title, $msg_long_text;
 
+	// Do not display notices if we suppress them via @
+	if (error_reporting() == 0)
+	{
+		return;
+	}
+
 	// Message handler is stripping text. In case we need it, we are possible to define long text...
 	if (isset($msg_long_text) && $msg_long_text && !$msg_text)
 	{
@@ -2879,9 +2896,8 @@ function msg_handler($errno, $msg_text, $errfile, $errline)
 		case E_WARNING:
 
 			// Check the error reporting level and return if the error level does not match
-			// Additionally do not display notices if we suppress them via @
 			// If DEBUG is defined the default level is E_ALL
-			if (($errno & ((defined('DEBUG') && error_reporting()) ? E_ALL : error_reporting())) == 0)
+			if (($errno & ((defined('DEBUG')) ? E_ALL : error_reporting())) == 0)
 			{
 				return;
 			}

phpBB/includes/functions_messenger.php

@@ -163,15 +163,10 @@ class messenger
 		{
 			$tpl_file = "{$phpbb_root_path}language/$template_lang/email/$template_file.txt";
 
-			if (!file_exists($tpl_file))
-			{
-				$tpl_file = "{$phpbb_root_path}language/$template_lang/email/$template_file.txt";
-
 			if (!file_exists($tpl_file))
 			{
 				trigger_error("Could not find email template file [ $tpl_file ]", E_USER_ERROR);
 			}
-			}
 
 			if (($data = @file_get_contents($tpl_file)) === false)
 			{

phpBB/includes/ucp/ucp_pm_compose.php

@@ -732,7 +732,7 @@ function compose_pm($id, $mode, $action)
 		{
 			$message_link = '';
 		}
-		$message_parser->message = $message_link . '[quote="' . $quote_username . '"]' . censor_text(trim($message_parser->message)) . "[/quote]\n";
+		$message_parser->message = $message_link . '[quote="' . $quote_username . '"]' . censor_text(trim($message_parser->message)) . "[/quote]\n";
 	}
 
 	if (($action == 'reply' || $action == 'quote' || $action == 'quotepost') && !$preview && !$refresh)

phpBB/language/en/install.php

@@ -380,7 +380,7 @@ $lang = array_merge($lang, array(
 	'COLLECTING_FILE_DIFFS'			=> 'Collecting file differences',
 	'COMPLETE_LOGIN_TO_BOARD'		=> 'You should now <a href="../ucp.php?mode=login">login to your board</a> and check if everything is working fine. Do not forget to delete, rename or move your install directory!',
 	'CONTINUE_UPDATE_NOW'			=> 'Continue the update process now',
-	'CURRENT_FILE'					=> 'Current original file',
+	'CURRENT_FILE'					=> 'Begin of current original file',
 	'CURRENT_VERSION'				=> 'Current version',
 
 	'DATABASE_TYPE'						=> 'Database type',
@@ -390,7 +390,7 @@ $lang = array_merge($lang, array(
 	'DESTINATION'						=> 'Destination file',
 	'DIFF_INLINE'						=> 'Inline',
 	'DIFF_RAW'							=> 'Raw unified diff',
-	'DIFF_SEP_EXPLAIN'					=> 'End of current file / Begin of new updated file',
+	'DIFF_SEP_EXPLAIN'					=> 'End of current original file / Begin of new updated file',
 	'DIFF_SIDE_BY_SIDE'					=> 'Side by Side',
 	'DIFF_UNIFIED'						=> 'Unified diff',
 	'DO_NOT_UPDATE'						=> 'Do not update this file',
@@ -447,7 +447,7 @@ $lang = array_merge($lang, array(
 	'MERGING_FILES'				=> 'Merging differences',
 	'MERGING_FILES_EXPLAIN'		=> 'Currently collecting final file changes.<br /><br />Please wait until phpBB has completed all operations on changed files.',
 
-	'NEW_FILE'						=> 'New updated file',
+	'NEW_FILE'						=> 'End of new updated file',
 	'NEW_USERNAME'					=> 'New username',
 	'NO_AUTH_UPDATE'				=> 'Not authorised to update',
 	'NO_ERRORS'						=> 'No errors',

phpBB/posting.php

@@ -1131,7 +1131,7 @@ $message_parser->decode_message($post_data['bbcode_uid']);
 
 if ($mode == 'quote' && !$submit && !$preview && !$refresh)
 {
-	$message_parser->message = '[quote="' . $post_data['quote_username'] . '"]' . censor_text(trim($message_parser->message)) . "[/quote]\n";
+	$message_parser->message = '[quote="' . $post_data['quote_username'] . '"]' . censor_text(trim($message_parser->message)) . "[/quote]\n";
 }
 
 if (($mode == 'reply' || $mode == 'quote') && !$submit && !$preview && !$refresh)