The check to avoid the double inclusion of the captcha factory class in the
garbage collection code was faulty, checking for "captcha_factory" instead of "phpbb_captcha_factory".
TerryE pointed the problem out, thanks!
* develop-olympus:
[develop-olympus] Make this test run on windows with backslash-paths.
[bug/56965] Redirect fails with directory traversal
[bug/58685] Correct spelling errors in append_sid() comments.
[bug/58025] Search robots are now redirected if they send a SID in the request
Correct invalid r10536 with a boolean flag. Note that this fix for the bug will not actually correct the redirects, it will only prevent phpBB from redirecting outside $phpbb_root_path when redirect()'s third argument is not provided.
Having start=0 makes search engines index the page twice once with and
once without the start=0 parameter. This results in duplicate results
in the search results. Patch contributed by nn-.
* develop-olympus:
[feature/memcache-multi-server] Changing format for multiple memcache hosts. Fixing code style issues in changes.
[feature/memcache-multi-server] Adding support for multiple memcache servers to acm_memcache.php
Allow setting parent forums regardless of permission settings. (Bug #58415)
You can define multiple memcache servers in your config using this format:
host::port,host::port,host::port
Example:
@define(PHPBB_ACM_MEMCACHE, '127.0.0.1::11211,10.0.0.2::11211,memcache1::11211'
Previously search robots could stumble upon a board link somewhere on the web
containing a SID they'd follow it and end up indexing that page with the SID
in the request URI, this fix prevents that by redirecting them to the same URI
just without the SID.
This issue affects any forum (i.e. https://myforum/phpBB3/) where:
- the forum is located in a directory underneath the web root (i.e., NOT https://myforum/)
- a user accesses the forum with a URI pointing to a directory rather than a script (i.e., NOT https://myforum/phpBB3/index.php)
- the URI used ends in a slash (i.e., NOT https://myforum/phpBB3)
If these conditions are met, after successful login the user is redirected to an invalid URI (i.e., https://myforum/phpBB3/phpBB3?sid=).
This change fixes extract_current_page() to handle the case correctly where the URI ends in a slash and is not the web root. So after successful login, the redirection back to the main page will work (i.e., https://myforum/phpBB3/?sid=)
Moved the MIN(smiley_order) to the SELECT column list now, so it can be
used for sorting on MySQL 4, but also still works on MSSQL, which the
bug was originally about.
