diff options
| -rw-r--r-- | .gitignore | 2 | ||||
| -rwxr-xr-x | build/package.php | 8 | ||||
| -rw-r--r-- | build/webpi/install/mssql.sql | 39 | ||||
| -rw-r--r-- | build/webpi/install/mysql.sql | 15 | ||||
| -rw-r--r-- | build/webpi/manifest.xml | 13 | ||||
| -rw-r--r-- | build/webpi/parameters.xml | 226 | ||||
| -rwxr-xr-x | git-tools/hooks/pre-commit | 9 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_board.php | 4 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_database.php | 1 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_forums.php | 7 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_profile.php | 1 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_reasons.php | 1 | ||||
| -rw-r--r-- | phpBB/includes/functions_profile_fields.php | 1 | ||||
| -rw-r--r-- | phpBB/includes/functions_upload.php | 25 | ||||
| -rw-r--r-- | phpBB/includes/message_parser.php | 2 | ||||
| -rw-r--r-- | phpBB/language/en/install.php | 2 | ||||
| -rw-r--r-- | phpBB/search.php | 1 | ||||
| -rw-r--r-- | phpBB/web.config | 27 |
18 files changed, 374 insertions, 10 deletions
diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000000..3e0f454e0c --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +phpBB/cache/*.php +*~
\ No newline at end of file diff --git a/build/package.php b/build/package.php index 7cb30bd493..a0da6404c6 100755 --- a/build/package.php +++ b/build/package.php @@ -518,6 +518,14 @@ foreach ($compress_programs as $extension => $compress_command) $package->run_command('md5sum ./release_files/' . $package->get('release_filename') . '.' . $extension . ' > ./release_files/' . $package->get('release_filename') . '.' . $extension . '.md5'); } +// Microsoft Web PI packaging +$package->begin_status('Packaging phpBB for Microsoft WebPI'); +$file = './release_files/' . $package->get('release_filename') . '.webpi.zip'; +$package->run_command("rm -v $file"); +$package->run_command('cp -p ./release_files/' . $package->get('release_filename') . ".zip $file"); +$package->run_command('cd ./../webpi && ' . $compress_programs['zip'] . " ./../new_version/$file *"); +$package->run_command("md5sum $file > $file.md5"); + // verify results chdir($package->locations['root']); $package->begin_status('********** Verifying packages **********'); diff --git a/build/webpi/install/mssql.sql b/build/webpi/install/mssql.sql new file mode 100644 index 0000000000..9c0b46678a --- /dev/null +++ b/build/webpi/install/mssql.sql @@ -0,0 +1,39 @@ +/**********************************************************************/ +/* Install.SQL */ +/* Creates a login and makes the user a member of db roles */ +/* */ +/**********************************************************************/ + +-- Declare variables for database name, username and password +DECLARE @dbName sysname, + @dbUser sysname, + @dbPwd nvarchar(max); + +-- Set variables for database name, username and password +SET @dbName = 'PlaceHolderForDb'; +SET @dbUser = 'PlaceHolderForUser'; +SET @dbPwd = 'PlaceHolderForPassword'; + +DECLARE @cmd nvarchar(max) + +-- Create login +IF( SUSER_SID(@dbUser) is null ) +BEGIN + print '-- Creating login ' + SET @cmd = N'CREATE LOGIN ' + quotename(@dbUser) + N' WITH PASSWORD ='''+ replace(@dbPwd, '''', '''''') + N'''' + EXEC(@cmd) +END + +-- Create database user and map to login +-- and add user to the datareader, datawriter, ddladmin and securityadmin roles +-- +SET @cmd = N'USE ' + quotename(@DBName) + N'; +IF( NOT EXISTS (SELECT * FROM sys.database_principals WHERE name = ''' + replace(@dbUser, '''', '''''') + N''')) +BEGIN + print ''-- Creating user''; + CREATE USER ' + quotename(@dbUser) + N' FOR LOGIN ' + quotename(@dbUser) + N'; + print ''-- Adding user''; + EXEC sp_addrolemember ''db_owner'', ''' + replace(@dbUser, '''', '''''') + N'''; +END' +EXEC(@cmd) +GO diff --git a/build/webpi/install/mysql.sql b/build/webpi/install/mysql.sql new file mode 100644 index 0000000000..5c9d8cd922 --- /dev/null +++ b/build/webpi/install/mysql.sql @@ -0,0 +1,15 @@ +USE PlaceHolderForDb$$ + +DROP PROCEDURE IF EXISTS add_user $$ + +CREATE PROCEDURE add_user() +BEGIN +DECLARE EXIT HANDLER FOR 1044 BEGIN END; +GRANT ALL PRIVILEGES ON PlaceHolderForDb.* to 'PlaceHolderForUser'@'PlaceHolderForServer' IDENTIFIED BY 'PlaceHolderForPassword'; +FLUSH PRIVILEGES; +END +$$ + +CALL add_user() $$ + +DROP PROCEDURE IF EXISTS add_user $$ diff --git a/build/webpi/manifest.xml b/build/webpi/manifest.xml new file mode 100644 index 0000000000..947377893b --- /dev/null +++ b/build/webpi/manifest.xml @@ -0,0 +1,13 @@ +<msdeploy.iisapp> + <iisapp path="phpBB3" /> + + <dbmysql path="install/mysql.sql" commandDelimiter="$$" removeCommandDelimiter="true" /> + + <dbfullsql path="install/mssql.sql" /> + + <setAcl path="phpBB3/cache" setAclAccess="Modify" setAclUser="anonymousAuthenticationUser" /> + <setAcl path="phpBB3/files" setAclAccess="Modify" setAclUser="anonymousAuthenticationUser" /> + <setAcl path="phpBB3/store" setAclAccess="Modify" setAclUser="anonymousAuthenticationUser" /> + <setAcl path="phpBB3/images/avatars/upload" setAclAccess="Modify" setAclUser="anonymousAuthenticationUser" /> + <setAcl path="phpBB3/config.php" setAclAccess="Modify" setAclUser="anonymousAuthenticationUser" setAclResourceType="File" /> +</msdeploy.iisapp> diff --git a/build/webpi/parameters.xml b/build/webpi/parameters.xml new file mode 100644 index 0000000000..994247e48e --- /dev/null +++ b/build/webpi/parameters.xml @@ -0,0 +1,226 @@ +<parameters> + <parameter + name="AppPath" + defaultValue="Default Web Site/phpBB3" + tags="iisapp"> + + <parameterEntry + type="ProviderPath" + scope="iisapp" + match="phpBB3" /> + </parameter> + + <parameter + name="aclCache" + description="Sets the ACL on the cache/ folder" + defaultValue="{AppPath}/cache" + tags="Hidden"> + + <parameterEntry + type="ProviderPath" + scope="setAcl" + match="phpBB3/cache" /> + </parameter> + + <parameter + name="aclFiles" + description="Sets the ACL on the files/ folder" + defaultValue="{AppPath}/files" + tags="Hidden"> + + <parameterEntry + type="ProviderPath" + scope="setAcl" + match="phpBB3/files" /> + </parameter> + + <parameter + name="aclStore" + description="Sets the ACL on the store/ folder" + defaultValue="{AppPath}/store" + tags="Hidden"> + + <parameterEntry + type="ProviderPath" + scope="setAcl" + match="phpBB3/store" /> + </parameter> + + <parameter + name="aclAvatarUpload" + description="Sets the ACL on the avatars/upload/ folder" + defaultValue="{AppPath}/images/avatars/upload" + tags="Hidden"> + + <parameterEntry + type="ProviderPath" + scope="setAcl" + match="phpBB3/images/avatars/upload" /> + </parameter> + + <parameter + name="aclConfig" + description="Sets the ACL on the config.php file" + defaultValue="{AppPath}/config.php" + tags="Hidden"> + + <parameterEntry + type="ProviderPath" + scope="setAcl" + match="phpBB3/config.php" /> + </parameter> + + <parameter + name="DatabaseServer" + description="Enter the database server" + defaultValue=".\SQLExpress" + tags="SQL, dbServer" > + </parameter> + + <parameter + name="DatabaseName" + description="Database name for your application." + defaultValue="phpbb" + tags="SQL, dbName"> + + <parameterEntry + type="TextFile" + scope="install/mssql.sql" + match="PlaceHolderForDb" /> + </parameter> + + <parameter + name="DatabaseAdministrator" + description="Database server administartor username." + defaultValue="sa" + tags="SQL, DbAdminUsername" > + </parameter> + + <parameter + name="DatabaseAdministratorPassword" + description="Database server administrator password." + tags="Password,SQL,DbAdminPassword"> + </parameter> + + <parameter + name="Database Username" + description="Username to access your database." + defaultValue="phpbb" + tags="SQL, DbUsername"> + + <parameterEntry + type="TextFile" + scope="install/mssql.sql" + match="PlaceHolderForUser" /> + </parameter> + + <parameter + name="Database Password" + description="Password for your phpBB database. (Must be at least 8 characters, contain at least one lower case letter, one upper case letter and one digit)" + tags="New, Password,SQL, DbUserPassword"> + + <parameterValidation + type = "RegularExpression" + validationString = "^.*(?=.{8,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).*$" /> + + <parameterEntry + type="TextFile" + scope="install/mssql.sql" + match="PlaceHolderForPassword" /> + </parameter> + + <parameter + name="ConnectionString" + description="Automatically sets the connection string for the connection request." + defaultValue="Server={DatabaseServer};Database={DatabaseName};uid={DatabaseAdministrator};Pwd={DatabaseAdministratorPassword};" + tags="Hidden,SQLConnectionString,Validate"> + + <parameterEntry + type="ProviderPath" + scope="dbfullsql" + match="install/mssql.sql" /> + </parameter> + + <parameter + name="SQL Database type" + description="SQL database type" + defaultValue="mssql" + tags="SQL,Hidden"> + </parameter> + + <parameter + name="MySQL Database Server" + description="Enter the hostname" + defaultValue="localhost" + tags="MySQL, dbServer"> + + <parameterEntry + type="TextFile" + scope="install/mysql.sql" + match="PlaceHolderForServer" /> + </parameter> + + <parameter + name="Application Database Name" + description="Database Name for your application." + defaultValue="phpbb" + tags="MySQL, dbName"> + + <parameterEntry + type="TextFile" + scope="install/mysql.sql" + match="PlaceHolderForDb" /> + </parameter> + + <parameter + name="MySQL Database Administrator" + description="Database administrator username." + defaultValue="root" + tags="MySQL, DbAdminUsername" > + </parameter> + + <parameter + name="MySQL Database Administrator Password" + description="Database administrator password." + tags="Password,MySQL,DbAdminPassword" > + </parameter> + + <parameter + name="phpBB Database Username" + description="Username to access your phpBB database." + defaultValue="phpbb" + tags="MySQL, DbUsername"> + + <parameterEntry + type="TextFile" + scope="install/mysql.sql" + match="PlaceHolderForUser" /> + </parameter> + + <parameter + name="MySQL Database Password" + description="Password for your phpBB database. (Minimum 4 characters)" + tags="New, Password,MySQL,DbUserPassword"> + + <parameterValidation + type = "RegularExpression" + validationString = "^.{4,}$" /> + + <parameterEntry + type="TextFile" + scope="install/mysql.sql" + match="PlaceHolderForPassword" /> + </parameter> + + <parameter + name="MySQLConnectionString" + description="Automatically sets the connection string for the connection request." + defaultValue="Server={MySQL Database Server};Database={Application Database Name};uid={MySQL Database Administrator};Pwd={MySQL Database Administrator Password};" + tags="Hidden,MySQLConnectionString,Validate"> + + <parameterEntry + type="ProviderPath" + scope="dbmysql" + match="install/mysql.sql" /> + </parameter> +</parameters> diff --git a/git-tools/hooks/pre-commit b/git-tools/hooks/pre-commit index 23ab8d6cdb..9719b91746 100755 --- a/git-tools/hooks/pre-commit +++ b/git-tools/hooks/pre-commit @@ -1,4 +1,4 @@ -#!/usr/bin/env bash +#!/bin/sh # # A hook to disallow php syntax errors to be committed # by running php -l (lint) on them. It requires php-cli @@ -27,7 +27,10 @@ fi error=0 errors="" -IFS=$'\n' +# dash does not support $'\n': +# http://forum.soft32.com/linux2/Bug-409179-DASH-Settings-IFS-work-properly-ftopict70039.html +IFS=' +' # get a list of staged files for line in $(git diff-index --cached --full-index $against) do @@ -59,7 +62,7 @@ do then error=1 # Swap back in correct filenames - errors+=${result//in - on/"$filename"} + errors=$(echo "$errors"; echo "$result" |sed -e "s@in - on@in $filename on@g") fi done unset IFS diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index a5feac1902..7680d8996c 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -888,8 +888,8 @@ class acp_board $old_tz = $user->timezone; $old_dst = $user->dst; - $user->timezone = $config['board_timezone']; - $user->dst = $config['board_dst']; + $user->timezone = $config['board_timezone'] * 3600; + $user->dst = $config['board_dst'] * 3600; $dateformat_options = ''; diff --git a/phpBB/includes/acp/acp_database.php b/phpBB/includes/acp/acp_database.php index abfad2b90b..0582d6204e 100644 --- a/phpBB/includes/acp/acp_database.php +++ b/phpBB/includes/acp/acp_database.php @@ -394,6 +394,7 @@ class acp_database case 'mssql': case 'mssql_odbc': + case 'mssqlnative': while (($sql = $fgetd($fp, "GO\n", $read, $seek, $eof)) !== false) { $db->sql_query($sql); diff --git a/phpBB/includes/acp/acp_forums.php b/phpBB/includes/acp/acp_forums.php index 5a5adc57ae..54bf905374 100644 --- a/phpBB/includes/acp/acp_forums.php +++ b/phpBB/includes/acp/acp_forums.php @@ -1705,6 +1705,9 @@ class acp_forums ) ); + // Amount of rows we select and delete in one iteration. + $batch_size = 500; + foreach ($tables_ary as $field => $tables) { $start = 0; @@ -1714,7 +1717,7 @@ class acp_forums $sql = "SELECT $field FROM " . POSTS_TABLE . ' WHERE forum_id = ' . $forum_id; - $result = $db->sql_query_limit($sql, 500, $start); + $result = $db->sql_query_limit($sql, $batch_size, $start); $ids = array(); while ($row = $db->sql_fetchrow($result)) @@ -1733,7 +1736,7 @@ class acp_forums } } } - while ($row); + while (sizeof($ids) == $batch_size); } unset($ids); diff --git a/phpBB/includes/acp/acp_profile.php b/phpBB/includes/acp/acp_profile.php index fc08c7e8e8..2288a0728b 100644 --- a/phpBB/includes/acp/acp_profile.php +++ b/phpBB/includes/acp/acp_profile.php @@ -1480,6 +1480,7 @@ class acp_profile case 'mssql': case 'mssql_odbc': + case 'mssqlnative': // We are defining the biggest common value, because of the possibility to edit the min/max values of each field. $sql = 'ALTER TABLE [' . PROFILE_FIELDS_DATA_TABLE . "] ADD [$field_ident] "; diff --git a/phpBB/includes/acp/acp_reasons.php b/phpBB/includes/acp/acp_reasons.php index 8d7bc88769..dbc9fcb6cc 100644 --- a/phpBB/includes/acp/acp_reasons.php +++ b/phpBB/includes/acp/acp_reasons.php @@ -233,6 +233,7 @@ class acp_reasons // Standard? What's that? case 'mssql': case 'mssql_odbc': + case 'mssqlnative': // Change the reports using this reason to 'other' $sql = "DECLARE @ptrval binary(16) diff --git a/phpBB/includes/functions_profile_fields.php b/phpBB/includes/functions_profile_fields.php index 61e3587158..fa1cc98e10 100644 --- a/phpBB/includes/functions_profile_fields.php +++ b/phpBB/includes/functions_profile_fields.php @@ -366,6 +366,7 @@ class custom_profile case 'sqlite': case 'mssql': case 'mssql_odbc': + case 'mssqlnative': $right_delim = ']'; $left_delim = '['; break; diff --git a/phpBB/includes/functions_upload.php b/phpBB/includes/functions_upload.php index 054af29045..51fed45ebd 100644 --- a/phpBB/includes/functions_upload.php +++ b/phpBB/includes/functions_upload.php @@ -775,7 +775,18 @@ class fileupload { if ($get_info) { - $data .= @fread($fsock, 1024); + $block = @fread($fsock, 1024); + $filesize += strlen($block); + + if ($this->max_filesize && $filesize > $this->max_filesize) + { + $max_filesize = get_formatted_filesize($this->max_filesize, false); + + $file = new fileerror(sprintf($user->lang[$this->error_prefix . 'WRONG_FILESIZE'], $max_filesize['value'], $max_filesize['unit'])); + return $file; + } + + $data .= $block; } else { @@ -791,6 +802,18 @@ class fileupload { $upload_ary['type'] = rtrim(str_replace('content-type: ', '', strtolower($line))); } + else if ($this->max_filesize && stripos($line, 'content-length: ') !== false) + { + $length = (int) str_replace('content-length: ', '', strtolower($line)); + + if ($length && $length > $this->max_filesize) + { + $max_filesize = get_formatted_filesize($this->max_filesize, false); + + $file = new fileerror(sprintf($user->lang[$this->error_prefix . 'WRONG_FILESIZE'], $max_filesize['value'], $max_filesize['unit'])); + return $file; + } + } else if (stripos($line, '404 not found') !== false) { $file = new fileerror($user->lang[$this->error_prefix . 'URL_NOT_FOUND']); diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 50aad8588a..952b55cc8c 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -300,7 +300,7 @@ class bbcode_firstpass extends bbcode if ($config['max_' . $this->mode . '_img_height'] || $config['max_' . $this->mode . '_img_width']) { - $stats = @getimagesize($in); + $stats = @getimagesize(htmlspecialchars_decode($in)); if ($stats === false) { diff --git a/phpBB/language/en/install.php b/phpBB/language/en/install.php index 1c27e2f40d..8515739dc9 100644 --- a/phpBB/language/en/install.php +++ b/phpBB/language/en/install.php @@ -128,7 +128,7 @@ $lang = array_merge($lang, array( 'DB_ERR_QUERY_FIRST_TABLE' => 'Error while executing <var>query_first</var>, %s (“%s”).', 'DB_ERR_SELECT' => 'Error while running <code>SELECT</code> query.', 'DB_HOST' => 'Database server hostname or DSN', - 'DB_HOST_EXPLAIN' => 'DSN stands for Data Source Name and is relevant only for ODBC installs.', + 'DB_HOST_EXPLAIN' => 'DSN stands for Data Source Name and is relevant only for ODBC installs. On PostgreSQL, use localhost to connect to the local server via UNIX domain socket and 127.0.0.1 to connect via TCP.', 'DB_NAME' => 'Database name', 'DB_PASSWORD' => 'Database password', 'DB_PORT' => 'Database server port', diff --git a/phpBB/search.php b/phpBB/search.php index ab2221a96e..7a9ab82f93 100644 --- a/phpBB/search.php +++ b/phpBB/search.php @@ -1155,6 +1155,7 @@ if ($auth->acl_get('a_search')) case 'mssql': case 'mssql_odbc': + case 'mssqlnative': $sql = 'SELECT search_time, search_keywords FROM ' . SEARCH_RESULTS_TABLE . ' WHERE DATALENGTH(search_keywords) > 0 diff --git a/phpBB/web.config b/phpBB/web.config new file mode 100644 index 0000000000..128fe3c98f --- /dev/null +++ b/phpBB/web.config @@ -0,0 +1,27 @@ +<?xml version="1.0" encoding="UTF-8"?> +<configuration> + <system.webServer> + <security> + <requestFiltering> + <hiddenSegments> + <add segment="cache" /> + <add segment="files" /> + <add segment="store" /> + <add segment="config.php" /> + <add segment="common.php" /> + </hiddenSegments> + </requestFiltering> + </security> + </system.webServer> + <location path="images/avatars"> + <system.webServer> + <security> + <requestFiltering> + <hiddenSegments> + <add segment="upload" /> + </hiddenSegments> + </requestFiltering> + </security> + </system.webServer> + </location> +</configuration> |