diff options
40 files changed, 316 insertions, 57 deletions
diff --git a/.travis.yml b/.travis.yml index cb574a4d8d..3f3cf2b018 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,5 +1,5 @@ language: php -sudo: required +dist: trusty matrix: include: diff --git a/build/build.xml b/build/build.xml index 49ff9d9b71..c82754ed68 100644 --- a/build/build.xml +++ b/build/build.xml @@ -2,9 +2,9 @@ <project name="phpBB" description="The phpBB forum software" default="all" basedir="../"> <!-- a few settings for the build --> - <property name="newversion" value="3.2.7-dev" /> - <property name="prevversion" value="3.2.6" /> - <property name="olderversions" value="3.1.0, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.1.7, 3.1.7-pl1, 3.1.8, 3.1.9, 3.1.10, 3.1.11, 3.1.12, 3.2.0-a1, 3.2.0-a2, 3.2.0-b1, 3.2.0-b2, 3.2.0-RC1, 3.2.0-RC2, 3.2.0, 3.2.1, 3.2.2, 3.2.3, 3.2.4, 3.2.5" /> + <property name="newversion" value="3.2.8-dev" /> + <property name="prevversion" value="3.2.7" /> + <property name="olderversions" value="3.1.0, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.1.7, 3.1.7-pl1, 3.1.8, 3.1.9, 3.1.10, 3.1.11, 3.1.12, 3.2.0-a1, 3.2.0-a2, 3.2.0-b1, 3.2.0-b2, 3.2.0-RC1, 3.2.0-RC2, 3.2.0, 3.2.1, 3.2.2, 3.2.3, 3.2.4, 3.2.5, 3.2.6" /> <!-- no configuration should be needed beyond this point --> <property name="oldversions" value="${olderversions}, ${prevversion}" /> diff --git a/phpBB/composer.lock b/phpBB/composer.lock index 2c338bf292..ea36d1ba8d 100644 --- a/phpBB/composer.lock +++ b/phpBB/composer.lock @@ -342,7 +342,7 @@ "oauth", "security" ], - "time": "2016-07-12T22:15:00+00:00" + "time": "2018-02-14T22:37:14+00:00" }, { "name": "marc1706/fast-image-size", @@ -505,7 +505,7 @@ "pseudorandom", "random" ], - "time": "2017-03-13T16:22:52+00:00" + "time": "2018-04-04T21:48:54+00:00" }, { "name": "patchwork/utf8", @@ -661,16 +661,16 @@ }, { "name": "s9e/text-formatter", - "version": "1.4.2", + "version": "1.4.4", "source": { "type": "git", "url": "https://github.com/s9e/TextFormatter.git", - "reference": "dc7efff70b67b9cee00881ad3bef0a1da076b31e" + "reference": "504d538593350150e50c9de0a48418bb0a48e540" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/s9e/TextFormatter/zipball/dc7efff70b67b9cee00881ad3bef0a1da076b31e", - "reference": "dc7efff70b67b9cee00881ad3bef0a1da076b31e", + "url": "https://api.github.com/repos/s9e/TextFormatter/zipball/504d538593350150e50c9de0a48418bb0a48e540", + "reference": "504d538593350150e50c9de0a48418bb0a48e540", "shasum": "" }, "require": { @@ -682,6 +682,7 @@ "require-dev": { "matthiasmullie/minify": "*", "php-coveralls/php-coveralls": "*", + "phpunit/phpunit": "<6", "s9e/regexp-builder": "1.*" }, "suggest": { @@ -722,7 +723,7 @@ "parser", "shortcodes" ], - "time": "2019-03-27T14:19:41+00:00" + "time": "2019-05-15T00:08:12+00:00" }, { "name": "symfony/config", @@ -2293,7 +2294,8 @@ "authors": [ { "name": "Michiel Rook", - "email": "mrook@php.net" + "email": "mrook@php.net", + "role": "Lead" }, { "name": "Phing Community", diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index c6f05ca309..b21c0ca38f 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -50,6 +50,7 @@ <ol> <li><a href="#changelog">Changelog</a> <ul> + <li><a href="#v326">Changes since 3.2.6</a></li> <li><a href="#v326rc1">Changes since 3.2.6-RC1</a></li> <li><a href="#v325">Changes since 3.2.5</a></li> <li><a href="#v325rc1">Changes since 3.2.5-RC1</a></li> @@ -137,6 +138,19 @@ <div class="inner"> <div class="content"> + <a name="v326"></a><h3>Changes since 3.2.6</h3> + <h4>Bug</h4> + <ul> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-16034">PHPBB3-16034</a>] - Links created with [url=] - are sometimes incorrectly shortened</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-16036">PHPBB3-16036</a>] - Cannot login with 3.2.6</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-16037">PHPBB3-16037</a>] - Private message ViewFolder Broken</li> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-16039">PHPBB3-16039</a>] - Unable to change announcement to standard topic due to missing global</li> + </ul> + <h4>Improvement</h4> + <ul> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-16042">PHPBB3-16042</a>] - Use S_LOGIN_REDIRECT to output login form token</li> + </ul> + <a name="v326rc1"></a><h3>Changes since 3.2.6-RC1</h3> <h4>Bug</h4> <ul> diff --git a/phpBB/docs/events.md b/phpBB/docs/events.md index fb782ee452..c77691a048 100644 --- a/phpBB/docs/events.md +++ b/phpBB/docs/events.md @@ -1910,6 +1910,20 @@ posting_preview_poll_after * Since: 3.1.7-RC1 * Purpose: Add content after the poll preview block +posting_review_row_post_author_username_append +=== +* Locations: + + styles/prosilver/template/posting_review.html +* Since: 3.2.8-RC1 +* Purpose: Append information to post author username of member + +posting_review_row_post_author_username_prepend +=== +* Locations: + + styles/prosilver/template/posting_review.html +* Since: 3.2.8-RC1 +* Purpose: Prepend information to post author username of member + posting_topic_review_row_content_after === * Locations: @@ -1917,6 +1931,20 @@ posting_topic_review_row_content_after * Since: 3.2.4-RC1 * Purpose: Add content after the message content in topic review +posting_topic_review_row_post_author_username_append +=== +* Locations: + + styles/prosilver/template/posting_topic_review.html +* Since: 3.2.8-RC1 +* Purpose: Append information to post author username of member + +posting_topic_review_row_post_author_username_prepend +=== +* Locations: + + styles/prosilver/template/posting_topic_review.html +* Since: 3.2.8-RC1 +* Purpose: Prepend information to post author username of member + posting_topic_review_row_post_details_after === * Locations: @@ -2364,6 +2392,20 @@ ucp_pm_history_review_before * Since: 3.1.6-RC1 * Purpose: Add content before the private messages history review. +ucp_pm_history_row_message_author_username_append +=== +* Locations: + + styles/prosilver/template/ucp_pm_history.html +* Since: 3.2.8-RC1 +* Purpose: Append information to message author username of member + +ucp_pm_history_row_message_author_username_prepend +=== +* Locations: + + styles/prosilver/template/ucp_pm_history.html +* Since: 3.2.8-RC1 +* Purpose: Prepend information to message author username of member + ucp_pm_viewmessage_avatar_after === * Locations: diff --git a/phpBB/includes/acp/acp_attachments.php b/phpBB/includes/acp/acp_attachments.php index 5b1db5c31b..a7035f38b7 100644 --- a/phpBB/includes/acp/acp_attachments.php +++ b/phpBB/includes/acp/acp_attachments.php @@ -1240,13 +1240,17 @@ class acp_attachments $display_cat = isset($extensions[$row['extension']]['display_cat']) ? $extensions[$row['extension']]['display_cat'] : ATTACHMENT_CATEGORY_NONE; $l_downloaded_viewed = ($display_cat == ATTACHMENT_CATEGORY_NONE) ? 'DOWNLOAD_COUNTS' : 'VIEWED_COUNTS'; + // Capitalises the group name and checks if its key exists in the language file + $up_group_name = utf8_strtoupper($extensions[$row['extension']]['group_name']); + $ext_group_name = (!empty($up_group_name)) ? (isset($user->lang['EXT_GROUP_' . $up_group_name]) ? $user->lang['EXT_GROUP_' . $up_group_name] : '') : ''; + $template->assign_block_vars('attachments', array( 'ATTACHMENT_POSTER' => get_username_string('full', (int) $row['poster_id'], (string) $row['username'], (string) $row['user_colour'], (string) $row['username']), 'FILESIZE' => get_formatted_filesize((int) $row['filesize']), 'FILETIME' => $user->format_date((int) $row['filetime']), 'REAL_FILENAME' => (!$row['in_message']) ? utf8_basename((string) $row['real_filename']) : '', 'PHYSICAL_FILENAME' => utf8_basename((string) $row['physical_filename']), - 'EXT_GROUP_NAME' => (!empty($extensions[$row['extension']]['group_name'])) ? $user->lang['EXT_GROUP_' . $extensions[$row['extension']]['group_name']] : '', + 'EXT_GROUP_NAME' => $ext_group_name, 'COMMENT' => $comment, 'TOPIC_TITLE' => (!$row['in_message']) ? (string) $row['topic_title'] : '', 'ATTACH_ID' => (int) $row['attach_id'], diff --git a/phpBB/includes/acp/acp_database.php b/phpBB/includes/acp/acp_database.php index 05f2b98524..c33c2e4d6f 100644 --- a/phpBB/includes/acp/acp_database.php +++ b/phpBB/includes/acp/acp_database.php @@ -216,7 +216,7 @@ class acp_database } else if (confirm_box(true)) { - switch ($backup_info['extensions']) + switch ($backup_info['extension']) { case 'sql': $fp = fopen($backup_info['file_name'], 'rb'); diff --git a/phpBB/includes/acp/acp_update.php b/phpBB/includes/acp/acp_update.php index 9124a59ef2..fa3afa6ce3 100644 --- a/phpBB/includes/acp/acp_update.php +++ b/phpBB/includes/acp/acp_update.php @@ -59,17 +59,19 @@ class acp_update $update_link = $phpbb_root_path . 'install/app.' . $phpEx; - $template->assign_vars(array( - 'S_UP_TO_DATE' => empty($updates_available), - 'U_ACTION' => $this->u_action, - 'U_VERSIONCHECK_FORCE' => append_sid($this->u_action . '&versioncheck_force=1'), + $template_ary = [ + 'S_UP_TO_DATE' => empty($updates_available), + 'U_ACTION' => $this->u_action, + 'U_VERSIONCHECK_FORCE' => append_sid($this->u_action . '&versioncheck_force=1'), - 'CURRENT_VERSION' => $config['version'], + 'CURRENT_VERSION' => $config['version'], - 'UPDATE_INSTRUCTIONS' => sprintf($user->lang['UPDATE_INSTRUCTIONS'], $update_link), + 'UPDATE_INSTRUCTIONS' => $user->lang('UPDATE_INSTRUCTIONS', $update_link), 'S_VERSION_UPGRADEABLE' => !empty($upgrades_available), 'UPGRADE_INSTRUCTIONS' => !empty($upgrades_available) ? $user->lang('UPGRADE_INSTRUCTIONS', $upgrades_available['current'], $upgrades_available['announcement']) : false, - )); + ]; + + $template->assign_vars($template_ary); // Incomplete update? if (phpbb_version_compare($config['version'], PHPBB_VERSION, '<')) diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index 7f36c620f3..89d056f2e1 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -28,7 +28,7 @@ if (!defined('IN_PHPBB')) */ // phpBB Version -@define('PHPBB_VERSION', '3.2.7-dev'); +@define('PHPBB_VERSION', '3.2.8-dev'); // QA-related // define('PHPBB_QA', 1); diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 1d1c9f6f4f..5234c3472d 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2664,6 +2664,9 @@ function login_forum_box($forum_data) page_header($user->lang['LOGIN']); + // Add form token for login box + add_form_key('login', '_LOGIN'); + $template->assign_vars(array( 'FORUM_NAME' => isset($forum_data['forum_name']) ? $forum_data['forum_name'] : '', 'S_LOGIN_ACTION' => build_url(array('f')), @@ -4436,6 +4439,19 @@ function page_header($page_title = '', $display_online_list = false, $item_id = $controller_helper = $phpbb_container->get('controller.helper'); $notification_mark_hash = generate_link_hash('mark_all_notifications_read'); + $s_login_redirect = build_hidden_fields(array('redirect' => $phpbb_path_helper->remove_web_root_path(build_url()))); + /** + * Workaround for missing template variable in pre phpBB 3.2.6 styles. + * @deprecated 3.2.7 (To be removed: 3.3.0-a1) + */ + $form_token_login = $template->retrieve_var('S_FORM_TOKEN_LOGIN'); + if (!empty($form_token_login)) + { + $s_login_redirect .= $form_token_login; + // Remove S_FORM_TOKEN_LOGIN as it's already appended to S_LOGIN_REDIRECT + $template->assign_var('S_FORM_TOKEN_LOGIN', ''); + } + // The following assigns all _common_ variables that may be used at any point in a template. $template->assign_vars(array( 'SITENAME' => $config['sitename'], @@ -4525,7 +4541,7 @@ function page_header($page_title = '', $display_online_list = false, $item_id = 'S_TOPIC_ID' => $topic_id, 'S_LOGIN_ACTION' => ((!defined('ADMIN_START')) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login') : append_sid("{$phpbb_admin_path}index.$phpEx", false, true, $user->session_id)), - 'S_LOGIN_REDIRECT' => build_hidden_fields(array('redirect' => $phpbb_path_helper->remove_web_root_path(build_url()))), + 'S_LOGIN_REDIRECT' => $s_login_redirect, 'S_ENABLE_FEEDS' => ($config['feed_enable']) ? true : false, 'S_ENABLE_FEEDS_OVERALL' => ($config['feed_overall']) ? true : false, diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index 3640f543d9..5b7e0eafd6 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -978,6 +978,30 @@ function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id AND u.user_id = p.poster_id', ); + /** + * Event to modify the SQL query for topic reviews + * + * @event core.topic_review_modify_sql_ary + * @var int topic_id The topic ID that is being reviewed + * @var int forum_id The topic's forum ID + * @var string mode The topic review mode + * @var int cur_post_id Post offset ID + * @var bool show_quote_button Flag indicating if the quote button should be displayed + * @var array post_list Array with the post IDs + * @var array sql_ary Array with the SQL query + * @since 3.2.8-RC1 + */ + $vars = array( + 'topic_id', + 'forum_id', + 'mode', + 'cur_post_id', + 'show_quote_button', + 'post_list', + 'sql_ary', + ); + extract($phpbb_dispatcher->trigger_event('core.topic_review_modify_sql_ary', compact($vars))); + $sql = $db->sql_build_query('SELECT', $sql_ary); $result = $db->sql_query($sql); diff --git a/phpBB/includes/mcp/mcp_ban.php b/phpBB/includes/mcp/mcp_ban.php index 8797f06db8..6f748f5433 100644 --- a/phpBB/includes/mcp/mcp_ban.php +++ b/phpBB/includes/mcp/mcp_ban.php @@ -269,7 +269,7 @@ class mcp_ban } else if ($post_id) { - $post_info = phpbb_get_post_data($post_id, 'm_ban'); + $post_info = phpbb_get_post_data(array($post_id), 'm_ban'); if (count($post_info) && !empty($post_info[$post_id])) { diff --git a/phpBB/includes/mcp/mcp_main.php b/phpBB/includes/mcp/mcp_main.php index c3e3ade160..4bd783b279 100644 --- a/phpBB/includes/mcp/mcp_main.php +++ b/phpBB/includes/mcp/mcp_main.php @@ -378,7 +378,7 @@ function lock_unlock($action, $ids) */ function change_topic_type($action, $topic_ids) { - global $user, $db, $request, $phpbb_log; + global $user, $db, $request, $phpbb_log, $phpbb_dispatcher; switch ($action) { diff --git a/phpBB/includes/ucp/ucp_attachments.php b/phpBB/includes/ucp/ucp_attachments.php index c1b623cd71..7808fed325 100644 --- a/phpBB/includes/ucp/ucp_attachments.php +++ b/phpBB/includes/ucp/ucp_attachments.php @@ -29,7 +29,7 @@ class ucp_attachments function main($id, $mode) { - global $template, $user, $db, $config, $phpEx, $phpbb_root_path, $phpbb_container, $request; + global $template, $user, $db, $config, $phpEx, $phpbb_root_path, $phpbb_container, $request, $auth; $start = $request->variable('start', 0); $sort_key = $request->variable('sk', 'a'); @@ -41,16 +41,27 @@ class ucp_attachments if ($delete && count($delete_ids)) { // Validate $delete_ids... - $sql = 'SELECT attach_id - FROM ' . ATTACHMENTS_TABLE . ' - WHERE poster_id = ' . $user->data['user_id'] . ' - AND is_orphan = 0 - AND ' . $db->sql_in_set('attach_id', $delete_ids); + $sql = 'SELECT a.attach_id, p.post_edit_locked, t.topic_status, f.forum_id, f.forum_status + FROM ' . ATTACHMENTS_TABLE . ' a + LEFT JOIN ' . POSTS_TABLE . ' p + ON (a.post_msg_id = p.post_id AND a.in_message = 0) + LEFT JOIN ' . TOPICS_TABLE . ' t + ON (t.topic_id = p.topic_id AND a.in_message = 0) + LEFT JOIN ' . FORUMS_TABLE . ' f + ON (f.forum_id = t.forum_id AND a.in_message = 0) + WHERE a.poster_id = ' . $user->data['user_id'] . ' + AND a.is_orphan = 0 + AND ' . $db->sql_in_set('a.attach_id', $delete_ids); $result = $db->sql_query($sql); $delete_ids = array(); while ($row = $db->sql_fetchrow($result)) { + if (!$auth->acl_get('m_edit', $row['forum_id']) && ($row['forum_status'] == ITEM_LOCKED || $row['topic_status'] == ITEM_LOCKED || $row['post_edit_locked'])) + { + continue; + } + $delete_ids[] = $row['attach_id']; } $db->sql_freeresult($result); @@ -124,10 +135,12 @@ class ucp_attachments $pagination = $phpbb_container->get('pagination'); $start = $pagination->validate_start($start, $config['topics_per_page'], $num_attachments); - $sql = 'SELECT a.*, t.topic_title, p.message_subject as message_title + $sql = 'SELECT a.*, t.topic_title, pr.message_subject as message_title, p.post_edit_locked, t.topic_status, f.forum_id, f.forum_status FROM ' . ATTACHMENTS_TABLE . ' a + LEFT JOIN ' . POSTS_TABLE . ' p ON (a.post_msg_id = p.post_id AND a.in_message = 0) LEFT JOIN ' . TOPICS_TABLE . ' t ON (a.topic_id = t.topic_id AND a.in_message = 0) - LEFT JOIN ' . PRIVMSGS_TABLE . ' p ON (a.post_msg_id = p.msg_id AND a.in_message = 1) + LEFT JOIN ' . FORUMS_TABLE . ' f ON (f.forum_id = t.forum_id AND a.in_message = 0) + LEFT JOIN ' . PRIVMSGS_TABLE . ' pr ON (a.post_msg_id = pr.msg_id AND a.in_message = 1) WHERE a.poster_id = ' . $user->data['user_id'] . " AND a.is_orphan = 0 ORDER BY $order_by"; @@ -164,6 +177,7 @@ class ucp_attachments 'TOPIC_ID' => $row['topic_id'], 'S_IN_MESSAGE' => $row['in_message'], + 'S_LOCKED' => !$row['in_message'] && !$auth->acl_get('m_edit', $row['forum_id']) && ($row['forum_status'] == ITEM_LOCKED || $row['topic_status'] == ITEM_LOCKED || $row['post_edit_locked']), 'U_VIEW_ATTACHMENT' => append_sid("{$phpbb_root_path}download/file.$phpEx", 'id=' . $row['attach_id']), 'U_VIEW_TOPIC' => $view_topic) diff --git a/phpBB/includes/ucp/ucp_pm_viewfolder.php b/phpBB/includes/ucp/ucp_pm_viewfolder.php index a0b535d683..09e7bf4d7c 100644 --- a/phpBB/includes/ucp/ucp_pm_viewfolder.php +++ b/phpBB/includes/ucp/ucp_pm_viewfolder.php @@ -138,9 +138,9 @@ function view_folder($id, $mode, $folder_id, $folder) $row_indicator = ''; foreach ($color_rows as $var) { - if (($var != 'friend' && $var != 'foe' && $row['pm_' . $var]) + if (($var !== 'friend' && $var !== 'foe' && $row[($var === 'message_reported') ? $var : "pm_{$var}"]) || - (($var == 'friend' || $var == 'foe') && isset(${$var}[$row['author_id']]) && ${$var}[$row['author_id']])) + (($var === 'friend' || $var === 'foe') && isset(${$var}[$row['author_id']]) && ${$var}[$row['author_id']])) { $row_indicator = $var; break; diff --git a/phpBB/install/convertors/convert_phpbb20.php b/phpBB/install/convertors/convert_phpbb20.php index a77e767a8c..230b999c87 100644 --- a/phpBB/install/convertors/convert_phpbb20.php +++ b/phpBB/install/convertors/convert_phpbb20.php @@ -38,7 +38,7 @@ $dbms = $phpbb_config_php_file->convert_30_dbms_to_31($dbms); $convertor_data = array( 'forum_name' => 'phpBB 2.0.x', 'version' => '1.0.3', - 'phpbb_version' => '3.2.6', + 'phpbb_version' => '3.2.7', 'author' => '<a href="https://www.phpbb.com/">phpBB Limited</a>', 'dbms' => $dbms, 'dbhost' => $dbhost, diff --git a/phpBB/install/phpbbcli.php b/phpBB/install/phpbbcli.php index f8683d8f0f..217f1dfbd4 100755 --- a/phpBB/install/phpbbcli.php +++ b/phpBB/install/phpbbcli.php @@ -23,7 +23,7 @@ if (php_sapi_name() !== 'cli') define('IN_PHPBB', true); define('IN_INSTALL', true); define('PHPBB_ENVIRONMENT', 'production'); -define('PHPBB_VERSION', '3.2.6'); +define('PHPBB_VERSION', '3.2.7'); $phpbb_root_path = __DIR__ . '/../'; $phpEx = substr(strrchr(__FILE__, '.'), 1); diff --git a/phpBB/install/schemas/schema_data.sql b/phpBB/install/schemas/schema_data.sql index a9538afe47..71000e64d7 100644 --- a/phpBB/install/schemas/schema_data.sql +++ b/phpBB/install/schemas/schema_data.sql @@ -279,7 +279,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('tpl_allow_php', '0 INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_icons_path', 'images/upload_icons'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_path', 'files'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('use_system_cron', '0'); -INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.2.7-dev'); +INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.2.8-dev'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_expire_days', '90'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_gc', '14400'); diff --git a/phpBB/language/en/acp/board.php b/phpBB/language/en/acp/board.php index 9b45ffa45b..378dd3fc38 100644 --- a/phpBB/language/en/acp/board.php +++ b/phpBB/language/en/acp/board.php @@ -44,7 +44,7 @@ $lang = array_merge($lang, array( 'BOARD_STYLE' => 'Board style', 'CUSTOM_DATEFORMAT' => 'Custom…', 'DEFAULT_DATE_FORMAT' => 'Date format', - 'DEFAULT_DATE_FORMAT_EXPLAIN' => 'The date format is the same as the PHP <code>date</code> function.', + 'DEFAULT_DATE_FORMAT_EXPLAIN' => 'The date format is the same as the PHP <code><a href="https://secure.php.net/manual/function.date.php">date()</a></code> function.', 'DEFAULT_LANGUAGE' => 'Default language', 'DEFAULT_STYLE' => 'Default style', 'DEFAULT_STYLE_EXPLAIN' => 'The default style for new users.', diff --git a/phpBB/language/en/ucp.php b/phpBB/language/en/ucp.php index 2622fb57b7..8549230b9f 100644 --- a/phpBB/language/en/ucp.php +++ b/phpBB/language/en/ucp.php @@ -89,6 +89,7 @@ $lang = array_merge($lang, array( 'ATTACHMENTS_EXPLAIN' => 'This is a list of attachments you have made in posts to this board.', 'ATTACHMENTS_DELETED' => 'Attachments successfully deleted.', 'ATTACHMENT_DELETED' => 'Attachment successfully deleted.', + 'ATTACHMENT_LOCKED' => 'This topic is locked, you cannot delete the attachment.', 'AUTOLOGIN_SESSION_KEYS_DELETED'=> 'The selected "Remember Me" login keys were successfully deleted.', 'AVATAR_CATEGORY' => 'Category', 'AVATAR_DRIVER_GRAVATAR_TITLE' => 'Gravatar', @@ -115,7 +116,7 @@ $lang = array_merge($lang, array( 'BIRTHDAY' => 'Birthday', 'BIRTHDAY_EXPLAIN' => 'Setting a year will list your age when it is your birthday.', 'BOARD_DATE_FORMAT' => 'My date format', - 'BOARD_DATE_FORMAT_EXPLAIN' => 'The syntax used is identical to the PHP <a href="http://www.php.net/date">date()</a> function.', + 'BOARD_DATE_FORMAT_EXPLAIN' => 'The syntax used is identical to the PHP <a href="https://secure.php.net/manual/function.date.php">date()</a> function.', 'BOARD_LANGUAGE' => 'My language', 'BOARD_STYLE' => 'My board style', 'BOARD_TIMEZONE' => 'My timezone', diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 93419d2915..1a3083d42e 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -264,7 +264,7 @@ class oauth extends \phpbb\auth\provider\base } // Retrieve the user's account - $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type, user_login_attempts + $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_ip, user_type, user_login_attempts FROM ' . $this->users_table . ' WHERE user_id = ' . (int) $row['user_id']; $result = $this->db->sql_query($sql); @@ -423,7 +423,7 @@ class oauth extends \phpbb\auth\provider\base if ($credentials['key'] && $credentials['secret']) { $actual_name = str_replace('auth.provider.oauth.service.', '', $service_name); - $redirect_url = build_url(false) . '&login=external&oauth_service=' . $actual_name; + $redirect_url = generate_board_url() . '/ucp.' . $this->php_ext . '?mode=login&login=external&oauth_service=' . $actual_name; $login_data['BLOCK_VARS'][$service_name] = array( 'REDIRECT_URL' => redirect($redirect_url, true), 'SERVICE_NAME' => $this->user->lang['AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name)], diff --git a/phpBB/phpbb/db/migration/data/v32x/timezone_p3.php b/phpBB/phpbb/db/migration/data/v32x/timezone_p3.php new file mode 100644 index 0000000000..433f62ace9 --- /dev/null +++ b/phpBB/phpbb/db/migration/data/v32x/timezone_p3.php @@ -0,0 +1,29 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb\db\migration\data\v32x; + +class timezone_p3 extends \phpbb\db\migration\migration +{ + static public function depends_on() + { + return array('\phpbb\db\migration\data\v310\timezone'); + } + + public function update_data() + { + return array( + array('config.remove', array('board_dst')), + ); + } +} diff --git a/phpBB/phpbb/db/migration/data/v32x/v327.php b/phpBB/phpbb/db/migration/data/v32x/v327.php new file mode 100644 index 0000000000..f9ea11f4b9 --- /dev/null +++ b/phpBB/phpbb/db/migration/data/v32x/v327.php @@ -0,0 +1,37 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb\db\migration\data\v32x; + +class v327 extends \phpbb\db\migration\migration +{ + public function effectively_installed() + { + return phpbb_version_compare($this->config['version'], '3.2.7', '>='); + } + + static public function depends_on() + { + return array( + '\phpbb\db\migration\data\v32x\v327rc1', + ); + + } + + public function update_data() + { + return array( + array('config.update', array('version', '3.2.7')), + ); + } +} diff --git a/phpBB/phpbb/db/migration/data/v32x/v327rc1.php b/phpBB/phpbb/db/migration/data/v32x/v327rc1.php new file mode 100644 index 0000000000..c8169105af --- /dev/null +++ b/phpBB/phpbb/db/migration/data/v32x/v327rc1.php @@ -0,0 +1,36 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb\db\migration\data\v32x; + +class v327rc1 extends \phpbb\db\migration\migration +{ + public function effectively_installed() + { + return phpbb_version_compare($this->config['version'], '3.2.7-RC1', '>='); + } + + static public function depends_on() + { + return array( + '\phpbb\db\migration\data\v32x\v326', + ); + } + + public function update_data() + { + return array( + array('config.update', array('version', '3.2.7-RC1')), + ); + } +} diff --git a/phpBB/phpbb/db/tools/tools.php b/phpBB/phpbb/db/tools/tools.php index d21d34b8a9..c3352a1f66 100644 --- a/phpBB/phpbb/db/tools/tools.php +++ b/phpBB/phpbb/db/tools/tools.php @@ -576,7 +576,7 @@ class tools implements tools_interface { foreach ($indexes as $index_name) { - if (!$this->sql_index_exists($table, $index_name)) + if (!$this->sql_index_exists($table, $index_name) && !$this->sql_unique_index_exists($table, $index_name)) { continue; } diff --git a/phpBB/phpbb/textformatter/s9e/link_helper.php b/phpBB/phpbb/textformatter/s9e/link_helper.php index 1e113b6449..483794a83e 100644 --- a/phpBB/phpbb/textformatter/s9e/link_helper.php +++ b/phpBB/phpbb/textformatter/s9e/link_helper.php @@ -60,8 +60,10 @@ class link_helper $length = $end - $start; $text = substr($parser->getText(), $start, $length); - // Create a tag that consumes the link's text - $parser->addSelfClosingTag('LINK_TEXT', $start, $length)->setAttribute('text', $text); + // Create a tag that consumes the link's text and make it depends on this tag + $link_text_tag = $parser->addSelfClosingTag('LINK_TEXT', $start, $length); + $link_text_tag->setAttribute('text', $text); + $tag->cascadeInvalidationTo($link_text_tag); } /** diff --git a/phpBB/styles/prosilver/style.cfg b/phpBB/styles/prosilver/style.cfg index 062074204d..4485b17945 100644 --- a/phpBB/styles/prosilver/style.cfg +++ b/phpBB/styles/prosilver/style.cfg @@ -21,8 +21,8 @@ # General Information about this style name = prosilver copyright = © phpBB Limited, 2007 -style_version = 3.2.6 -phpbb_version = 3.2.6 +style_version = 3.2.7 +phpbb_version = 3.2.7 # Defining a different template bitfield # template_bitfield = //g= diff --git a/phpBB/styles/prosilver/template/login_forum.html b/phpBB/styles/prosilver/template/login_forum.html index 7fa9736a96..c5c36d4564 100644 --- a/phpBB/styles/prosilver/template/login_forum.html +++ b/phpBB/styles/prosilver/template/login_forum.html @@ -25,6 +25,7 @@ <dd><input type="password" tabindex="1" id="password" name="password" size="25" class="inputbox narrow" autocomplete="off" /></dd> </dl> {S_LOGIN_REDIRECT} + {S_FORM_TOKEN_LOGIN} <dl> <dt> </dt> <dd>{S_HIDDEN_FIELDS}<input type="submit" name="login" id="login" class="button1" value="{L_LOGIN}" tabindex="2" /></dd> diff --git a/phpBB/styles/prosilver/template/posting_review.html b/phpBB/styles/prosilver/template/posting_review.html index 1304046b23..033a88485e 100644 --- a/phpBB/styles/prosilver/template/posting_review.html +++ b/phpBB/styles/prosilver/template/posting_review.html @@ -22,7 +22,7 @@ <i class="icon fa-file fa-fw icon-lightgray icon-md" aria-hidden="true"></i><span class="sr-only">{post_review_row.MINI_POST}</span> </a> <!-- ENDIF --> - {L_POST_BY_AUTHOR}<strong> {post_review_row.POST_AUTHOR_FULL}</strong> » {post_review_row.POST_DATE} + {L_POST_BY_AUTHOR} <!-- EVENT posting_review_row_post_author_username_prepend --><strong>{post_review_row.POST_AUTHOR_FULL}</strong><!-- EVENT posting_review_row_post_author_username_append --> » {post_review_row.POST_DATE} </p> <div class="content">{post_review_row.MESSAGE}</div> diff --git a/phpBB/styles/prosilver/template/posting_topic_review.html b/phpBB/styles/prosilver/template/posting_topic_review.html index 93c4484ff8..8faece3447 100644 --- a/phpBB/styles/prosilver/template/posting_topic_review.html +++ b/phpBB/styles/prosilver/template/posting_topic_review.html @@ -54,7 +54,7 @@ <i class="icon fa-file fa-fw icon-lightgray icon-md" aria-hidden="true"></i><span class="sr-only">{topic_review_row.MINI_POST}</span> </a> <!-- ENDIF --> - {L_POST_BY_AUTHOR} <strong>{topic_review_row.POST_AUTHOR_FULL}</strong> » {topic_review_row.POST_DATE} + {L_POST_BY_AUTHOR} <!-- EVENT posting_topic_review_row_post_author_username_prepend --><strong>{topic_review_row.POST_AUTHOR_FULL}</strong><!-- EVENT posting_topic_review_row_post_author_username_append --> » {topic_review_row.POST_DATE} </p> <!-- EVENT posting_topic_review_row_post_details_after --> diff --git a/phpBB/styles/prosilver/template/ucp_agreement.html b/phpBB/styles/prosilver/template/ucp_agreement.html index ace65254d7..d4fef9f0a5 100644 --- a/phpBB/styles/prosilver/template/ucp_agreement.html +++ b/phpBB/styles/prosilver/template/ucp_agreement.html @@ -62,8 +62,6 @@ <div class="content"> <h2 class="sitename-title">{SITENAME} - {AGREEMENT_TITLE}</h2> <p>{AGREEMENT_TEXT}</p> - <hr class="dashed" /> - <p><a href="{U_BACK}" class="button2">{L_BACK}</a></p> </div> </div> </div> diff --git a/phpBB/styles/prosilver/template/ucp_attachments.html b/phpBB/styles/prosilver/template/ucp_attachments.html index 696f621116..cfdbf9c7ea 100644 --- a/phpBB/styles/prosilver/template/ucp_attachments.html +++ b/phpBB/styles/prosilver/template/ucp_attachments.html @@ -44,7 +44,7 @@ </dt> <dd class="extra">{attachrow.DOWNLOAD_COUNT}</dd> <dd class="time"><span>{attachrow.POST_TIME}</span></dd> - <dd class="mark"><input type="checkbox" name="attachment[{attachrow.ATTACH_ID}]" value="1" /></dd> + <dd class="mark"><input type="checkbox" name="attachment[{attachrow.ATTACH_ID}]" value="1"{% if attachrow.S_LOCKED %} disabled title="{{ lang('ATTACHMENT_LOCKED') }}"{% endif %} /></dd> </dl> </li> <!-- END attachrow --> diff --git a/phpBB/styles/prosilver/template/ucp_pm_history.html b/phpBB/styles/prosilver/template/ucp_pm_history.html index 6362a0b824..b53eb0c7ec 100644 --- a/phpBB/styles/prosilver/template/ucp_pm_history.html +++ b/phpBB/styles/prosilver/template/ucp_pm_history.html @@ -36,7 +36,7 @@ <p class="author"> <span><i class="icon fa-file fa-fw icon-lightgray icon-md" aria-hidden="true"></i><span class="sr-only">{history_row.MINI_POST}</span></span> {L_SENT_AT}{L_COLON} <strong>{history_row.SENT_DATE}</strong> <br /> - {L_MESSAGE_BY_AUTHOR} {history_row.MESSAGE_AUTHOR_FULL} + {L_MESSAGE_BY_AUTHOR} <!-- EVENT ucp_pm_history_row_message_author_username_prepend -->{history_row.MESSAGE_AUTHOR_FULL}<!-- EVENT ucp_pm_history_row_message_author_username_append --> </p> <div class="content"><!-- IF history_row.MESSAGE -->{history_row.MESSAGE}<!-- ELSE --><span class="error">{L_MESSAGE_REMOVED_FROM_OUTBOX}</span><!-- ENDIF --></div> <div id="message_{history_row.MSG_ID}" style="display: none;">{history_row.DECODED_MESSAGE}</div> @@ -54,4 +54,3 @@ <i class="icon fa-chevron-circle-up fa-fw icon-gray" aria-hidden="true"></i><span>{L_BACK_TO_TOP}</span> </a> </p> - diff --git a/phpBB/styles/prosilver/template/viewforum_body.html b/phpBB/styles/prosilver/template/viewforum_body.html index 045f801ce5..d7099f387f 100644 --- a/phpBB/styles/prosilver/template/viewforum_body.html +++ b/phpBB/styles/prosilver/template/viewforum_body.html @@ -114,6 +114,7 @@ <dd><input type="submit" name="login" tabindex="5" value="{L_LOGIN}" class="button1" /></dd> </dl> {S_LOGIN_REDIRECT} + {S_FORM_TOKEN_LOGIN} </fieldset> </div> diff --git a/phpBB/viewforum.php b/phpBB/viewforum.php index 72c96e2d2d..5525a0d462 100644 --- a/phpBB/viewforum.php +++ b/phpBB/viewforum.php @@ -198,6 +198,9 @@ if (!($forum_data['forum_type'] == FORUM_POST || (($forum_data['forum_flags'] & // We also make this circumstance available to the template in case we want to display a notice. ;) if (!$auth->acl_gets('f_read', 'f_list_topics', $forum_id)) { + // Add form token for login box + add_form_key('login', '_LOGIN'); + $template->assign_vars(array( 'S_NO_READ_ACCESS' => true, )); diff --git a/tests/test_framework/phpbb_ui_test_case.php b/tests/test_framework/phpbb_ui_test_case.php index 7b950a7d5d..e76c8cd159 100644 --- a/tests/test_framework/phpbb_ui_test_case.php +++ b/tests/test_framework/phpbb_ui_test_case.php @@ -79,12 +79,12 @@ class phpbb_ui_test_case extends phpbb_test_case } try { - $capabilities = DesiredCapabilities::firefox(); + $capabilities = DesiredCapabilities::chrome(); self::$webDriver = RemoteWebDriver::create( self::$host . ':' . self::$port, $capabilities, - 60 * 1000, // 60 seconds connection timeout - 60 * 1000 // 60 seconds request timeout + 30 * 1000, // 30 seconds connection timeout + 30 * 1000 // 30 seconds request timeout ); } catch (WebDriverCurlException $e) { self::markTestSkipped('PhantomJS webserver is not running.'); diff --git a/tests/text_formatter/s9e/default_formatting_test.php b/tests/text_formatter/s9e/default_formatting_test.php index 05a41c5095..a35c9138a5 100644 --- a/tests/text_formatter/s9e/default_formatting_test.php +++ b/tests/text_formatter/s9e/default_formatting_test.php @@ -254,6 +254,10 @@ class phpbb_textformatter_s9e_default_formatting_test extends phpbb_test_case '<a href="http://example.org/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" class="postlink">xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</a>' ), array( + '[url=http://example.org/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx]http://example.org/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx[/url]', + '<a href="http://example.org/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" class="postlink">http://example.org/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</a>' + ), + array( '[quote="[url=http://example.org]xxx[/url]"]...[/quote]', '<blockquote><div><cite><a href="http://example.org" class="postlink">xxx</a> wrote:</cite>...</div></blockquote>' ), diff --git a/tests/text_processing/tickets_data/PHPBB3-16053.html b/tests/text_processing/tickets_data/PHPBB3-16053.html new file mode 100644 index 0000000000..af70ddf7eb --- /dev/null +++ b/tests/text_processing/tickets_data/PHPBB3-16053.html @@ -0,0 +1 @@ +<a href="http://ea117.com" alt="Test">Test</a>
\ No newline at end of file diff --git a/tests/text_processing/tickets_data/PHPBB3-16053.txt b/tests/text_processing/tickets_data/PHPBB3-16053.txt new file mode 100644 index 0000000000..c786665eb9 --- /dev/null +++ b/tests/text_processing/tickets_data/PHPBB3-16053.txt @@ -0,0 +1 @@ +[test=http://ea117.com]Test[/test]
\ No newline at end of file diff --git a/tests/text_processing/tickets_data/PHPBB3-16053.xml b/tests/text_processing/tickets_data/PHPBB3-16053.xml new file mode 100644 index 0000000000..25f7c9e34e --- /dev/null +++ b/tests/text_processing/tickets_data/PHPBB3-16053.xml @@ -0,0 +1,28 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<dataset> + <table name="phpbb_bbcodes"> + <column>bbcode_id</column> + <column>bbcode_tag</column> + <column>bbcode_helpline</column> + <column>display_on_posting</column> + <column>bbcode_match</column> + <column>bbcode_tpl</column> + <column>first_pass_match</column> + <column>first_pass_replace</column> + <column>second_pass_match</column> + <column>second_pass_replace</column> + + <row> + <value>13</value> + <value>test</value> + <value></value> + <value>1</value> + <value>[test={URL}]{TEXT}[/test]</value> + <value><![CDATA[<a href="{URL}" alt="{TEXT}">{TEXT}</a>]]></value> + <value>((?!))</value> + <value></value> + <value>((?!))</value> + <value></value> + </row> + </table> +</dataset> |