mirror of
https://github.com/phpbb/phpbb.git
synced 2025-06-27 21:58:52 +00:00
phpBB Development: phpBB is a popular open-source bulletin board written in PHP. This repository also contains the history of version 2.
636fc7fad7
After the introduction of add_form_key() and check_form_key() calls to login_box() in phpBB 3.2.6 and later, if a banned user attempts to login, they receive a "The submitted form was invalid. Try submitting again." Instead of the message indicating that they are banned, and why. This is happening because check_ban() actually calls into login_box() recursively, but after the $user->session_id has been switched to a new session ID for the logging-on user. Therefore, now that check_form_key() has been introduced to login_box(), it is impossible for check_form_key() to succeed during this recursive call. Fix is to make login_box()'s use of check_form_key() conditional on whether IN_CHECK_BAN is defined, so that the recursive call does not attempt to re-validate the form_key again. Note the form_key has already been successfully verified by the original call into login_box(), prior to calling into check_ban() and attempting to recursively call login_box(). So the protection of why check_form_key() was added is still intact with this change. PHPBB3-16066 |
||
|---|---|---|
| .github | ||
| build | ||
| git-tools | ||
| phpBB | ||
| tests | ||
| travis | ||
| vagrant | ||
| .appveyor.yml | ||
| .editorconfig | ||
| .gitignore | ||
| .jscsrc | ||
| .jshintrc | ||
| .travis.yml | ||
| composer.phar | ||
| LICENSE | ||
| phpunit.xml.dist | ||
| README.md | ||
| Vagrantfile | ||
ABOUT
phpBB is a free open-source bulletin board written in PHP.
COMMUNITY
Get your copy of phpBB, find support and lots more on phpBB.com! Discuss the development on area51.
INSTALLING DEPENDENCIES
To be able to run an installation from the repo (and not from a pre-built package) you need to run the following commands to install phpBB's dependencies.
cd phpBB
php ../composer.phar install
CONTRIBUTE
- Create an account on phpBB.com
- Create a ticket (unless there already is one)
- Read our Coding guidelines and Git Contribution Guidelines
- Send us a pull request
VAGRANT
Read our Vagrant documentation to find out how to use Vagrant to develop and contribute to phpBB.
AUTOMATED TESTING
We have unit and functional tests in order to prevent regressions. You can view the bamboo continuous integration here or check our travis builds below:
master - Latest development version
3.2.x - Development of version 3.2.x
3.1.x - Development of version 3.1.x