diff options
36 files changed, 227 insertions, 84 deletions
diff --git a/git-tools/hooks/commit-msg b/git-tools/hooks/commit-msg index d6ad57a38a..a6777ff9c9 100755 --- a/git-tools/hooks/commit-msg +++ b/git-tools/hooks/commit-msg @@ -55,16 +55,17 @@ quit() fi } -if [ "$(wc --max-line-length "$1" | cut -f1 -d" ")" -gt 80 ] +msg=$(grep -nE '.{81,}' "$1"); + +if [ $? -eq 0 ] then echo "The following lines are greater than 80 characters long:\n" >&2; - - grep -nE '.{81,}' "$1" >&2; + echo $msg >&2; quit $ERR_LENGTH; fi -lines=$(wc --lines "$1" | cut -f1 -d" "); +lines=$(wc -l "$1" | awk '{ print $1; }'); expecting=header; in_description=0; in_empty=0; diff --git a/phpBB/adm/index.php b/phpBB/adm/index.php index 26f934f6bf..92bcf90039 100644 --- a/phpBB/adm/index.php +++ b/phpBB/adm/index.php @@ -432,6 +432,20 @@ function validate_config_vars($config_vars, &$cfg_array, &$error) { $error[] = sprintf($user->lang['SETTING_TOO_BIG'], $user->lang[$config_definition['lang']], $validator[$max]); } + + if (strpos($config_name, '_max') !== false) + { + // Min/max pairs of settings should ensure that min <= max + // Replace _max with _min to find the name of the minimum + // corresponding configuration variable + $min_name = str_replace('_max', '_min', $config_name); + + if (isset($cfg_array[$min_name]) && is_numeric($cfg_array[$min_name]) && $cfg_array[$config_name] < $cfg_array[$min_name]) + { + // A minimum value exists and the maximum value is less than it + $error[] = sprintf($user->lang['SETTING_TOO_LOW'], $user->lang[$config_definition['lang']], (int) $cfg_array[$min_name]); + } + } break; // Absolute path @@ -533,7 +547,7 @@ function validate_config_vars($config_vars, &$cfg_array, &$error) // Check if the path is writable if ($config_definition['validate'] == 'wpath' || $config_definition['validate'] == 'rwpath') { - if (file_exists($phpbb_root_path . $cfg_array[$config_name]) && !@is_writable($phpbb_root_path . $cfg_array[$config_name])) + if (file_exists($phpbb_root_path . $cfg_array[$config_name]) && !phpbb_is_writable($phpbb_root_path . $cfg_array[$config_name])) { $error[] = sprintf($user->lang['DIRECTORY_NOT_WRITABLE'], $cfg_array[$config_name]); } diff --git a/phpBB/docs/AUTHORS b/phpBB/docs/AUTHORS index 84677c4e15..d6af9d1db9 100644 --- a/phpBB/docs/AUTHORS +++ b/phpBB/docs/AUTHORS @@ -26,8 +26,8 @@ phpBB Developers: A_Jelly_Doughnut (Josh Woody) Acyd Burn (Meik Sievertsen) [Lead 09/2005 - 01/2010] APTX (Marek A. R.) bantu (Andreas Fischer) - DavidMJ (David M.) dhn (Dominik Dröscher) + evil<3 (Igor Wiedler) kellanved (Henry Sudhof) nickvergessen (Joas Schilling) rxu (Ruslan Uzdenov) @@ -49,6 +49,7 @@ phpBB Lead Developer: psoTFX (Paul S. Owen) [2001 - 09/2005] phpBB Developers: Ashe (Ludovic Arnaud) [10/2002 - 11/2003, 06/2006 - 10/2006] BartVB (Bart van Bragt) [11/2000 - 03/2006] + DavidMJ (David M.) [12/2005 - 08/2009] GrahamJE (Graham Eames) [09/2005 - 11/2006] Vic D'Elfant (Vic D'Elfant) [04/2007 - 04/2009] diff --git a/phpBB/docs/README.html b/phpBB/docs/README.html index 3510bc448e..bb88fdc01f 100644 --- a/phpBB/docs/README.html +++ b/phpBB/docs/README.html @@ -242,7 +242,7 @@ <p>The phpBB Group uses a bug tracking system to store, list and manage all reported bugs, it can be found at the location listed below. Please <strong>DO NOT</strong> post bug reports to our forums, they will be locked. In addition please <strong>DO NOT</strong> use the bug tracker for support requests. Posting such a request will only see you directed to the support forums (while taking time away from working on real bugs).</p> - <p><a href="http://www.phpbb.com/bugs/">http://www.phpbb.com/bugs/</a></p> + <p><a href="http://tracker.phpbb.com/">http://tracker.phpbb.com/</a></p> <p>While we very much appreciate receiving bug reports (the more reports the more stable phpBB will be) we ask you carry out a few steps before adding new entries:</p> diff --git a/phpBB/download/file.php b/phpBB/download/file.php index 97f4ff3c8a..5f45b88359 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -48,6 +48,7 @@ if (isset($_GET['avatar'])) require($phpbb_root_path . 'includes/cache.' . $phpEx); require($phpbb_root_path . 'includes/db/' . $dbms . '.' . $phpEx); require($phpbb_root_path . 'includes/constants.' . $phpEx); + require($phpbb_root_path . 'includes/functions.' . $phpEx); $db = new $sql_db(); $cache = new cache(); @@ -76,7 +77,7 @@ if (isset($_GET['avatar'])) // '==' is not a bug - . as the first char is as bad as no dot at all if (strpos($filename, '.') == false) { - header('HTTP/1.0 403 Forbidden'); + send_status_line(403, 'Forbidden'); $exit = true; } @@ -90,7 +91,7 @@ if (isset($_GET['avatar'])) if (!$exit && !in_array($ext, array('png', 'gif', 'jpg', 'jpeg'))) { // no way such an avatar could exist. They are not following the rules, stop the show. - header("HTTP/1.0 403 Forbidden"); + send_status_line(403, 'Forbidden'); $exit = true; } @@ -100,7 +101,7 @@ if (isset($_GET['avatar'])) if (!$filename) { // no way such an avatar could exist. They are not following the rules, stop the show. - header("HTTP/1.0 403 Forbidden"); + send_status_line(403, 'Forbidden'); } else { @@ -198,7 +199,7 @@ else $row['forum_id'] = false; if (!$auth->acl_get('u_pm_download')) { - header('HTTP/1.0 403 Forbidden'); + send_status_line(403, 'Forbidden'); trigger_error('SORRY_AUTH_VIEW_ATTACH'); } @@ -221,7 +222,7 @@ else if (!$allowed) { - header('HTTP/1.0 403 Forbidden'); + send_status_line(403, 'Forbidden'); trigger_error('ERROR_NO_ATTACHMENT'); } } @@ -236,7 +237,7 @@ else if (!download_allowed()) { - header('HTTP/1.0 403 Forbidden'); + send_status_line(403, 'Forbidden'); trigger_error($user->lang['LINKAGE_FORBIDDEN']); } @@ -382,7 +383,7 @@ function send_avatar_to_browser($file, $browser) } else { - header('HTTP/1.0 404 Not Found'); + send_status_line(404, 'Not Found'); } } diff --git a/phpBB/includes/acm/acm_file.php b/phpBB/includes/acm/acm_file.php index 5a758aa2bb..5c1876d006 100644 --- a/phpBB/includes/acm/acm_file.php +++ b/phpBB/includes/acm/acm_file.php @@ -78,8 +78,14 @@ class acm if (!$this->_write('data_global')) { + if (!function_exists('phpbb_is_writable')) + { + global $phpbb_root_path; + include($phpbb_root_path . 'includes/functions.' . $phpEx); + } + // Now, this occurred how often? ... phew, just tell the user then... - if (!@is_writable($this->cache_dir)) + if (!phpbb_is_writable($this->cache_dir)) { // We need to use die() here, because else we may encounter an infinite loop (the message handler calls $cache->unload()) die($this->cache_dir . ' is NOT writable.'); @@ -707,7 +713,13 @@ class acm */ function remove_file($filename, $check = false) { - if ($check && !@is_writable($this->cache_dir)) + if (!function_exists('phpbb_is_writable')) + { + global $phpbb_root_path, $phpEx; + include($phpbb_root_path . 'includes/functions.' . $phpEx); + } + + if ($check && !phpbb_is_writable($this->cache_dir)) { // E_USER_ERROR - not using language entry - intended. trigger_error('Unable to remove files within ' . $this->cache_dir . '. Please check directory permissions.', E_USER_ERROR); diff --git a/phpBB/includes/acm/acm_memory.php b/phpBB/includes/acm/acm_memory.php index efbfd4dd62..2936ea0bae 100644 --- a/phpBB/includes/acm/acm_memory.php +++ b/phpBB/includes/acm/acm_memory.php @@ -407,7 +407,13 @@ class acm_memory */ function remove_file($filename, $check = false) { - if ($check && !@is_writable($this->cache_dir)) + if (!function_exists('phpbb_is_writable')) + { + global $phpbb_root_path, $phpEx; + include($phpbb_root_path . 'includes/functions.' . $phpEx); + } + + if ($check && !phpbb_is_writable($this->cache_dir)) { // E_USER_ERROR - not using language entry - intended. trigger_error('Unable to remove files within ' . $this->cache_dir . '. Please check directory permissions.', E_USER_ERROR); diff --git a/phpBB/includes/acp/acp_attachments.php b/phpBB/includes/acp/acp_attachments.php index 980558c830..fc5f44e14f 100644 --- a/phpBB/includes/acp/acp_attachments.php +++ b/phpBB/includes/acp/acp_attachments.php @@ -1222,7 +1222,7 @@ class acp_attachments return; } - if (!is_writable($phpbb_root_path . $upload_dir)) + if (!phpbb_is_writable($phpbb_root_path . $upload_dir)) { $error[] = sprintf($user->lang['NO_WRITE_UPLOAD'], $upload_dir); return; diff --git a/phpBB/includes/acp/acp_groups.php b/phpBB/includes/acp/acp_groups.php index 3df61ff4e2..60512c67b8 100644 --- a/phpBB/includes/acp/acp_groups.php +++ b/phpBB/includes/acp/acp_groups.php @@ -49,7 +49,7 @@ class acp_groups // Clear some vars - $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && @is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false; + $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false; $group_row = array(); // Grab basic data for group, if group_id is set and exists diff --git a/phpBB/includes/acp/acp_styles.php b/phpBB/includes/acp/acp_styles.php index 3310560c73..2ccc728031 100644 --- a/phpBB/includes/acp/acp_styles.php +++ b/phpBB/includes/acp/acp_styles.php @@ -748,7 +748,7 @@ parse_css_file = {PARSE_CSS_FILE} $additional = ''; // If the template is stored on the filesystem try to write the file else store it in the database - if (!$safe_mode && !$template_info['template_storedb'] && file_exists($file) && @is_writable($file)) + if (!$safe_mode && !$template_info['template_storedb'] && file_exists($file) && phpbb_is_writable($file)) { if (!($fp = @fopen($file, 'wb'))) { @@ -1155,7 +1155,7 @@ parse_css_file = {PARSE_CSS_FILE} $message = $user->lang['THEME_UPDATED']; // If the theme is stored on the filesystem try to write the file else store it in the database - if (!$safe_mode && !$theme_info['theme_storedb'] && file_exists($file) && @is_writable($file)) + if (!$safe_mode && !$theme_info['theme_storedb'] && file_exists($file) && phpbb_is_writable($file)) { if (!($fp = @fopen($file, 'wb'))) { @@ -2040,23 +2040,18 @@ parse_css_file = {PARSE_CSS_FILE} { case 'tar': $ext = '.tar'; - $mimetype = 'x-tar'; - $compress = 'compress_tar'; break; case 'zip': $ext = '.zip'; - $mimetype = 'zip'; break; case 'tar.gz': $ext = '.tar.gz'; - $mimetype = 'x-gzip'; break; case 'tar.bz2': $ext = '.tar.bz2'; - $mimetype = 'x-bzip2'; break; default: @@ -2246,7 +2241,7 @@ parse_css_file = {PARSE_CSS_FILE} { // a rather elaborate check we have to do here once to avoid trouble later $check = "{$phpbb_root_path}styles/" . $style_row["{$mode}_path"] . (($mode === 'theme') ? '/theme/stylesheet.css' : '/template'); - if (($style_row["{$mode}_storedb"] != $store_db) && !$store_db && ($safe_mode || !@is_writable($check))) + if (($style_row["{$mode}_storedb"] != $store_db) && !$store_db && ($safe_mode || !phpbb_is_writable($check))) { $error[] = $user->lang['EDIT_' . strtoupper($mode) . '_STORED_DB']; $store_db = 1; @@ -2326,7 +2321,7 @@ parse_css_file = {PARSE_CSS_FILE} { $theme_data = $this->db_theme_data($style_row); } - else if (!$store_db && !$safe_mode && @is_writable("{$phpbb_root_path}styles/{$style_row['theme_path']}/theme/stylesheet.css")) + else if (!$store_db && !$safe_mode && phpbb_is_writable("{$phpbb_root_path}styles/{$style_row['theme_path']}/theme/stylesheet.css")) { $store_db = 1; $theme_data = $style_row['theme_data']; @@ -2357,7 +2352,7 @@ parse_css_file = {PARSE_CSS_FILE} } else { - if (!$store_db && !$safe_mode && @is_writable("{$phpbb_root_path}styles/{$style_row['template_path']}/template")) + if (!$store_db && !$safe_mode && phpbb_is_writable("{$phpbb_root_path}styles/{$style_row['template_path']}/template")) { $err = $this->store_in_fs('template', $style_row['template_id']); if ($err) @@ -2531,13 +2526,21 @@ parse_css_file = {PARSE_CSS_FILE} // Match CSS imports $matches = array(); - preg_match_all('/@import url\(["\'](.*)["\']\);/i', $stylesheet, $matches); + preg_match_all('/@import url\((["\'])(.*)\1\);/i', $stylesheet, $matches); + + // remove commented stylesheets (very simple parser, allows only whitespace + // around an @import statement) + preg_match_all('#/\*\s*@import url\((["\'])(.*)\1\);\s\*/#i', $stylesheet, $commented); + $matches[2] = array_diff($matches[2], $commented[2]); if (sizeof($matches)) { foreach ($matches[0] as $idx => $match) { - $stylesheet = str_replace($match, acp_styles::load_css_file($theme_row['theme_path'], $matches[1][$idx]), $stylesheet); + if (isset($matches[2][$idx])) + { + $stylesheet = str_replace($match, acp_styles::load_css_file($theme_row['theme_path'], $matches[2][$idx]), $stylesheet); + } } } @@ -3728,7 +3731,7 @@ parse_css_file = {PARSE_CSS_FILE} $store_db = 0; $error = array(); - if (!$safe_mode && @is_writable("{$phpbb_root_path}styles/{$path}/template")) + if (!$safe_mode && phpbb_is_writable("{$phpbb_root_path}styles/{$path}/template")) { $sql = 'SELECT * FROM ' . STYLES_TEMPLATE_DATA_TABLE . " diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index 9e8a4c80b9..6be0760be0 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -1698,7 +1698,7 @@ class acp_users include($phpbb_root_path . 'includes/functions_display.' . $phpEx); include($phpbb_root_path . 'includes/functions_user.' . $phpEx); - $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && @is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false; + $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false; if ($submit) { diff --git a/phpBB/includes/db/db_tools.php b/phpBB/includes/db/db_tools.php index 819ef69c96..f4b181c6ad 100644 --- a/phpBB/includes/db/db_tools.php +++ b/phpBB/includes/db/db_tools.php @@ -611,7 +611,7 @@ class phpbb_db_tools * drop_columns: Removing/Dropping columns * add_primary_keys: adding primary keys * add_unique_index: adding an unique index - * add_index: adding an index + * add_index: adding an index (can be column:index_size if you need to provide size) * * The values are in this format: * {TABLE NAME} => array( @@ -1804,6 +1804,12 @@ class phpbb_db_tools { $statements = array(); + // remove index length unless MySQL4 + if ('mysql_40' != $this->sql_layer) + { + $column = preg_replace('#:.*$#', '', $column); + } + switch ($this->sql_layer) { case 'firebird': @@ -1814,6 +1820,16 @@ class phpbb_db_tools break; case 'mysql_40': + // add index size to definition as required by MySQL4 + foreach ($column as $i => $col) + { + if (false !== strpos($col, ':')) + { + list($col, $index_size) = explode(':', $col); + $column[$i] = "$col($index_size)"; + } + } + // no break case 'mysql_41': $statements[] = 'CREATE INDEX ' . $index_name . ' ON ' . $table_name . '(' . implode(', ', $column) . ')'; break; diff --git a/phpBB/includes/db/mssqlnative.php b/phpBB/includes/db/mssqlnative.php index 44d5722e4f..44d5722e4f 100755..100644 --- a/phpBB/includes/db/mssqlnative.php +++ b/phpBB/includes/db/mssqlnative.php diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 36b9e18176..91edddf5d2 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -718,7 +718,7 @@ function phpbb_chmod($filename, $perms = CHMOD_READ) clearstatcache(); - if (is_readable($filename) && is_writable($filename)) + if (is_readable($filename) && phpbb_is_writable($filename)) { break; } @@ -728,7 +728,7 @@ function phpbb_chmod($filename, $perms = CHMOD_READ) clearstatcache(); - if ((!($perms & CHMOD_READ) || is_readable($filename)) && (!($perms & CHMOD_WRITE) || is_writable($filename))) + if ((!($perms & CHMOD_READ) || is_readable($filename)) && (!($perms & CHMOD_WRITE) || phpbb_is_writable($filename))) { break; } @@ -738,7 +738,7 @@ function phpbb_chmod($filename, $perms = CHMOD_READ) clearstatcache(); - if ((!($perms & CHMOD_READ) || is_readable($filename)) && (!($perms & CHMOD_WRITE) || is_writable($filename))) + if ((!($perms & CHMOD_READ) || is_readable($filename)) && (!($perms & CHMOD_WRITE) || phpbb_is_writable($filename))) { break; } @@ -3753,7 +3753,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline) } // Do not send 200 OK, but service unavailable on errors - header('HTTP/1.1 503 Service Unavailable'); + send_status_line(503, 'Service Unavailable'); garbage_collection(); @@ -4223,7 +4223,8 @@ function phpbb_http_login($param) } else if ($auth_result['status'] == LOGIN_ERROR_ATTEMPTS) { - header('HTTP/1.0 401 Unauthorized'); + send_status_line(401, 'Unauthorized'); + trigger_error('NOT_AUTHORISED'); } } @@ -4235,7 +4236,7 @@ function phpbb_http_login($param) $param['auth_message'] = preg_replace('/[\x80-\xFF]/', '?', $param['auth_message']); header('WWW-Authenticate: Basic realm="' . $param['auth_message'] . '"'); - header('HTTP/1.0 401 Unauthorized'); + send_status_line(401, 'Unauthorized'); trigger_error('NOT_AUTHORISED'); } diff --git a/phpBB/includes/functions_compress.php b/phpBB/includes/functions_compress.php index f422eaa8c1..455debd939 100644 --- a/phpBB/includes/functions_compress.php +++ b/phpBB/includes/functions_compress.php @@ -53,13 +53,18 @@ class compress $filelist = filelist("$phpbb_root_path$src", '', '*'); krsort($filelist); + /** + * Commented out, as adding the folders produces corrupted archives if ($src_path) { $this->data($src_path, '', true, stat("$phpbb_root_path$src")); } + */ foreach ($filelist as $path => $file_ary) { + /** + * Commented out, as adding the folders produces corrupted archives if ($path) { // Same as for src_path @@ -68,6 +73,7 @@ class compress $this->data("$src_path$path", '', true, stat("$phpbb_root_path$src$path")); } + */ foreach ($file_ary as $file) { diff --git a/phpBB/includes/functions_convert.php b/phpBB/includes/functions_convert.php index c035fd3739..9e26043b39 100644 --- a/phpBB/includes/functions_convert.php +++ b/phpBB/includes/functions_convert.php @@ -2306,7 +2306,7 @@ function copy_file($src, $trg, $overwrite = false, $die_on_failure = true, $sour } } - if (!is_writable($path)) + if (!phpbb_is_writable($path)) { @chmod($path, 0777); } @@ -2341,7 +2341,7 @@ function copy_dir($src, $trg, $copy_subdirs = true, $overwrite = false, $die_on_ @chmod($trg_path, 0777); } - if (!@is_writable($trg_path)) + if (!phpbb_is_writable($trg_path)) { $bad_dirs[] = path($config['script_path']) . $trg; } @@ -2408,7 +2408,7 @@ function copy_dir($src, $trg, $copy_subdirs = true, $overwrite = false, $die_on_ @chmod($trg_path . $dir, 0777); } - if (!@is_writable($trg_path . $dir)) + if (!phpbb_is_writable($trg_path . $dir)) { $bad_dirs[] = $trg . $dir; $bad_dirs[] = $trg_path . $dir; diff --git a/phpBB/includes/functions_profile_fields.php b/phpBB/includes/functions_profile_fields.php index fa1cc98e10..3937cf9c21 100644 --- a/phpBB/includes/functions_profile_fields.php +++ b/phpBB/includes/functions_profile_fields.php @@ -543,8 +543,9 @@ class custom_profile else if ($day && $month && $year) { global $user; - // d/m/y 00:00 GMT isn't necessarily on the same d/m/y in the user's timezone, so add the timezone seconds - return $user->format_date(gmmktime(0, 0, 0, $month, $day, $year) + $user->timezone + $user->dst, $user->lang['DATE_FORMAT'], true); + // Date should display as the same date for every user regardless of timezone, so remove offset + // to compensate for the offset added by user::format_date() + return $user->format_date(gmmktime(0, 0, 0, $month, $day, $year) - ($user->timezone + $user->dst), $user->lang['DATE_FORMAT'], true); } return $value; diff --git a/phpBB/includes/functions_upload.php b/phpBB/includes/functions_upload.php index 51fed45ebd..7f09cc1640 100644 --- a/phpBB/includes/functions_upload.php +++ b/phpBB/includes/functions_upload.php @@ -58,8 +58,9 @@ class filespec $this->filename = $upload_ary['tmp_name']; $this->filesize = $upload_ary['size']; - $name = trim(utf8_htmlspecialchars(utf8_basename($upload_ary['name']))); - $this->realname = $this->uploadname = (STRIP) ? stripslashes($name) : $name; + $name = (STRIP) ? stripslashes($upload_ary['name']) : $upload_ary['name']; + $name = trim(utf8_htmlspecialchars(utf8_basename($name))); + $this->realname = $this->uploadname = $name; $this->mimetype = $upload_ary['type']; // Opera adds the name to the mime type diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index d3594196b7..f2c80705ba 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -2344,7 +2344,7 @@ function avatar_process_user(&$error, $custom_userdata = false, $can_upload = nu // Can we upload? if (is_null($can_upload)) { - $can_upload = ($config['allow_avatar_upload'] && file_exists($phpbb_root_path . $config['avatar_path']) && @is_writable($phpbb_root_path . $config['avatar_path']) && $change_avatar && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on')) ? true : false; + $can_upload = ($config['allow_avatar_upload'] && file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $change_avatar && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on')) ? true : false; } if ((!empty($_FILES['uploadfile']['name']) || $data['uploadurl']) && $can_upload) diff --git a/phpBB/includes/mcp/mcp_queue.php b/phpBB/includes/mcp/mcp_queue.php index e43881fab2..c419da5574 100644 --- a/phpBB/includes/mcp/mcp_queue.php +++ b/phpBB/includes/mcp/mcp_queue.php @@ -428,7 +428,7 @@ class mcp_queue 'POST_ID' => $row['post_id'], 'FORUM_NAME' => (!$global_topic) ? $forum_names[$row['forum_id']] : $user->lang['GLOBAL_ANNOUNCEMENT'], - 'POST_SUBJECT' => $row['post_subject'], + 'POST_SUBJECT' => ($row['post_subject'] != '') ? $row['post_subject'] : $user->lang['NO_SUBJECT'], 'TOPIC_TITLE' => $row['topic_title'], 'POST_TIME' => $user->format_date($row['post_time'])) ); diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 79023cc7bc..aa2293c630 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -748,7 +748,7 @@ class session if ((int) $row['sessions'] > (int) $config['active_sessions']) { - header('HTTP/1.1 503 Service Unavailable'); + send_status_line(503, 'Service Unavailable'); trigger_error('BOARD_UNAVAILABLE'); } } @@ -1821,7 +1821,7 @@ class user extends session { if ($this->data['is_bot']) { - header('HTTP/1.1 503 Service Unavailable'); + send_status_line(503, 'Service Unavailable'); } $message = (!empty($config['board_disable_msg'])) ? $config['board_disable_msg'] : 'BOARD_DISABLE'; @@ -1840,7 +1840,7 @@ class user extends session { if ($this->data['is_bot']) { - header('HTTP/1.1 503 Service Unavailable'); + send_status_line(503, 'Service Unavailable'); } trigger_error('BOARD_UNAVAILABLE'); } diff --git a/phpBB/includes/ucp/ucp_groups.php b/phpBB/includes/ucp/ucp_groups.php index 423d9b718a..1c055a4823 100644 --- a/phpBB/includes/ucp/ucp_groups.php +++ b/phpBB/includes/ucp/ucp_groups.php @@ -490,7 +490,7 @@ class ucp_groups $avatar_select = basename(request_var('avatar_select', '')); $category = basename(request_var('category', '')); - $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && @is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false; + $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false; // Did we submit? if ($update) diff --git a/phpBB/includes/ucp/ucp_pm_viewmessage.php b/phpBB/includes/ucp/ucp_pm_viewmessage.php index 26968e1382..16700c490c 100644 --- a/phpBB/includes/ucp/ucp_pm_viewmessage.php +++ b/phpBB/includes/ucp/ucp_pm_viewmessage.php @@ -309,7 +309,7 @@ function get_user_information($user_id, $user_row) get_user_rank($user_row['user_rank'], $user_row['user_posts'], $user_row['rank_title'], $user_row['rank_image'], $user_row['rank_image_src']); - if (!empty($user_row['user_allow_viewemail']) || $auth->acl_get('a_email')) + if ((!empty($user_row['user_allow_viewemail']) && $auth->acl_get('u_sendemail')) || $auth->acl_get('a_email')) { $user_row['email'] = ($config['board_email_form'] && $config['email_enable']) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=email&u=$user_id") : ((($config['board_hide_emails'] && !$auth->acl_get('a_email')) || empty($user_row['user_email'])) ? '' : 'mailto:' . $user_row['user_email']); } diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php index 4fd25b7d1c..c099e3b3fa 100644 --- a/phpBB/includes/ucp/ucp_profile.php +++ b/phpBB/includes/ucp/ucp_profile.php @@ -561,7 +561,7 @@ class ucp_profile $avatar_select = basename(request_var('avatar_select', '')); $category = basename(request_var('category', '')); - $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && @is_writable($phpbb_root_path . $config['avatar_path']) && $auth->acl_get('u_chgavatar') && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on')) ? true : false; + $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $auth->acl_get('u_chgavatar') && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on')) ? true : false; add_form_key('ucp_avatar'); diff --git a/phpBB/install/convertors/functions_phpbb20.php b/phpBB/install/convertors/functions_phpbb20.php index b80c7673e3..78224dd5da 100644 --- a/phpBB/install/convertors/functions_phpbb20.php +++ b/phpBB/install/convertors/functions_phpbb20.php @@ -1239,9 +1239,9 @@ function phpbb_prepare_message($message) // Already the new user id ;) $user_id = $convert->row['poster_id']; + $message = str_replace('<br />', "\n", $message); $message = str_replace('<', '<', $message); $message = str_replace('>', '>', $message); - $message = str_replace('<br />', "\n", $message); // make the post UTF-8 $message = phpbb_set_encoding($message); diff --git a/phpBB/install/database_update.php b/phpBB/install/database_update.php index fec09f89db..019469b061 100644 --- a/phpBB/install/database_update.php +++ b/phpBB/install/database_update.php @@ -880,7 +880,7 @@ function database_update_info() 'pm_id' => array('pm_id'), ), POSTS_TABLE => array( - 'post_username' => array('post_username'), + 'post_username' => array('post_username:255'), ), ), ), @@ -2141,7 +2141,7 @@ class updater_db_tools * drop_columns: Removing/Dropping columns * add_primary_keys: adding primary keys * add_unique_index: adding an unique index - * add_index: adding an index + * add_index: adding an index (can be column:index_size if you need to provide size) * * The values are in this format: * {TABLE NAME} => array( @@ -3520,6 +3520,12 @@ class updater_db_tools { $statements = array(); + // remove index length unless MySQL4 + if ('mysql_40' != $this->sql_layer) + { + $column = preg_replace('#:.*$#', '', $column); + } + switch ($this->sql_layer) { case 'firebird': @@ -3530,6 +3536,16 @@ class updater_db_tools break; case 'mysql_40': + // add index size to definition as required by MySQL4 + foreach ($column as $i => $col) + { + if (false !== strpos($col, ':')) + { + list($col, $index_size) = explode(':', $col); + $column[$i] = "$col($index_size)"; + } + } + // no break case 'mysql_41': $statements[] = 'CREATE INDEX ' . $index_name . ' ON ' . $table_name . '(' . implode(', ', $column) . ')'; break; diff --git a/phpBB/install/install_convert.php b/phpBB/install/install_convert.php index 8c3ffd61a8..814b50cf68 100644 --- a/phpBB/install/install_convert.php +++ b/phpBB/install/install_convert.php @@ -835,7 +835,7 @@ class install_convert extends module $this->p_master->error($user->lang['DEV_NO_TEST_FILE'], __LINE__, __FILE__); } - if (!$local_path || !@is_writable($phpbb_root_path . $local_path)) + if (!$local_path || !phpbb_is_writable($phpbb_root_path . $local_path)) { if (!$local_path) { diff --git a/phpBB/install/install_install.php b/phpBB/install/install_install.php index 4c22db07b2..6c23460de9 100644 --- a/phpBB/install/install_install.php +++ b/phpBB/install/install_install.php @@ -486,7 +486,7 @@ class install_install extends module $write = $exists = true; if (file_exists($phpbb_root_path . $dir)) { - if (!@is_writable($phpbb_root_path . $dir)) + if (!phpbb_is_writable($phpbb_root_path . $dir)) { $write = false; } @@ -906,7 +906,7 @@ class install_install extends module $config_data .= '?' . '>'; // Done this to prevent highlighting editors getting confused! // Attempt to write out the config file directly. If it works, this is the easiest way to do it ... - if ((file_exists($phpbb_root_path . 'config.' . $phpEx) && is_writable($phpbb_root_path . 'config.' . $phpEx)) || is_writable($phpbb_root_path)) + if ((file_exists($phpbb_root_path . 'config.' . $phpEx) && phpbb_is_writable($phpbb_root_path . 'config.' . $phpEx)) || phpbb_is_writable($phpbb_root_path)) { // Assume it will work ... if nothing goes wrong below $written = true; diff --git a/phpBB/memberlist.php b/phpBB/memberlist.php index b46230b10a..2fa2d11ee1 100644 --- a/phpBB/memberlist.php +++ b/phpBB/memberlist.php @@ -1607,7 +1607,7 @@ function show_profile($data, $user_notes_enabled = false, $warn_user_enabled = f $rank_title = $rank_img = $rank_img_src = ''; get_user_rank($data['user_rank'], (($user_id == ANONYMOUS) ? false : $data['user_posts']), $rank_title, $rank_img, $rank_img_src); - if (!empty($data['user_allow_viewemail']) || $auth->acl_get('a_user')) + if ((!empty($data['user_allow_viewemail']) && $auth->acl_get('u_sendemail')) || $auth->acl_get('a_user')) { $email = ($config['board_email_form'] && $config['email_enable']) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=email&u=' . $user_id) : (($config['board_hide_emails'] && !$auth->acl_get('a_user')) ? '' : 'mailto:' . $data['user_email']); } diff --git a/phpBB/posting.php b/phpBB/posting.php index df063ef391..853ac18aad 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -402,6 +402,19 @@ if ($post_data['poll_start']) $db->sql_freeresult($result); } +if ($mode == 'edit') +{ + $original_poll_data = array( + 'poll_title' => $post_data['poll_title'], + 'poll_length' => $post_data['poll_length'], + 'poll_max_options' => $post_data['poll_max_options'], + 'poll_option_text' => implode("\n", $post_data['poll_options']), + 'poll_start' => $post_data['poll_start'], + 'poll_last_vote' => $post_data['poll_last_vote'], + 'poll_vote_change' => $post_data['poll_vote_change'], + ); +} + $orig_poll_options_size = sizeof($post_data['poll_options']); $message_parser = new parse_message(); @@ -912,6 +925,22 @@ if ($submit || $preview || $refresh) $message_parser->warn_msg[] = $user->lang['NO_DELETE_POLL_OPTIONS']; }*/ } + else if (!$auth->acl_get('f_poll', $forum_id) && ($mode == 'edit') && ($post_id == $post_data['topic_first_post_id']) && ($original_poll_data['poll_title'] != '')) + { + // We have a poll but the editing user is not permitted to create/edit it. + // So we just keep the original poll-data. + $poll = array_merge($original_poll_data, array( + 'enable_bbcode' => $post_data['enable_bbcode'], + 'enable_urls' => $post_data['enable_urls'], + 'enable_smilies' => $post_data['enable_smilies'], + 'img_status' => $img_status, + )); + + $message_parser->parse_poll($poll); + + $post_data['poll_options'] = (isset($poll['poll_options'])) ? $poll['poll_options'] : ''; + $post_data['poll_title'] = (isset($poll['poll_title'])) ? $poll['poll_title'] : ''; + } else { $poll = array(); @@ -1271,7 +1300,7 @@ $attachment_data = $message_parser->attachment_data; $filename_data = $message_parser->filename_data; $post_data['post_text'] = $message_parser->message; -if (sizeof($post_data['poll_options']) && $post_data['poll_title']) +if (sizeof($post_data['poll_options']) || $post_data['poll_title']) { $message_parser->message = $post_data['poll_title']; $message_parser->bbcode_uid = $post_data['bbcode_uid']; diff --git a/phpBB/search.php b/phpBB/search.php index 1e1e42d01f..9e54820c25 100644 --- a/phpBB/search.php +++ b/phpBB/search.php @@ -81,9 +81,10 @@ if ($user->load && $config['limit_search_load'] && ($user->load > doubleval($con trigger_error('NO_SEARCH_TIME'); } -// Check flood limit ... if applicable +// It is applicable if the configuration setting is non-zero, and the user cannot +// ignore the flood setting, and the search is a keyword search. $interval = ($user->data['user_id'] == ANONYMOUS) ? $config['search_anonymous_interval'] : $config['search_interval']; -if ($interval && !$auth->acl_get('u_ignoreflood')) +if ($interval && !in_array($search_id, array('unreadposts', 'unanswered', 'active_topics', 'egosearch')) && !$auth->acl_get('u_ignoreflood')) { if ($user->data['user_last_search'] > time() - $interval) { @@ -891,7 +892,7 @@ if ($keywords || $author || $author_id || $search_id || $submit) 'S_TOPIC_GLOBAL' => (!$forum_id) ? true : false, 'S_TOPIC_TYPE' => $row['topic_type'], - 'S_USER_POSTED' => (!empty($row['mark_type'])) ? true : false, + 'S_USER_POSTED' => (!empty($row['topic_posted'])) ? true : false, 'S_UNREAD_TOPIC' => $unread_topic, 'S_TOPIC_REPORTED' => (!empty($row['topic_reported']) && $auth->acl_get('m_report', $forum_id)) ? true : false, diff --git a/phpBB/styles/prosilver/template/login_body.html b/phpBB/styles/prosilver/template/login_body.html index fe111aaa45..e52ccd6434 100644 --- a/phpBB/styles/prosilver/template/login_body.html +++ b/phpBB/styles/prosilver/template/login_body.html @@ -32,11 +32,11 @@ </dl> <!-- ENDIF --> + {S_LOGIN_REDIRECT} <dl> <dt> </dt> <dd>{S_HIDDEN_FIELDS}<input type="submit" name="login" tabindex="6" value="{L_LOGIN}" class="button1" /></dd> </dl> - {S_LOGIN_REDIRECT} </fieldset> </div> <span class="corners-bottom"><span></span></span></div> diff --git a/phpBB/styles/subsilver2/template/login_body.html b/phpBB/styles/subsilver2/template/login_body.html index 51f7068b5f..503de9e69e 100644 --- a/phpBB/styles/subsilver2/template/login_body.html +++ b/phpBB/styles/subsilver2/template/login_body.html @@ -72,12 +72,12 @@ <!-- INCLUDE {CAPTCHA_TEMPLATE} --> <!-- ENDIF --> +{S_LOGIN_REDIRECT} <tr> <td class="cat" <!-- IF not S_ADMIN_AUTH or S_CONFIRM_CODE -->colspan="2"<!-- ENDIF --> align="center">{S_HIDDEN_FIELDS}<input type="submit" name="login" class="btnmain" value="{L_LOGIN}" tabindex="5" /></td> </tr> </table> {S_FORM_TOKEN} -{S_LOGIN_REDIRECT} </form> <br clear="all" /> diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index 8926d5a40b..498088c5c8 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -1146,7 +1146,7 @@ while ($row = $db->sql_fetchrow($result)) get_user_rank($row['user_rank'], $row['user_posts'], $user_cache[$poster_id]['rank_title'], $user_cache[$poster_id]['rank_image'], $user_cache[$poster_id]['rank_image_src']); - if (!empty($row['user_allow_viewemail']) || $auth->acl_get('a_email')) + if ((!empty($row['user_allow_viewemail']) && $auth->acl_get('u_sendemail')) || $auth->acl_get('a_email')) { $user_cache[$poster_id]['email'] = ($config['board_email_form'] && $config['email_enable']) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=email&u=$poster_id") : (($config['board_hide_emails'] && !$auth->acl_get('a_email')) ? '' : 'mailto:' . $row['user_email']); } diff --git a/tests/dbal/dbal.php b/tests/dbal/dbal.php index 1cce891ca9..663323ad61 100644 --- a/tests/dbal/dbal.php +++ b/tests/dbal/dbal.php @@ -244,8 +244,9 @@ class phpbb_dbal_test extends phpbb_database_test_case array('username_clean' => 'bertie'))), // These here would throw errors and therefor $result should be false. - array('user_id', array(), false, false, false, true), - array('user_id', array(), true, false, false, true), + // Removing for now because SQLite accepts empty IN() syntax + /*array('user_id', array(), false, false, false, true), + array('user_id', array(), true, false, false, true),*/ ); } diff --git a/tests/test_framework/phpbb_database_test_case.php b/tests/test_framework/phpbb_database_test_case.php index d558874c6f..f6bf420ebc 100644 --- a/tests/test_framework/phpbb_database_test_case.php +++ b/tests/test_framework/phpbb_database_test_case.php @@ -19,7 +19,7 @@ abstract class phpbb_database_test_case extends PHPUnit_Extensions_Database_Test } } - function get_dbms_data($dbms) + public function get_dbms_data($dbms) { $available_dbms = array( 'firebird' => array( @@ -65,7 +65,7 @@ abstract class phpbb_database_test_case extends PHPUnit_Extensions_Database_Test 'sqlite' => array( 'SCHEMA' => 'sqlite', 'DELIM' => ';', - 'PDO' => 'sqlite', + 'PDO' => 'sqlite2', ), ); @@ -79,10 +79,13 @@ abstract class phpbb_database_test_case extends PHPUnit_Extensions_Database_Test } } - function split_sql_file($sql, $delimiter) + // NOTE: This function is not the same as split_sql_file from functions_install + public function split_sql_file($sql, $dbms) { + $dbms_data = $this->get_dbms_data($dbms); + $sql = str_replace("\r" , '', $sql); - $data = preg_split('/' . preg_quote($delimiter, '/') . '$/m', $sql); + $data = preg_split('/' . preg_quote($dbms_data['DELIM'], '/') . '$/m', $sql); $data = array_map('trim', $data); @@ -94,6 +97,15 @@ abstract class phpbb_database_test_case extends PHPUnit_Extensions_Database_Test unset($data[key($data)]); } + if ($dbms == 'sqlite') + { + // trim # off query to satisfy sqlite + foreach ($data as $i => $query) + { + $data[$i] = preg_replace('/^#.*$/m', "\n", $query); + } + } + return $data; } @@ -108,21 +120,42 @@ abstract class phpbb_database_test_case extends PHPUnit_Extensions_Database_Test if ($already_connected) { - $pdo = new PDO($dbms_data['PDO'] . ':host=' . $database_config['dbhost'] . ';dbname=' . $database_config['dbname'], $database_config['dbuser'], $database_config['dbpasswd']); + if ($database_config['dbms'] == 'sqlite') + { + $pdo = new PDO($dbms_data['PDO'] . ':' . $database_config['dbhost']); + } + else + { + $pdo = new PDO($dbms_data['PDO'] . ':host=' . $database_config['dbhost'] . ';dbname=' . $database_config['dbname'], $database_config['dbuser'], $database_config['dbpasswd']); + } } else { - $pdo = new PDO($dbms_data['PDO'] . ':host=' . $database_config['dbhost'] . ';', $database_config['dbuser'], $database_config['dbpasswd']); - - try + if ($database_config['dbms'] == 'sqlite') { - $pdo->exec('DROP DATABASE ' . $database_config['dbname']); + // delete existing database + if (file_exists($database_config['dbhost'])) + { + unlink($database_config['dbhost']); + } + + $pdo = new PDO($dbms_data['PDO'] . ':' . $database_config['dbhost']); } - catch (PDOException $e){} // ignore non existent db + else + { + $pdo = new PDO($dbms_data['PDO'] . ':host=' . $database_config['dbhost'] . ';', $database_config['dbuser'], $database_config['dbpasswd']);try + { + $pdo->exec('DROP DATABASE ' . $database_config['dbname']); + } + catch (PDOException $e){} // ignore non existent db - $pdo->exec('CREATE DATABASE ' . $database_config['dbname']); + $pdo->exec('CREATE DATABASE ' . $database_config['dbname']); + + $pdo = new PDO($dbms_data['PDO'] . ':host=' . $database_config['dbhost'] . ';dbname=' . $database_config['dbname'], $database_config['dbuser'], $database_config['dbpasswd']); + } - $pdo = new PDO($dbms_data['PDO'] . ':host=' . $database_config['dbhost'] . ';dbname=' . $database_config['dbname'], $database_config['dbuser'], $database_config['dbpasswd']); + // good for debug + // $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); if ($database_config['dbms'] == 'mysql') { @@ -141,7 +174,7 @@ abstract class phpbb_database_test_case extends PHPUnit_Extensions_Database_Test unset($row, $sth); } - $sql_query = $this->split_sql_file(file_get_contents("../phpBB/install/schemas/{$dbms_data['SCHEMA']}_schema.sql"), $dbms_data['DELIM']); + $sql_query = $this->split_sql_file(file_get_contents("../phpBB/install/schemas/{$dbms_data['SCHEMA']}_schema.sql"), $database_config['dbms']); foreach ($sql_query as $sql) { |