diff options
| author | Nils Adermann <naderman@naderman.de> | 2010-05-03 19:56:19 +0200 |
|---|---|---|
| committer | Nils Adermann <naderman@naderman.de> | 2010-05-03 19:56:19 +0200 |
| commit | 0ed69d91b2ec7b4b2e86acbc1a9d65b09cad71c1 (patch) | |
| tree | f56d4518ec990febb9faa480ec436df46baec10f | |
| parent | 0ba247ef0f984ecb088f2b8ce0e114f5b48de6d5 (diff) | |
| parent | 91399fd3571fc2fe95eb680564cad6103adadf59 (diff) | |
| download | forums-0ed69d91b2ec7b4b2e86acbc1a9d65b09cad71c1.tar forums-0ed69d91b2ec7b4b2e86acbc1a9d65b09cad71c1.tar.gz forums-0ed69d91b2ec7b4b2e86acbc1a9d65b09cad71c1.tar.bz2 forums-0ed69d91b2ec7b4b2e86acbc1a9d65b09cad71c1.tar.xz forums-0ed69d91b2ec7b4b2e86acbc1a9d65b09cad71c1.zip | |
Merge branch 'develop-olympus' into develop
* develop-olympus:
[ticket/9582] MSSQL native backups can now be restored.
[ticket/9582] Advanced search cannot be accessed using MSSQL native.
[ticket/9582] Removing a report reason leaves reports with an unknown reason under MSSQL native.
[ticket/9582] Unable to edit CPFs from UCP under MSSQL native driver.
[ticket/9582] Custom profile fields cannot be created under MSSQL native.
[ticket/9520] Additionally filter requests for {common,config}.php
[ticket/9520] New web.config file as suggested by Microsoft using request filter
[ticket/9520] Removed per directory web.config files.
[ticket/9520] Add suggested web.config for root files as suggested by Microsoft.
[ticket/9520] Add some default web.config files for IIS.
[develop-olympus] Basic gitignore file for cache files and backups.
[ticket/9170] Unable to get image size in img bbcode when URL has multiple parameters.
[feature/webpi] Validate inline with MSSQL password policy.
| -rw-r--r-- | .gitignore | 2 | ||||
| -rw-r--r-- | build/webpi/parameters.xml | 4 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_database.php | 1 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_profile.php | 1 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_reasons.php | 1 | ||||
| -rw-r--r-- | phpBB/includes/functions_profile_fields.php | 1 | ||||
| -rw-r--r-- | phpBB/includes/message_parser.php | 2 | ||||
| -rw-r--r-- | phpBB/search.php | 1 | ||||
| -rw-r--r-- | phpBB/web.config | 27 |
9 files changed, 37 insertions, 3 deletions
diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000000..3e0f454e0c --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +phpBB/cache/*.php +*~
\ No newline at end of file diff --git a/build/webpi/parameters.xml b/build/webpi/parameters.xml index 770cabf95b..994247e48e 100644 --- a/build/webpi/parameters.xml +++ b/build/webpi/parameters.xml @@ -116,12 +116,12 @@ <parameter name="Database Password" - description="Password for your phpBB database. (Minimum 4 characters)" + description="Password for your phpBB database. (Must be at least 8 characters, contain at least one lower case letter, one upper case letter and one digit)" tags="New, Password,SQL, DbUserPassword"> <parameterValidation type = "RegularExpression" - validationString = "^.{4,}$" /> + validationString = "^.*(?=.{8,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).*$" /> <parameterEntry type="TextFile" diff --git a/phpBB/includes/acp/acp_database.php b/phpBB/includes/acp/acp_database.php index abfad2b90b..0582d6204e 100644 --- a/phpBB/includes/acp/acp_database.php +++ b/phpBB/includes/acp/acp_database.php @@ -394,6 +394,7 @@ class acp_database case 'mssql': case 'mssql_odbc': + case 'mssqlnative': while (($sql = $fgetd($fp, "GO\n", $read, $seek, $eof)) !== false) { $db->sql_query($sql); diff --git a/phpBB/includes/acp/acp_profile.php b/phpBB/includes/acp/acp_profile.php index fc08c7e8e8..2288a0728b 100644 --- a/phpBB/includes/acp/acp_profile.php +++ b/phpBB/includes/acp/acp_profile.php @@ -1480,6 +1480,7 @@ class acp_profile case 'mssql': case 'mssql_odbc': + case 'mssqlnative': // We are defining the biggest common value, because of the possibility to edit the min/max values of each field. $sql = 'ALTER TABLE [' . PROFILE_FIELDS_DATA_TABLE . "] ADD [$field_ident] "; diff --git a/phpBB/includes/acp/acp_reasons.php b/phpBB/includes/acp/acp_reasons.php index 8d7bc88769..dbc9fcb6cc 100644 --- a/phpBB/includes/acp/acp_reasons.php +++ b/phpBB/includes/acp/acp_reasons.php @@ -233,6 +233,7 @@ class acp_reasons // Standard? What's that? case 'mssql': case 'mssql_odbc': + case 'mssqlnative': // Change the reports using this reason to 'other' $sql = "DECLARE @ptrval binary(16) diff --git a/phpBB/includes/functions_profile_fields.php b/phpBB/includes/functions_profile_fields.php index 61e3587158..fa1cc98e10 100644 --- a/phpBB/includes/functions_profile_fields.php +++ b/phpBB/includes/functions_profile_fields.php @@ -366,6 +366,7 @@ class custom_profile case 'sqlite': case 'mssql': case 'mssql_odbc': + case 'mssqlnative': $right_delim = ']'; $left_delim = '['; break; diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 50aad8588a..952b55cc8c 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -300,7 +300,7 @@ class bbcode_firstpass extends bbcode if ($config['max_' . $this->mode . '_img_height'] || $config['max_' . $this->mode . '_img_width']) { - $stats = @getimagesize($in); + $stats = @getimagesize(htmlspecialchars_decode($in)); if ($stats === false) { diff --git a/phpBB/search.php b/phpBB/search.php index ab2221a96e..7a9ab82f93 100644 --- a/phpBB/search.php +++ b/phpBB/search.php @@ -1155,6 +1155,7 @@ if ($auth->acl_get('a_search')) case 'mssql': case 'mssql_odbc': + case 'mssqlnative': $sql = 'SELECT search_time, search_keywords FROM ' . SEARCH_RESULTS_TABLE . ' WHERE DATALENGTH(search_keywords) > 0 diff --git a/phpBB/web.config b/phpBB/web.config new file mode 100644 index 0000000000..128fe3c98f --- /dev/null +++ b/phpBB/web.config @@ -0,0 +1,27 @@ +<?xml version="1.0" encoding="UTF-8"?> +<configuration> + <system.webServer> + <security> + <requestFiltering> + <hiddenSegments> + <add segment="cache" /> + <add segment="files" /> + <add segment="store" /> + <add segment="config.php" /> + <add segment="common.php" /> + </hiddenSegments> + </requestFiltering> + </security> + </system.webServer> + <location path="images/avatars"> + <system.webServer> + <security> + <requestFiltering> + <hiddenSegments> + <add segment="upload" /> + </hiddenSegments> + </requestFiltering> + </security> + </system.webServer> + </location> +</configuration> |